Solved

Can't compile virtualuser.db

Posted on 2004-04-18
12
2,383 Views
Last Modified: 2013-12-17
Hello,

When I try to start sendmail I get this error:

ns1:/etc/mail # service sendmail restart
Shutting down sendmail: [  OK  ]
Shutting down sm-client: [  OK  ]
Starting sendmail: makemap: error opening type hash map virtusertable.db: Permission denied
make: *** [virtusertable.db] Error 73
[  OK  ]
Starting sm-client: [  OK  ]

How can I fix this?  If I run make from the command line trying to use DBM I get:

makemap: Need to recompile with -DNDBM for dbm support

How can I fix this?  Thanks.


0
Comment
Question by:ingenito
  • 7
  • 5
12 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 10856619
Typically the command to build the virtusertable map from the flat file would be:

makemap hash /etc/mail/virtusertable >/etc/mail/virtusertable

Is that what you tried?

Also does 'ls -l /etc/mail/virtusertable return results like:

-rw-r--r--    1 root     root        48929 Apr 17 21:00 /etc/mail/virtusertable
-rw-r-----    1 cyrus    root        81920 Apr 17 21:00 /etc/mail/virtusertable.db
0
 

Author Comment

by:ingenito
ID: 10859752
jlevie,

When I run the makemap command I get this error:

ns1:/etc/mail # makemap hash /etc/mail/virtusertable >/etc/mail/virtusertable2
makemap: error opening type hash map /etc/mail/virtusertable: Permission denied

The permissions on the files look like this:

ns1:/etc/mail # dir virtuser*    
-rw-r--r--    1 smmsp    mail            0 Apr 16 14:27 virtusertable
-rw-r--r--    1 smmsp    mail        12288 Sep 24  2003 virtusertable.db

Thanks.
0
 
LVL 40

Expert Comment

by:jlevie
ID: 10861368
That sort of sounds like a problem with makemap or Berkely DB.

I'm going to guess that this is a RedHat system or something similar. Accordingly I'd like to know what 'rpm --verify sendmail' shows. Assuming it is a recent version I'd also like to know what rpm --verify db4' shows.
0
 

Author Comment

by:ingenito
ID: 10861823
Here you go:

ns1:/etc/mail # rpm --verify sendmail
SM5..UGT c /etc/aliases
.M...UG.   /etc/mail
.....UG. c /etc/mail/Makefile
.....UG. c /etc/mail/access
.....UG. c /etc/mail/domaintable
.....UG. c /etc/mail/helpfile
S.5..UGT c /etc/mail/local-host-names
.....UG. c /etc/mail/mailertable
S.5....T c /etc/mail/sendmail.cf
S.5..UGT c /etc/mail/sendmail.mc
SM5..UGT c /etc/mail/statistics
SM5..UGT c /etc/mail/submit.cf
.....UG. c /etc/mail/submit.mc
.....UG. c /etc/mail/trusted-users
.....UGT c /etc/mail/virtusertable
.M......   /usr/sbin/sendmail.sendmail
.M...U..   /var/spool/mqueue
ns1:/etc/mail # rpm --verify db4
ns1:/etc/mail #

Looks like db4 is a problem. Can I install this through up2date?  Thanks
0
 

Author Comment

by:ingenito
ID: 10862136
I tried this as well:

ns1:/etc/mail # up2date --install db4

Fetching package list for channel: redhat-linux-i386-9...
########################################

Fetching Obsoletes list for channel: redhat-linux-i386-9...
########################################

Fetching rpm headers...

The following packages you requested are already updated:
db4
0
 
LVL 40

Expert Comment

by:jlevie
ID: 10862307
That all looks okay, except that the change in mode for /usr/sbin/sendmail.sendmail and the change in mode/user for /var/spool/mqueue are supicious. Could I see what 'ls -l /usr/sbin/sendmail.sendmail' and 'ls -ld /var/spool/mqueue' shows?

Also I'd like to see what happens if you execute '/usr/bin/makemap hash /etc/mail/virtusertable >/etc/mail/virtusertable'. Type that command in exactly and if it succeeds  I'd like to know what 'type makemap' shows.
0
Are your corporate email signatures appalling?

Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

 

Author Comment

by:ingenito
ID: 10862912
ns1:/etc # ls -l /usr/sbin/sendmail.sendmail
-r-sr-sr-x    1 root     smmsp      663232 Sep 17  2003 /usr/sbin/sendmail.sendmail
ns1:/etc # ls -ld /var/spool/mqueue
drwxrwx---    2 smmsp    mail        45056 Apr 19 15:10 /var/spool/mqueue
ns1:/etc # /usr/bin/makemap hash /etc/mail/virtusertable >/etc/mail/virtusertable
makemap: error opening type hash map /etc/mail/virtusertable: Permission denied

0
 
LVL 40

Expert Comment

by:jlevie
ID: 10863592
Those are unsafe permissions for sendmail and it should look like:

-rwxr-sr-x    1 root     smmsp      733888 Sep 18  2003 /usr/sbin/sendmail.sendmail

In a like manner the perms on /var/spool/mqueue should look like:

drwx------    2 root     mail         4096 Apr 19 04:02 /var/spool/mqueue/

The question now is how did they get like that?

What does 'ldd /usr/bin/makemap | grep libdb' show?
0
 

Author Comment

by:ingenito
ID: 10863834
Well those permissions were my fault.  I was trying to make sendmail not run as root.  Is it safe to have sendmail running as root?  Anyway, that is the reason for the wierd permissions, I will change them.  Here is the result of the ldd command:

ns1:/etc/mail # ldd /usr/bin/makemap | grep libdb
        libdb-4.0.so => /lib/libdb-4.0.so (0x4001a000)

Thanks for your patience.  I am semi-new to linux.  Been with Windows all my life.
0
 
LVL 40

Accepted Solution

by:
jlevie earned 125 total points
ID: 10864790
Sendmail 8.12 is safe to run as root and must do so to be able to deliver mail to a user's inbox. The risk in prior versions of sendmail was in invoking sendmail directly to send mail form accounts or applications on the system. That risk has been eliminated in 8.12 with the separation of the Mail Transport Agent (MTA) and Message Submission Program (MSP) functions. There's now a separate process the (MSP) that applications and local users employ to send mail.

The permoissions and ownership need to be returned to what they were orginally. That can be done by comparing what you have now with a stock system, or by simply re-installing Sendmail.
0
 

Author Comment

by:ingenito
ID: 10868786
jlevie,

I changed those permissions to the same that you have.  Thanks.  Have you any idea about the makemap problem?
0
 

Author Comment

by:ingenito
ID: 10872823
jlevie,

I seemed to have fixed the problem by making my /etc/mail directory look like this:

ns1:/etc/mail # dir
total 388
drwxr-xr-x    2 smmsp    mail         4096 Apr 20 16:49 .

So now it is group and other readable and execuatble.  Once I changed this I was able to compile the hash virtusertable.

Thanks for your help jlevie.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Nearly six years ago I was hired by a company to be their senior server engineer. One of my first projects was to implement Exchange Server 2007 on a Windows Server 2008 Single Copy Cluster for high availability. That was the easy part; read on to l…
This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now