tech-pkg: DBERROR: dbenv->open '/var/imap/db' failed: Permission denied

Subject: DBERROR: dbenv->open '/var/imap/db' failed: Permission denied
To: None <tech-pkg@netbsd.org>
From: Jukka Salmi <j+nbsd@2006.salmi.ch>
List: tech-pkg
Date: 01/29/2006 20:17:14

Hello,

I'm using current pkgsrc on a NetBSD/i386 2.1_STABLE system. Some days
ago I upgraded all packages to their latest versions. Amongst other
packages databases/db4 was upgraded (from 4.3.29 to 4.4.16). After
restarting cyrus-imapd (2.2.12nb3), I was getting the (almost expected)
`DBERROR: critical database situation' error and needed to manually
fix the problem. After this everything worked fine again, except that
running /etc/daily from cron produced

Jan 29 02:56:00 grouper ctl_cyrusdb[4030]: checkpointing cyrus databases
Jan 29 02:56:00 grouper ctl_cyrusdb[4030]: done checkpointing cyrus databases
Jan 29 02:16:31 grouper ctl_mboxlist[20760]: DBERROR X3^F^H: db4
Jan 29 02:16:31 grouper ctl_mboxlist[20760]: DBERROR: dbenv->open '/var/imap/db' failed: Permission denied
Jan 29 02:16:31 grouper ctl_mboxlist[20760]: DBERROR: init() on berkeley
Jan 29 03:16:31 grouper quota[18342]: DBERROR 0/^F^H: db4
Jan 29 03:16:31 grouper quota[18342]: DBERROR: dbenv->open '/var/imap/db' failed: Permission denied
Jan 29 03:16:31 grouper quota[18342]: DBERROR: init() on berkeley
Jan 29 03:26:00 grouper ctl_cyrusdb[20888]: checkpointing cyrus databases
Jan 29 03:26:00 grouper ctl_cyrusdb[20888]: done checkpointing cyrus databases

The source of these DBERRORs are two commands I run from
/etc/daily.local and /etc/security.local:

$ grep quota /etc/daily.local
su -m cyrus -c '/usr/pkg/cyrus/bin/quota'

$ grep ctl_mboxlist /etc/security.local
su -m cyrus -c '/usr/pkg/cyrus/bin/ctl_mboxlist -d' >"${mbxdbbu:?}"

Tracing these commands revealed a __getcwd() failing with EACCESS,
causing the "DBERROR: dbenv->open '/var/imap/db' failed: Permission
denied" message.

The problem is that both /etc/daily and /etc/security set umask to 77,
create a temporary directory in /tmp and then cd to that directory.
The cyrus user which runs the commands above doesn't have any
permissions for the directory he is in... However, I did not see this
behaviour before I upgraded the packages; I suspect some BDB changes
to be the culprits.

So, what is considered the correct solution:

- fix BDB (at least the error message should probably be changed...)
- cd to e.g. /tmp before running the commands in /etc/{daily,security}.local
- ?


Comments are welcome.

Regards, Jukka

-- 
bashian roulette:
$ ((RANDOM%6)) || rm -rf ~