[vox-tech] mail problems with debian

vox-tech@lists.lugod.org vox-tech@lists.lugod.org
Sat, 16 Nov 2002 16:58:29 -0500 

On Sat, Nov 16, 2002 at 01:24:01PM -0800, Peter Jay Salzman wrote:
>    p@satan% telnet belial.ucdavis.edu 25
>    Trying 169.237.43.86...
>    Connected to belial.ucdavis.edu.
>    Escape character is '^]'.
>    Connection closed by foreign host.
>    p@satan%
> 
> so that's why mail stopped working.   next i looked at inetd.conf:
> 
>    smtp       stream tcp nowait    mail /usr/sbin/exim  exim -bs

this line is correct.

  if you replace the command to run with /bin/false you should see the
same telnet behavior as you included above.


> i'm no expert at inetd.conf, but this looks good to my untrained eyes.
> next i looked at the log files:
> 
>    Nov 16 13:12:58 belial inetd[335]: execv /usr/sbin/exim: Permission denied
>    Nov 16 13:13:04 belial inetd[341]: execv /usr/sbin/exim: Permission denied
>    Nov 16 13:14:19 belial inetd[371]: execv /usr/sbin/exim: Permission denied

  it appears that inetd is unable to run /usr/sbin/exim.  the permission
denied message is from execv inside inetd... if you change the inetd.conf line
to run /etc/passwd you should get a similar problem.

Nov 16 13:51:40 salomon inetd[779]: execv /etc/motd: Permission denied

> apparently, exim is trying to do something it doesn't have permission to
> do.  like bind to a port.   however:

  inetd is the service logging the error.

> belial# ll /usr/sbin/exim
> -rwsr-xr-x    1 root     root       471144 Sep 20 10:34 /usr/sbin/exim*

  The permissions you show above are correct, but the size and timestamp
I have locally doesn't match a stable woody exim.  Try doing things like

salomon:/etc# file /usr/sbin/exim
  /usr/sbin/exim: setuid ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), stripped
salomon:/etc# /usr/sbin/exim
  exim: neither action flags nor mail addresses given
salomon:/etc# debsums exim | grep -v OK$

  ... to make sure the binary there is actually executable.


> i'm running out of ideas.  help?

  it's unlikely but if inetd is running in some sort of jail (which I don't
thing debian inetd does out of the box) then it may be running a completely
different exim binary from the one your ls shows.

  If exim checks out I would recommend starting with a strace on your 
inetd process...

    Let us know what you find,
      Mike