Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Thread

mkstemp greylist.db permission, greylist dies

mkstemp greylist.db permission, greylist dies

2006-10-12 by Jeff A. Earickson

Hi,

I am new to milter-greylist, attempting to deploy it,
and it dies with:

milter-greylist: [ID 653641 mail.error] mkstemp("/var/milter-greylist/greylist.db-XXiTa40g") failed: Permission denied

after about five minutes of running successfully.

My setup: Solaris 10, sendmail 8.13.8, Berkeley DB 4.4, milter-greylist
3.0rc4 compiled with gcc 4.1.0, no SPF, drac, or other add-ons.
I configure like so:

./configure --prefix=/opt/milter-greylist --with-db=/opt/BerkeleyDB \
--mandir=/usr/local/man --with-user=smmsp

Here is what the /var/milter-greylist directory looks like:

% ls -ld /var/milter-greylist
drwxr-xr-x   2 nobody   smmsp        512 Oct 12 13:27 /var/milter-greylist
% ls -laR /var/milter-greylist
/var/milter-greylist:
total 4
drwxr-xr-x   2 nobody   smmsp        512 Oct 12 13:27 .
drwxr-xr-x  33 root     sys          512 Oct 11 15:29 ..
-rw-rw-r--   1 smmsp    smmsp          0 Oct 12 13:25 greylist.db
srwxr-xr-x   1 smmsp    smmsp          0 Oct 12 13:27 milter-greylist.sock

I originally created /var/milter-greylist as owner "smmsp" but 
it seems to have changed it to "nobody" at the time of the mkstemp.
What should the owner and permissions of /var/milter-greylist be?
What am I doing wrong?

Jeff Earickson
Colby College

:

Re: [milter-greylist] mkstemp greylist.db permission, greylist dies

2006-10-13 by Oliver Fromme

Jeff A. Earickson wrote:
 > it dies with:
 > 
 > milter-greylist: [ID 653641 mail.error] mkstemp("/var/milter-greylist/greylist.db-XXiTa40g") failed: Permission denied
 > 
 > after about five minutes of running successfully.

That's probably the first time it tries to save its database.

 > ./configure --prefix=/opt/milter-greylist --with-db=/opt/BerkeleyDB \
 > --mandir=/usr/local/man --with-user=smmsp

So your milter-greylist process is running as user "smmsp".

 > % ls -ld /var/milter-greylist
 > drwxr-xr-x   2 nobody   smmsp        512 Oct 12 13:27 /var/milter-greylist

But the directory is owned by nobody, so the user cannot
write to it, hence it dies.  The milter-greylist process
requires write access to the directory.

 > I originally created /var/milter-greylist as owner "smmsp" but 
 > it seems to have changed it to "nobody" at the time of the mkstemp.

That's unlikely.  The milter-greylist process cannot change
ownership of anything, because it's not running as root.

 > What should the owner and permissions of /var/milter-greylist be?

It should be sufficient to make the directory group-writable
(i.e. "chmod g+w /var/milter-greylist").  Either that, or
change the owner to smmsp (that's what I usually do).  Well,
or run milter-greylist as root, but I assume you don't want
that (it's not a good idea).

Best regards
   Oliver

-- 
Oliver Fromme,  secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.

"[...]  one observation we can make here is that Python makes
an excellent pseudocoding language, with the wonderful attribute
that it can actually be executed."  --  Bruce Eckel

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.