On Thursday, May 29, 2003, at 07:31 AM, DARCY,MATTHEW
I'm not sure about vqadmin, but I know that qmailadmin needs to have
the suid and sgid bits set.

Try running `chmod ug+s vqadmin` and giving it another try.
How do you start qmail-smtpd? You need to have it start with the user
and group id of vpopmail. If you're using a setup like
/service/qmail-smtpd/run, then your run script should look something
like this:

#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`/usr/bin/head -1 /var/qmail/control/me`
export DENYMAIL="DNSCHECK"
export QMAILQUEUE='/var/qmail/bin/qmail-spamc'
export PATH="/var/qmail/bin:$PATH"
/usr/bin/spamd -a -c -d -u qmailq
exec /usr/local/bin/softlimit -m 6000000 \
/usr/local/bin/tcpserver -H -R -l "$LOCAL" \
-x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
/var/qmail/bin/qmail-smtpd $LOCAL \
/home/vpopmail/bin/vchkpw /bin/true 2>&1

Don't copy mine exactly, but take a look at the QMAILDUID and
NOFILESGID lines at the top, and the -u and -g options to tcpserver.

--
Tom Collins
***@tomlogic.com

Try to change from /bin/false to /bin/bash see if it works???

Good luck,

-- Remo Mattei --cell 801-209-8554
http://www.italy1.com
Freelance Networking-Security/Consultant
MCSE, MCP, MCP+I, MCT
Linux Trainer & Firewall Development

Interesting though, don't think it's the problem though as /bin/false is for
an intereactive shell, and vpopmail does not need a shell to login. Also
other domains are not having this problem



Good try though.



Matt.





-----Original Message-----
From: Remo Mattei [mailto:remo-dated-***@italy1.com]
Sent: 29 May 2003 16:38
To: DARCY,MATTHEW (HP-UnitedKingdom,ex2); '***@inter7.com'
Subject: Re: [vchkpw] Unable_to_switch_to_/home/vpopmail/domains -



Try to change from /bin/false to /bin/bash see if it works???

Good luck,

-- Remo Mattei --cell 801-209-8554
http://www.italy1.com
Freelance Networking-Security/Consultant
MCSE, MCP, MCP+I, MCT
Linux Trainer & Firewall Development
***@italy1.com



From: "DARCY,MATTHEW (HP-UnitedKingdom,ex2)" <***@hp.com>
Date: Thu, 29 May 2003 15:31:12 +0100
To: "'***@inter7.com'" <***@inter7.com>
Subject: [vchkpw] Unable_to_switch_to_/home/vpopmail/domains -



Hello all,



I am having the usual problem of Unable_to_switch_to_/home/vpopmail/domains
in a vchkpw/qmail install





The problem is not as straight forward is it would seem though



I'll paint a picture





Linux from Scratch test server

qmail

Mysql 4.0

Vpopmail (using mysql auth)

Sqwebmail

Vqadmin

Qmailadmin





I have had this test server running for a while with no problems, serving so
low volume mail traffic for some friends. My vchkpw user and groups are
vpopmail:vchkpw



If you look in my password file they tie in to groups 89:89

vpopmail:x:89:89:Vpopmail:/home/vpopmail:/bin/false

vchkpw:x:89:



This problem certainly appears to be vchkpw complaining but it could have
something to do with vqadmin too so I'll also explain a problem with that (I
am not asking you to fix this problem but if you can great - I am more
interested in the vchkpw problem)





Every time I create a domain using vqadmin I get a permissions problem
(look at problem.com)



[***@jordan /var/log/qmail]# ls -la /home/vpopmail/domains/

total 36

drwx------ 9 vpopmail vchkpw 4096 May 29 15:26 .

drwxr-xr-x 8 vpopmail vchkpw 4096 Apr 14 18:00 ..

drwx------ 3 vpopmail vchkpw 4096 Apr 23 13:24 aspectevents.co.uk

drwx------ 6 vpopmail vchkpw 4096 Apr 25 10:41 mdlan.co.uk

drwx------ 4 vpopmail vchkpw 4096 May 21 21:18
parsonsmotorsport.co.uk

drwx------ 3 1012 108 4096 May 29 15:26 problem.com

drwx------ 6 vpopmail vchkpw 4096 Apr 30 15:38 projecthugo.co.uk

drwx------ 4 vpopmail vchkpw 4096 Apr 25 15:15 sfproject.co.uk

drwx------ 3 vpopmail vchkpw 4096 May 25 13:52 vqadmin.com



and before you ask yes when I built vqadmin I set the user and group flags
to vpopmail:vckpw and it reported groups 89:89 so it had the right user
details - I had no idea why it is doing this.





To get around this I chown -R vpopmail:vchkpw problem.com





This is what happened with the domain parsonsmotorsport.co.uk



I created it using vqadmin then chowned it as a temp fix while I was looking
into the problem



The permissions on the domain and the directories for that domain seem fine



ls -lRt /home/vpopmail/domains/parsonsmotorsport.co.uk/

/home/vpopmail/domains/parsonsmotorsport.co.uk/:

total 8

drwx------ 3 vpopmail vchkpw 4096 May 21 16:12 robin

drwx------ 3 vpopmail vchkpw 4096 May 21 16:09 postmaster



/home/vpopmail/domains/parsonsmotorsport.co.uk/robin:

total 4

drwx------ 5 vpopmail vchkpw 4096 May 21 16:12 Maildir



/home/vpopmail/domains/parsonsmotorsport.co.uk/robin/Maildir:

total 12

drwx------ 2 vpopmail vchkpw 4096 May 21 16:12 cur

drwx------ 2 vpopmail vchkpw 4096 May 21 16:12 new

drwx------ 2 vpopmail vchkpw 4096 May 21 16:12 tmp



/home/vpopmail/domains/parsonsmotorsport.co.uk/robin/Maildir/cur:

total 0



/home/vpopmail/domains/parsonsmotorsport.co.uk/robin/Maildir/new:

total 0



/home/vpopmail/domains/parsonsmotorsport.co.uk/robin/Maildir/tmp:

total 0



/home/vpopmail/domains/parsonsmotorsport.co.uk/postmaster:

total 4

drwx------ 5 vpopmail vchkpw 4096 May 21 16:15 Maildir



/home/vpopmail/domains/parsonsmotorsport.co.uk/postmaster/Maildir:

total 12

drwx------ 2 vpopmail vchkpw 4096 May 21 16:09 cur

drwx------ 2 vpopmail vchkpw 4096 May 21 16:09 new

drwx------ 2 vpopmail vchkpw 4096 May 21 16:09 tmp



/home/vpopmail/domains/parsonsmotorsport.co.uk/postmaster/Maildir/cur:

total 0



/home/vpopmail/domains/parsonsmotorsport.co.uk/postmaster/Maildir/new:

total 0



/home/vpopmail/domains/parsonsmotorsport.co.uk/postmaster/Maildir/tmp:

total 0





when I send a mail to ***@parsonsmotorsport.co.uk the server recives it



[***@jordan /var/log/qmail]# qmailctl queue

messages in queue: 1

messages in queue but not yet preprocessed: 0

29 May 2003 13:57:05 GMT #160467 2166 <***@hp.com>

local parsonsmotorsport.co.uk-***@parsonsmotorsport.co.uk



when I look in the qmail log I see



@400000003ed617fc28c74714 delivery 877: deferral:
Unable_to_switch_to_/home/vpopmail/domains/parsonsmotorsport.co.uk:_access_d
enied._(#4.3.0)/



I don't understand why this would be denied. The archives of this list
suggest this is normally a permissions problem, yet I am happy that the
permissions are right.



Any comment ?



Thanks,



Matt.

Hi Tom,

Thanks for the input.

I think you are confusing my configuration a little.

Qmailadmin doesn't need the suid and sgid bit set, neither does vchkpw
(vchkpw is the application having the problem)

If you look at the other domains in my directory, they are working %100 fine
(I used vchkpw command line to create them)

Also according to the lifewithqmail.org site, qmail-smtpd should be run as
root. I am running qmail-smtpd as root.

Again I don't think this to be the problem as the other domains are working,
I think it is more that vqadmin is creating "problem" domains and my
chowning to the correct uid and gid is not enough to allow vchkpw to work.

Thanks,

Matt.


-----Original Message-----
From: Tom Collins [mailto:***@tomlogic.com]
Sent: 29 May 2003 16:32
To: vpopmail list
Subject: Re: [vchkpw] Unable_to_switch_to_/home/vpopmail/domains -

On Thursday, May 29, 2003, at 07:31 AM, DARCY,MATTHEW
I'm not sure about vqadmin, but I know that qmailadmin needs to have
the suid and sgid bits set.

Try running `chmod ug+s vqadmin` and giving it another try.
How do you start qmail-smtpd? You need to have it start with the user
and group id of vpopmail. If you're using a setup like
/service/qmail-smtpd/run, then your run script should look something
like this:

#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
LOCAL=`/usr/bin/head -1 /var/qmail/control/me`
export DENYMAIL="DNSCHECK"
export QMAILQUEUE='/var/qmail/bin/qmail-spamc'
export PATH="/var/qmail/bin:$PATH"
/usr/bin/spamd -a -c -d -u qmailq
exec /usr/local/bin/softlimit -m 6000000 \
/usr/local/bin/tcpserver -H -R -l "$LOCAL" \
-x /home/vpopmail/etc/tcp.smtp.cdb -c "$MAXSMTPD" \
-u "$QMAILDUID" -g "$NOFILESGID" 0 smtp \
/var/qmail/bin/qmail-smtpd $LOCAL \
/home/vpopmail/bin/vchkpw /bin/true 2>&1

Don't copy mine exactly, but take a look at the QMAILDUID and
NOFILESGID lines at the top, and the -u and -g options to tcpserver.

--
Tom Collins
***@tomlogic.com

Another good suggestion,

I found /var/qmail/users/assign and shock horror the uid and gid where the
same as when vqadmin created them 1012:108 - so spot on ! the problem is how
vqadmin is creating the domains and obviously now, just chowning the domains
is not enough.

Great job !

Thanks,

Matt.


-----Original Message-----
From: Rick Macdougall [mailto:***@nougen.com]
Sent: 29 May 2003 17:02
To: DARCY,MATTHEW (HP-UnitedKingdom,ex2)
Cc: 'Tom Collins'; vpopmail list
Subject: Re: [vchkpw] Unable_to_switch_to_/home/vpopmail/domains -

Hi,

Check the uid and gid of the domain in question in the /var/qmail/assign
file.

Regards,

Rick
fine
working,

Damn,

Apologies all,

Looks like I spoke to soon, this change appears to have made no difference,

I still get the error

@400000003ed639b71f3f5de4 delivery 1: deferral:
Unable_to_switch_to_/home/vpopmail/domains/parsonsmotorsport.co.uk:_access_d
enied._(#4.3.0)/
@400000003ed639b71f407b0c status: local 0/10 remote 0/20


Great try, I thought that had fixed it.

Any other suggestions.

Matt.


-----Original Message-----
From: DARCY,MATTHEW (HP-UnitedKingdom,ex2) [mailto:***@hp.com]
Sent: 29 May 2003 17:10
To: 'Rick Macdougall'
Cc: vpopmail list
Subject: RE: [vchkpw] Unable_to_switch_to_/home/vpopmail/domains -

Another good suggestion,

I found /var/qmail/users/assign and shock horror the uid and gid where the
same as when vqadmin created them 1012:108 - so spot on ! the problem is how
vqadmin is creating the domains and obviously now, just chowning the domains
is not enough.

Great job !

Thanks,

Matt.


-----Original Message-----
From: Rick Macdougall [mailto:***@nougen.com]
Sent: 29 May 2003 17:02
To: DARCY,MATTHEW (HP-UnitedKingdom,ex2)
Cc: 'Tom Collins'; vpopmail list
Subject: Re: [vchkpw] Unable_to_switch_to_/home/vpopmail/domains -

Hi,

Check the uid and gid of the domain in question in the /var/qmail/assign
file.

Regards,

Rick
fine
working,