Can't compile virtualuser.db

Posted on 2004-04-18
Last Modified: 2013-12-17

When I try to start sendmail I get this error:

ns1:/etc/mail # service sendmail restart
Shutting down sendmail: [  OK  ]
Shutting down sm-client: [  OK  ]
Starting sendmail: makemap: error opening type hash map virtusertable.db: Permission denied
make: *** [virtusertable.db] Error 73
[  OK  ]
Starting sm-client: [  OK  ]

How can I fix this?  If I run make from the command line trying to use DBM I get:

makemap: Need to recompile with -DNDBM for dbm support

How can I fix this?  Thanks.

Question by:ingenito
  • 7
  • 5
LVL 40

Expert Comment

ID: 10856619
Typically the command to build the virtusertable map from the flat file would be:

makemap hash /etc/mail/virtusertable >/etc/mail/virtusertable

Is that what you tried?

Also does 'ls -l /etc/mail/virtusertable return results like:

-rw-r--r--    1 root     root        48929 Apr 17 21:00 /etc/mail/virtusertable
-rw-r-----    1 cyrus    root        81920 Apr 17 21:00 /etc/mail/virtusertable.db

Author Comment

ID: 10859752

When I run the makemap command I get this error:

ns1:/etc/mail # makemap hash /etc/mail/virtusertable >/etc/mail/virtusertable2
makemap: error opening type hash map /etc/mail/virtusertable: Permission denied

The permissions on the files look like this:

ns1:/etc/mail # dir virtuser*    
-rw-r--r--    1 smmsp    mail            0 Apr 16 14:27 virtusertable
-rw-r--r--    1 smmsp    mail        12288 Sep 24  2003 virtusertable.db

LVL 40

Expert Comment

ID: 10861368
That sort of sounds like a problem with makemap or Berkely DB.

I'm going to guess that this is a RedHat system or something similar. Accordingly I'd like to know what 'rpm --verify sendmail' shows. Assuming it is a recent version I'd also like to know what rpm --verify db4' shows.
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.


Author Comment

ID: 10861823
Here you go:

ns1:/etc/mail # rpm --verify sendmail
SM5..UGT c /etc/aliases
.M...UG.   /etc/mail
.....UG. c /etc/mail/Makefile
.....UG. c /etc/mail/access
.....UG. c /etc/mail/domaintable
.....UG. c /etc/mail/helpfile
S.5..UGT c /etc/mail/local-host-names
.....UG. c /etc/mail/mailertable
S.5....T c /etc/mail/
S.5..UGT c /etc/mail/
SM5..UGT c /etc/mail/statistics
SM5..UGT c /etc/mail/
.....UG. c /etc/mail/
.....UG. c /etc/mail/trusted-users
.....UGT c /etc/mail/virtusertable
.M......   /usr/sbin/sendmail.sendmail
.M...U..   /var/spool/mqueue
ns1:/etc/mail # rpm --verify db4
ns1:/etc/mail #

Looks like db4 is a problem. Can I install this through up2date?  Thanks

Author Comment

ID: 10862136
I tried this as well:

ns1:/etc/mail # up2date --install db4

Fetching package list for channel: redhat-linux-i386-9...

Fetching Obsoletes list for channel: redhat-linux-i386-9...

Fetching rpm headers...

The following packages you requested are already updated:
LVL 40

Expert Comment

ID: 10862307
That all looks okay, except that the change in mode for /usr/sbin/sendmail.sendmail and the change in mode/user for /var/spool/mqueue are supicious. Could I see what 'ls -l /usr/sbin/sendmail.sendmail' and 'ls -ld /var/spool/mqueue' shows?

Also I'd like to see what happens if you execute '/usr/bin/makemap hash /etc/mail/virtusertable >/etc/mail/virtusertable'. Type that command in exactly and if it succeeds  I'd like to know what 'type makemap' shows.

Author Comment

ID: 10862912
ns1:/etc # ls -l /usr/sbin/sendmail.sendmail
-r-sr-sr-x    1 root     smmsp      663232 Sep 17  2003 /usr/sbin/sendmail.sendmail
ns1:/etc # ls -ld /var/spool/mqueue
drwxrwx---    2 smmsp    mail        45056 Apr 19 15:10 /var/spool/mqueue
ns1:/etc # /usr/bin/makemap hash /etc/mail/virtusertable >/etc/mail/virtusertable
makemap: error opening type hash map /etc/mail/virtusertable: Permission denied

LVL 40

Expert Comment

ID: 10863592
Those are unsafe permissions for sendmail and it should look like:

-rwxr-sr-x    1 root     smmsp      733888 Sep 18  2003 /usr/sbin/sendmail.sendmail

In a like manner the perms on /var/spool/mqueue should look like:

drwx------    2 root     mail         4096 Apr 19 04:02 /var/spool/mqueue/

The question now is how did they get like that?

What does 'ldd /usr/bin/makemap | grep libdb' show?

Author Comment

ID: 10863834
Well those permissions were my fault.  I was trying to make sendmail not run as root.  Is it safe to have sendmail running as root?  Anyway, that is the reason for the wierd permissions, I will change them.  Here is the result of the ldd command:

ns1:/etc/mail # ldd /usr/bin/makemap | grep libdb => /lib/ (0x4001a000)

Thanks for your patience.  I am semi-new to linux.  Been with Windows all my life.
LVL 40

Accepted Solution

jlevie earned 125 total points
ID: 10864790
Sendmail 8.12 is safe to run as root and must do so to be able to deliver mail to a user's inbox. The risk in prior versions of sendmail was in invoking sendmail directly to send mail form accounts or applications on the system. That risk has been eliminated in 8.12 with the separation of the Mail Transport Agent (MTA) and Message Submission Program (MSP) functions. There's now a separate process the (MSP) that applications and local users employ to send mail.

The permoissions and ownership need to be returned to what they were orginally. That can be done by comparing what you have now with a stock system, or by simply re-installing Sendmail.

Author Comment

ID: 10868786

I changed those permissions to the same that you have.  Thanks.  Have you any idea about the makemap problem?

Author Comment

ID: 10872823

I seemed to have fixed the problem by making my /etc/mail directory look like this:

ns1:/etc/mail # dir
total 388
drwxr-xr-x    2 smmsp    mail         4096 Apr 20 16:49 .

So now it is group and other readable and execuatble.  Once I changed this I was able to compile the hash virtusertable.

Thanks for your help jlevie.

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Nearly six years ago I was hired by a company to be their senior server engineer. One of my first projects was to implement Exchange Server 2007 on a Windows Server 2008 Single Copy Cluster for high availability. That was the easy part; read on to l…
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question