Subject: Problems with postfix in -current (2006/12/16)
To: None <firstname.lastname@example.org>
From: Paulo Alexandre Pinto Pires <email@example.com>
Date: 12/17/2006 03:27:59
I updated my amd64 box with -current today (2006/12/16). As soon as I boot=
with a new kernel (before building userland), my good-old postfix+uucp setu=
started to fail with messages being delivered but never leaving the uucp=20
spool directory. I tracked the problem down to Postfix, that was exiting=20
with non-zero exit code.
With some ktrussing and poking with source code, I found that the call to=20
setrlimit() in util/open_limit.c, which is used by postdrop, was failing wi=
EPERM, as we can see below (including the debug messages I added to=20
pappires@mateus:/tmp : ls -l | mail -v -s Teste10 firstname.lastname@example.org
after getrlimit(): euid=3D1001, egid=3D11, limit=3D256, rl.rlim_max=3D177=
before setrlimit(): limit=3D256, rl.rlim_max=3D1772, rl.rlim_cur=3D256
setrlimit() failed: Operation not permitted.
postdrop: fatal: unable to determine open file limit
sendmail: warning: premature end-of-input on /usr/sbin/postdrop -r while=
reading input attribute name
sendmail: fatal: pappires(1001): queue file write error
I could not understand why the code failed, since it is not pushing beyond =
hard limit. I was even more puzzled by the fact that when I copied the cod=
from open_limit() to a new program, compiled it and ran it, it ran OK. =20
However, if I set the setgid bit in the separate program (to have it look=20
more like postdrop), it no longer runs.
So I now know why it fails, but I don't understand the reason why a setgid=
program cannot call setrlimit() in that way. If there is a good reason, at=
least postfix should be fixed to comply with it.
=2E.. Qui habet aurem audiat quid Spiritus dicat ecclesiis.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (NetBSD)
-----END PGP SIGNATURE-----