Sendmail - need help - boot - filesystem readonly

James Gray james at grayonline.id.au
Mon Jul 10 02:19:12 UTC 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alexander Peters wrote:
> Hello! I have a problem with my configuration of sendmail. When i boot
> my system there comes messages where i dont know what it means and how i
> can stop it. Can someone tell me what it here going on?
> 
> Thanks in advance
> 
> Alexander Peters
> 
> Sat Jul  8 16:26:44 2006:  * Starting basic networking...       ^[[80G
> addr=127.0.0.1,
> Sat Jul  8 16:26:44 2006: /usr/share/sendmail/dynamic: line 160: cannot
> create temp file for here document: Read-only file system
> Sat Jul  8 16:26:44 2006: /usr/share/sendmail/dynamic: line 174: cannot
> create temp file for here document: Read-only file system

- -->8-- SNIPPED -->8--

> Sat Jul  8 16:26:44 2006: Mail Transport Agent: sendmail is not running
> 

You have a few like this (and above):

"Sat Jul  8 16:26:44 2006: Could not open /etc/mail/databases(Read-only
file system), using STDOUT."

Strangely this means exactly what it says: the file system that
/etc/mail/databases is on (usually root - "/") is mounted read only,
*or* the directory hierarchy is read only.

Check /etc/fstab to make sure root ("/") is mounted read+write AND that
the permissions in /etc/mail are sane.  Sendmail is particularly anal
about file system permissions for very good reasons.

The root file system is usually mounted read-only during the initial
boot sequence, before init is invoked switches to whatever run level is
specified in /etc/inittab.  At some point soon after the root file
system is remounted read+write.  Unless you changed this behaviour, it
should be the default.  You can check this by simply running "mount" and
looking for a line like this:
/dev/hda2 on / type ext3 (rw)

"Device" on "mount-point" type "format" ("options")

Now, if sendmail is trying to start before the root file system is
remounted read+write, OR you have specifically changed the root file
system to mount read-only, then sendmail will barf.

Similarly, the /etc/mail directory (on my RedHat sendmail servers) has
the following permissions:
user at host: /etc$ ls -ld mail
drwxr-xr-x  3 root root 4096 Jun  1 16:42 mail

Debian (Ubuntu et al) probably does things a little differently, but you
can see at least the owner of the /etc/mail directory has full (rwx)
permissions.

HTH,

James

PS - mounting root ("/") read-only is a legitimate security precaution.
 However, to do this you really need to make sure you know what you're
doing and modify the init scripts and/or partition layout so as not to
break necessary functionality.  For instance, /tmp is usually on the
root file system, but nearly everything assumes this is world-writeable.
 Making /tmp read-only will break lots of stuff, consequently, when
building a hardened system with read-only root file system, you would
need to move /tmp to it's own partition which is read+write.  Another
example of "usually-on-root" but will break if read-only is /var [1].

[1] I always put /var and /home on their own partitions and usually run
quotas on /tmp etc.  Nothing worse than your system going to its knees
because the root file system is full.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEsbkgwBHpdJO7b9ERAuE+AKDVs20U/kE4PBGG47j9Hf/K2OGwOwCgoeQV
/S1Egm0CllVDsEpoSKTWlR0=
=JPQi
-----END PGP SIGNATURE-----

More information about the kubuntu-users mailing list