Board index Solaris

Strange behavior with shared /var/mail, /bin/mail and secure NFS

Strange behavior with shared /var/mail, /bin/mail and secure NFS

Post by Roland Main » Thu, 18 Nov 1999 04:00:00



Hi !

----

While playing around with secure NFS I found a strage behaviour:
Trying to delete a mail on a client with /var/mail imported from a
server, deleting a mail with /bin/mail fails with the message:
"mail: Cannot open savefile"
Back on the server (where /var/mail is a local filesystem) all works
normal.

The server "master" exports /var/mail like this (etc/dfs/dfstab):
-- snip --
share -F nfs -o sec=dh,rw,root=terror   -d "mail"
/var/mail
-- snip --

Client "terror" imports /var/mail like this:
-- snip --
master:/var/mail          -                       /var/mail
nfs     no      yes     sec=dh,actimeo=0
-- snip --

The NIS+-setup seems to be OK, /etc/hosts and hosts.org_dir NIS+-table
is OK, too.
All users (except root, daemon etc.) have valid NIS+-accounts.

Here comes the /bin/mail chat on the client...
-- snip --


Date: Wed, 17 Nov 1999 03:41:00 +0100 (MET)



Subject: /bin/mail likes this !!
Content-Length: 111

*stuff following...

? d
mail: Cannot open savefile
-- snip --

Any idea what's going wrong here ?

----

Bye,
Roland

--
  __ .  . __


  /O /==\ O\  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
 (;O/ \/ \O;) TEL +49 (0) 641/99-13193 FAX +49 (0) 641/99-41359

 
 
 
Top

Strange behavior with shared /var/mail, /bin/mail and secure NFS

Post by Erich Schreibe » Thu, 18 Nov 1999 04:00:00



> Hi !

> ----

> While playing around with secure NFS I found a strage behaviour:
> Trying to delete a mail on a client with /var/mail imported from a
> server, deleting a mail with /bin/mail fails with the message:
> "mail: Cannot open savefile"
> Back on the server (where /var/mail is a local filesystem) all works
> normal.

Just a guess: there's also an "undelete [messgae number]" command (u
[n])
in mail. To make that work, mail saves deleted messages in /var/tmp in
files called mail<something>, as long as you don't finish it. But:
you have shared /var/mail, but not /var/tmp, so this file can't be
opened.
HTH
--
Erich Schreiber, SBS MP 5 IP                    
Otto-Hahn-Ring 6, Raum 28-592, D-81730 Mnchen

Phone:  ++49-89-636-42733

 
 
 
Top

Strange behavior with shared /var/mail, /bin/mail and secure NFS

Post by Roland Main » Thu, 18 Nov 1999 04:00:00



> > While playing around with secure NFS I found a strage behaviour:
> > Trying to delete a mail on a client with /var/mail imported from a
> > server, deleting a mail with /bin/mail fails with the message:
> > "mail: Cannot open savefile"
> > Back on the server (where /var/mail is a local filesystem) all works
> > normal.

> Just a guess: there's also an "undelete [messgae number]" command (u
> [n])
> in mail. To make that work, mail saves deleted messages in /var/tmp in
> files called mail<something>, as long as you don't finish it. But:
> you have shared /var/mail, but not /var/tmp, so this file can't be
> opened.

Mhhh, this would explain why "dtmail" works and "/bin/mail" not, but...
... I don't see my problem in your explanations. /var/tmp is available
like any other filesystem. AKAIK there should be no difference between
local and remote filesystems.
/bin/mail drops it's temp. files into the local /var/tmp, and on
exit/delete/whatever the files should still be in the local /var/tmp

----

Bye,
Roland

--
  __ .  . __


  /O /==\ O\  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
 (;O/ \/ \O;) TEL +49 (0) 641/99-13193 FAX +49 (0) 641/99-41359

 
 
 
Top

Strange behavior with shared /var/mail, /bin/mail and secure NFS

Post by Marcus Huelte » Thu, 18 Nov 1999 04:00:00


You can find the wrong perm/file/... by truss -fp <pid of /bin/mail>.
There should be a line with an error for an open call.
HTH!

cu marcus



> > > While playing around with secure NFS I found a strage behaviour:
> > > Trying to delete a mail on a client with /var/mail imported from a
> > > server, deleting a mail with /bin/mail fails with the message:
> > > "mail: Cannot open savefile"
> > > Back on the server (where /var/mail is a local filesystem) all works
> > > normal.

> > Just a guess: there's also an "undelete [messgae number]" command (u
> > [n])
> > in mail. To make that work, mail saves deleted messages in /var/tmp in
> > files called mail<something>, as long as you don't finish it. But:
> > you have shared /var/mail, but not /var/tmp, so this file can't be
> > opened.

> Mhhh, this would explain why "dtmail" works and "/bin/mail" not, but...
> ... I don't see my problem in your explanations. /var/tmp is available
> like any other filesystem. AKAIK there should be no difference between
> local and remote filesystems.
> /bin/mail drops it's temp. files into the local /var/tmp, and on
> exit/delete/whatever the files should still be in the local /var/tmp

> ----

> Bye,
> Roland

> --
>   __ .  . __


>   /O /==\ O\  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
>  (;O/ \/ \O;) TEL +49 (0) 641/99-13193 FAX +49 (0) 641/99-41359

 
 
 
Top

Strange behavior with shared /var/mail, /bin/mail and secure NFS

Post by Roland Main » Thu, 18 Nov 1999 04:00:00


Hi !

----


> You can find the wrong perm/file/... by truss -fp <pid of /bin/mail>.
> There should be a line with an error for an open call.

Thanks, but the results are very mysterious:

-- snip --
1897:     *** SGID: rgid/egid/sgid = 10 / 6 / 6  ***
1897: read(0, 0xFF23B100, 1024) (sleeping...)
1897: read(0, " d\n", 1024)    = 2
1897: sigaction(SIGINT, 0xFFBEDFD0, 0xFFBEE050) = 0
1897: sigaction(SIGQUIT, 0xFFBEDFD0, 0xFFBEE050) = 0
1897: sigaction(SIGHUP, 0xFFBEDFD0, 0xFFBEE050) = 0
1897: getpid()     = 1897 [29284]
1897: lstat64("/var/mail/foo_barvRaiTd", 0xFFBED658) Err#2 ENOENT
1897: lstat64("/var/mail/foo_barvRaiTd", 0xFFBED660) Err#2 ENOENT
1897: open("/var/mail/foo_barvRaiTd", O_RDWR|O_CREAT|O_EXCL, 0600) = 5
1897: fstat(5, 0xFFBED670)    = 0
1897: write(5, " 0\0", 2)    = 2
1897: close(5)     = 0
1897: link("/var/mail/foo_barvRaiTd", "/var/mail/foo_bar.lock") = 0
1897: lstat64("/var/mail/foo_barvRaiTd", 0xFFBED578) = 0
1897: unlink("/var/mail/foo_barvRaiTd")  = 0
1897: time()      = 942866476
1897: stat("/var/mail/foo_bar", 0xFFBEE0F0)  = 0
1897: umask(0117)     = 07
1897: open("/var/mail/:saved/foo_bar", O_WRONLY|O_CREAT|O_TRUNC, 0666) Err#13
EACCES
1897: write(2, " m a i l", 4)    = 4
1897: write(2, " :  ", 2)    = 2
1897: write(2, " C a n n o t   o p e n  ".., 20) = 20
1897: write(2, "\n", 1)    = 1
1897: lstat64("/var/mail/foo_bar.lock", 0xFFBEDF38) = 0
1897: unlink("/var/mail/foo_bar.lock")  = 0
1897: llseek(4, 0xFFFFFFFFFFFFFFFF, SEEK_CUR)  = 1152
1897: close(4)     = 0
1897: unlink("/var/tmp/mailuRaiTd")   = 0
1897: open("/dev/zero", O_RDONLY)   = 4
1897: mmap(0x00000000, 8192, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE, 4,
0) = 0xFF360000
1897: close(4)     = 0
1897: llseek(0, 0, SEEK_CUR)    = 653
1897: _exit(2)
-- snip --

Seems that /var/mail/:saved is the source of problem, but why ??!?

Permissions are:
-- snip --
% ls -la /var/mail
total 10
drwxrwxrwt   3 root     mail         512 Nov 17 20:21 .
drwxr-xr-x  26 root     sys          512 Oct 20 20:17 ..
drwxrwxr-x   2 root     mail         512 Nov 17 10:42 :saved
-rw-------   1 foo_bar  mail        1153 Nov 17 20:19 foo_bar
-- snip --

And /var/mail/:saved is empty...

/bin/mail runns setgid(mail), /var/mail/:saved is group-writeable. What?s
going on here... !?!

----

Bye,
Roland

--
  __ .  . __


  /O /==\ O\  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
 (;O/ \/ \O;) TEL +49 (0) 641/99-13193 FAX +49 (0) 641/99-41359

 
 
 
Top

Strange behavior with shared /var/mail, /bin/mail and secure NFS

Post by Roland Main » Fri, 19 Nov 1999 04:00:00


[Please do not send me copies of newsgroup postings !!]


> Perhaps there are multiple definitions for the group mail (ie
> numerically, which I've seen happen in hetrogeneous NFS networks).

No group mail has in both local and NIS+ tables the _same _ definition:
-- snip --
mail::6:root
-- snip --

----

Quote:> Try chmod'ing the /var/mail/:saved directory to 777 then review the
> attributes of the files created beneath that directory.

I'll test this this evening...

----

Bye,
Roland

--
  __ .  . __


  /O /==\ O\  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
 (;O/ \/ \O;) TEL +49 (0) 641/99-13193 FAX +49 (0) 641/99-41359

 
 
 
Top

Strange behavior with shared /var/mail, /bin/mail and secure NFS

Post by Roland Main » Fri, 19 Nov 1999 04:00:00



> > Perhaps there are multiple definitions for the group mail (ie
> > numerically, which I've seen happen in hetrogeneous NFS networks).

> No group mail has in both local and NIS+ tables the _same _ definition:

^^^^^^^^
Should be: "No, group 'mail' has the same definition in both  local and
NIS+ tables".
(Sometimes I should read my postings twice ;-(

----

Bye,
Roland

--
  __ .  . __


  /O /==\ O\  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
 (;O/ \/ \O;) TEL +49 (0) 641/99-13193 FAX +49 (0) 641/99-41359

 
 
 
Top

Strange behavior with shared /var/mail, /bin/mail and secure NFS

Post by Roland Main » Sat, 20 Nov 1999 04:00:00



> > Try chmod'ing the /var/mail/:saved directory to 777 then review the
> > attributes of the files created beneath that directory.

The answer from "mail" is surprising (for me):
-- snip --
? d
mail: Cannot chown savefile
-- snip --

Here comes the matching "truss" output (foo_bar has UID=2001):
-- snip --
19705:  link("/var/mail/foo_barChaiFM", "/var/mail/foo_bar.lock") = 0
19705:  lstat64("/var/mail/foo_barChaiFM", 0xFFBED548)  = 0
19705:  unlink("/var/mail/foo_barChaiFM")               = 0
19705:  time()                                          = 943032646
19705:  stat("/var/mail/foo_bar", 0xFFBEE0C0)           = 0
19705:  umask(0117)                                     = 07
19705:  open("/var/mail/:saved/foo_bar", O_WRONLY|O_CREAT|O_TRUNC, 0666) =
5
19705:  chown("/var/mail/:saved/foo_bar", 2001, 6)      Err#1 EPERM
19705:  write(2, " m a i l", 4)                         = 4
19705:  write(2, " :  ", 2)                             = 2
19705:  write(2, " C a n n o t   c h o w n".., 21)      = 21
19705:  write(2, "\n", 1)                               = 1
19705:  lstat64("/var/mail/foo_bar.lock", 0xFFBEDF08)   = 0
19705:  unlink("/var/mail/foo_bar.lock")                = 0
19705:  llseek(4, 0xFFFFFFFFFFFFF1F8, SEEK_CUR)         = 317
19705:  close(4)                                        = 0
19705:  unlink("/var/tmp/mailBhaiFM")                   = 0
19705:  open("/dev/zero", O_RDONLY)                     = 4
19705:  mmap(0x00000000, 8192, PROT_READ|PROT_WRITE|PROT_EXEC,
MAP_PRIVATE, 4, 0) = 0xFF360000
19705:  close(4)                                        = 0
19705:  llseek(0, 0, SEEK_CUR)                          = 69032
19705:  _exit(2)
-- snip --

----

Bye,
Roland

--
  __ .  . __


  /O /==\ O\  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
 (;O/ \/ \O;) TEL +49 (0) 641/99-13193 FAX +49 (0) 641/99-41359

 
 
 
Top

1. mail folder is in /var/mail or /var/spool/mail

Hi,

        Can anyone tell me where exactly does mail folders sit
in solaris 2.4. Is it /var/spool/mail or /var/mail and
how does pine get to see either one

Thanks
Ashraf

2. signal to notify if socket closes

3. How do I delete mail from mail file /var/mail/su after reading mails

4. MetaFont with Linux (T Disk Series: TeX) Wants Library 'libXt.so.6'

5. /bin/mail chown on /var/mail/username owned by sender?

6. new Linux portal site - for professional Linux developers

7. Strange /usr/bin/mail behavior

8. 2.4.21 parport_serial link order fix, NetMos support

9. odd problem with Solaris 2.3 /usr/ucb/mail and nfs-mounted /var/mail

10. More mail file locking questions (lockf, NFS, /var/spool/mail/*.lock)

11. root mail with shared /var/spool/mail

12. NFS-mounting /var/mail from a SunOS 4 mail server

13. Moving mail from /var/mail to ~/mail?


All times are UTC
Board index