[maildropl] global maildrop log file?

Discussion:

Bob Bernstein

2015-02-17 00:55:33 UTC

I want three users to share a common maildrop logfile.

/etc/maildroprc contains one line:
LOGFILE="/etc/mailfilterlog"

ls -l /etc/mailfilterlog gives:
-rw-rw-r-- 1 root users 0 Feb 16 18:43 mailfilterlog

The $HOME/.mailfilter files begin like this:
DEFAULT="$HOME/mail/inbox"
#logfile "$HOME/.mailfilterlog"
logfile "/etc/mailfilterlog"

Several messages to the users affected arrive, but
/etc/mailfilterlog remains zero length.

Extra credit question: <g>
Where should I look for error messages related to this issue?

Thanks for any insight shared!

--
Bob Bernstein

Sam Varshavchik

2015-02-17 02:17:17 UTC

Permalink

Post by Bob Bernstein
I want three users to share a common maildrop logfile.
LOGFILE="/etc/mailfilterlog"
-rw-rw-r-- 1 root users 0 Feb 16 18:43 mailfilterlog
DEFAULT="$HOME/mail/inbox"
#logfile "$HOME/.mailfilterlog"
logfile "/etc/mailfilterlog"
Several messages to the users affected arrive, but
/etc/mailfilterlog remains zero length.

Are these users members of the "users" group, which is required for write
access to this file?

Post by Bob Bernstein
Extra credit question: <g>
Where should I look for error messages related to this issue?
Thanks for any insight shared!

Presumably, you have configured your mail server to use maildrop to deliver
mail. maildrop will generally report messages to standard error. Therefore,
any error messages will be logged wherever your mail server logs standard
error from mail delivery agents.

However, if maildrop cannot open the log file, maildrop will immediately
terminate after reporting the error, and not deliver the message.

Since you say that your mail was delivered, this suggests that your mail
server is not using maildrop to deliver mail, as you think it is doing.
Check and verify your mail server's configuration.

Bob Bernstein

2015-02-17 05:54:03 UTC

Permalink

Post by Sam Varshavchik
Are these users members of the "users" group, which is required
for write access to this file?

Yes.

There are error messages in /var/log/messages:

"temporary failure. Command output: /usr/bin/maildrop: Unable to
create log file."

I note that this error occurs whether or not the needed logfile is
already there.

I've changed the sought-after "global" logfile to:
"/var/log/maildroplog" where ls -l for that file is:
-rw-rwxr-- 1 root users 0 Feb 16 23:49 maildroplog.

I wonder if I should have a user other than root own that logfile in
/var/log?

If I revert (in $HOME/.mailfilter) to the old logfile assignment
"$HOME/.mailfilterlog" then messages caught in the temporary limbo
are found and delivered.

Thanks,

--
These are not the droids you are looking for.

Sam Varshavchik

2015-02-17 11:59:36 UTC

Permalink

Post by Bob Bernstein

Post by Sam Varshavchik
Are these users members of the "users" group, which is required
for write access to this file?

Yes.
"temporary failure. Command output: /usr/bin/maildrop: Unable to
create log file."
I note that this error occurs whether or not the needed logfile is
already there.
-rw-rwxr-- 1 root users 0 Feb 16 23:49 maildroplog.
I wonder if I should have a user other than root own that logfile in
/var/log?

This shouldn't be complicated to figure out. There's nothing unusual or
bizarre going on here. A process either can or cannot write to a file based
on the file permissions. The file listed above is writable by root, or by
the group "users". If maildrop can't write to it, then its process doesn't
meet either requirement.

The easiest way to see what permissions maildrop runs as is to change
logfile to point to some file in tmp, do a test delivery, and see with which
permissions maildrop is going to create the new log file in /tmp as.

Bob Bernstein

2015-02-17 20:37:55 UTC

Permalink

I think we have achieved escape velocity. <g>

Post by Sam Varshavchik
The easiest way to see what permissions maildrop runs as is to
change logfile to point to some file in tmp, do a test delivery,
and see with which permissions maildrop is going to create the new
log file in /tmp as.

That produced in /tmp:

-rw------- 1 bob mail 1932 Feb 17 14:16 maildroplog

I added all three users to the mail group and did a chmod g+rw and
now this appears to be working as desired i.e. "globally," one log
file recording three users' mail traffic. (poobah being of course
another of the three users):

-rw-rw---- 1 poobah mail 1891 Feb 17 15:21 maildroplog

One caveat for anyone who cares to trod this way: convince yourself
completely that new group memberships REALLY now belong to the users
you are working with! Hint: sometimes a login is not a login.

Thank you again,

--
These are not the droids you are looking for.