Re: Troubles starting fetchmail from init scripts
On 03/19/2010 08:53 PM, Jonathan Ryshpan wrote: On Fri, 2010-03-19 at 14:39 -0700, Craig White wrote: On Fri, 2010-03-19 at 14:08 -0700, Jonathan Ryshpan wrote: On Fri, 2010-03-19 at 15:02 -0500, Steven Stern wrote: On 03/19/2010 02:52 PM, Jonathan Ryshpan wrote: I have a little script to start fetchmail, which is activated in rc.local. It runs perfectly when started from a root login; but it fails when started from rc.local. Here is the info: === Scripts Start === $ more rc.local fetchmail-start :: rc.local :: #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. # Fork a script that will start fetchmail for jonrysh in a few seconds /etc/rc.d/fetchmail-start touch /var/lock/subsys/local :: fetchmail-start :: #!/bin/sh # # Start fetchmail for jonrysh su jonrysh -c 'sleep 5; fetchmail' === Messages Start === Fetchmail emits the following error message and fails: fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied What's happening? How can it be fixed? The perms on /home/jonrysh/.fetchmailrc need to be 600, with ownership given to jonrysh:jonrysh Everything is as you recommend. Note that the scheme works when invoked from a command window running a shell as root, but not from the init script. You could also start it without the su by adding it to your own crontab: @reboot sleep 30 fetchmail Thanks, I'll try this. But I'd still like to know what's the reason for the permission failure when running out of rc.local . SELinux issues? this works for me (in rc.local)... /bin/su - craig -c '/usr/bin/fetchmail' I tried it, and now things are worse than before. The startup script now reads: #!/bin/sh # # Start fetchmail for jonrysh su - jonrysh -c 'sleep 5; fetchmail' Now there's an additional error in boot.log: ... Starting atd: [ OK ] Error opening display! fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied The display did actually start OK after a short delay. It's a mystery to me. Thanks to all - jon Check to see if there are SELinux AVC messages in /var/log/audit/audit.log # grep fetchmail /var/log/audit/audit.log Also instead of using su, use runuser (Same thing except runuser does not use the pam stack.) -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Troubles starting fetchmail from init scripts
My startup script and configuration.
I make it.
On Sat, 20 Mar 2010 06:01:19 -0400, Daniel J Walsh dwa...@redhat.com
wrote:
On 03/19/2010 08:53 PM, Jonathan Ryshpan wrote:
On Fri, 2010-03-19 at 14:39 -0700, Craig White wrote:
On Fri, 2010-03-19 at 14:08 -0700, Jonathan Ryshpan wrote:
On Fri, 2010-03-19 at 15:02 -0500, Steven Stern wrote:
On 03/19/2010 02:52 PM, Jonathan Ryshpan wrote:
I have a little script to start fetchmail, which is activated in
rc.local. It runs perfectly when started from a root login; but it
fails when started from rc.local.
Here is the info:
=== Scripts Start
===
$ more rc.local fetchmail-start
::
rc.local
::
#!/bin/sh
#
# This script will be executed *after* all the other init
scripts.
# You can put your own initialization stuff in here if you
don't
# want to do the full Sys V style init stuff.
# Fork a script that will start fetchmail for jonrysh in a
few seconds
/etc/rc.d/fetchmail-start
touch /var/lock/subsys/local
::
fetchmail-start
::
#!/bin/sh
#
# Start fetchmail for jonrysh
su jonrysh -c 'sleep 5; fetchmail'
=== Messages Start
===
Fetchmail emits the following error message and fails:
fetchmail: open: /home/jonrysh/.fetchmailrc: Permission
denied
What's happening? How can it be fixed?
The perms on /home/jonrysh/.fetchmailrc need to be 600, with
ownership
given to jonrysh:jonrysh
Everything is as you recommend. Note that the scheme works when
invoked
from a command window running a shell as root, but not from the init
script.
You could also start it without the su by adding it to your own
crontab:
@reboot sleep 30 fetchmail
Thanks, I'll try this. But I'd still like to know what's the reason
for
the permission failure when running out of rc.local . SELinux
issues?
this works for me (in rc.local)...
/bin/su - craig -c '/usr/bin/fetchmail'
I tried it, and now things are worse than before. The startup script
now reads:
#!/bin/sh
#
# Start fetchmail for jonrysh
su - jonrysh -c 'sleep 5; fetchmail'
Now there's an additional error in boot.log:
...
Starting atd: [
OK ]
Error opening display!
fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied
The display did actually start OK after a short delay. It's a mystery
to me.
Thanks to all - jon
Check to see if there are SELinux AVC messages in
/var/log/audit/audit.log
# grep fetchmail /var/log/audit/audit.log
Also instead of using su, use runuser (Same thing except runuser does
not use the pam stack.)
--
Sergio Augusto Vladisauskis
- Oportunix IT Services Brasil - ME
- Site: http://www.oportunix.com.br
- Fone: +55 11 4221 8163
- Móvel: +55 11 8017 5065
- Skype: sergiovl-work
- Registered Linux User: 305281
#!/bin/sh
#
# chkconfig: 235 91 10
# description: Starts and stops the fetchmail daemon used to retrieve mail \
# via various protocols (such as POP3 and IMAP4).
#
# config: /etc/fetchmailrc
#
### BEGIN INIT INFO
# Provides: fetchmail
# Required-Start: $network
# Required-Stop: $network
# Default-Start: 3 4 5
# Short-Description: The fetchmail mail retrieving daemon
# Description: Starts and stops the fetchmail daemon used to retrieve mail \
# via various protocols (such as POP3 and IMAP4).
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ $NETWORKING = no ] exit 0
# Source fetchmail configuration.
if [ -s /etc/sysconfig/fetchmail ]; then
. /etc/sysconfig/fetchmail
else
echo Configuration file not found
exit 0
fi
CONFFILE=/etc/fetchmailrc
HOMEDIR=/var/run/fetchmail
PIDFILE=$HOMEDIR/.fetchmail.pid
UIDL=$HOMEDIR/.fetchmail-UIDL-cache
OPTIONS=-s -d ${POLL:-180} -f $CONFFILE --pidfile $PIDFILE
RETVAL=0
# Check that fetchmailrc exists.
[ -s $CONFFILE ] || exit 0
# Check that group exists
if ! grep -qs $USER /etc/group; then
echo Adding $USER group
groupadd -g 200 $USER
fi
# Check that user exists.
if ! grep -qs $USER /etc/passwd; then
echo Adding $USER user
useradd -u 200 -g $USER -d $HOMEDIR -s /sbin/nologin $USER
fi
# create uidl cache file
if ! grep -qs idfile $CONFFILE [ -d $HOMEDIR ]; then
OPTIONS=$OPTIONS -i $UIDL
touch $UIDL
chown -h $USER $UIDL
chmod 0600 $UIDL
fi
# See how we were called.
case $1 in
start)
if [ ! -f
Re: Troubles starting fetchmail from init scripts
On 03/19/2010 02:52 PM, Jonathan Ryshpan wrote: I have a little script to start fetchmail, which is activated in rc.local. It runs perfectly when started from a root login; but it fails when started from rc.local. Here is the info: === Scripts Start === $ more rc.local fetchmail-start :: rc.local :: #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. # Fork a script that will start fetchmail for jonrysh in a few seconds /etc/rc.d/fetchmail-start touch /var/lock/subsys/local :: fetchmail-start :: #!/bin/sh # # Start fetchmail for jonrysh su jonrysh -c 'sleep 5; fetchmail' === Messages Start === Fetchmail emits the following error message and fails: fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied What's happening? How can it be fixed? Thanks - jon The perms on /home/jonrysh/.fetchmailrc need to be 600, with ownership given to johrysh:johnrysh You could also start it without the su by adding it to your own crontab: @reboot sleep 30 fetchmail -- -- Steve -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Troubles starting fetchmail from init scripts
On Fri, 2010-03-19 at 15:02 -0500, Steven Stern wrote: On 03/19/2010 02:52 PM, Jonathan Ryshpan wrote: I have a little script to start fetchmail, which is activated in rc.local. It runs perfectly when started from a root login; but it fails when started from rc.local. Here is the info: === Scripts Start === $ more rc.local fetchmail-start :: rc.local :: #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. # Fork a script that will start fetchmail for jonrysh in a few seconds /etc/rc.d/fetchmail-start touch /var/lock/subsys/local :: fetchmail-start :: #!/bin/sh # # Start fetchmail for jonrysh su jonrysh -c 'sleep 5; fetchmail' === Messages Start === Fetchmail emits the following error message and fails: fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied What's happening? How can it be fixed? The perms on /home/jonrysh/.fetchmailrc need to be 600, with ownership given to jonrysh:jonrysh Everything is as you recommend. Note that the scheme works when invoked from a command window running a shell as root, but not from the init script. You could also start it without the su by adding it to your own crontab: @reboot sleep 30 fetchmail Thanks, I'll try this. But I'd still like to know what's the reason for the permission failure when running out of rc.local . SELinux issues? Thanks - jon -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Troubles starting fetchmail from init scripts
On Fri, 2010-03-19 at 14:08 -0700, Jonathan Ryshpan wrote: On Fri, 2010-03-19 at 15:02 -0500, Steven Stern wrote: On 03/19/2010 02:52 PM, Jonathan Ryshpan wrote: I have a little script to start fetchmail, which is activated in rc.local. It runs perfectly when started from a root login; but it fails when started from rc.local. Here is the info: === Scripts Start === $ more rc.local fetchmail-start :: rc.local :: #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. # Fork a script that will start fetchmail for jonrysh in a few seconds /etc/rc.d/fetchmail-start touch /var/lock/subsys/local :: fetchmail-start :: #!/bin/sh # # Start fetchmail for jonrysh su jonrysh -c 'sleep 5; fetchmail' === Messages Start === Fetchmail emits the following error message and fails: fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied What's happening? How can it be fixed? The perms on /home/jonrysh/.fetchmailrc need to be 600, with ownership given to jonrysh:jonrysh Everything is as you recommend. Note that the scheme works when invoked from a command window running a shell as root, but not from the init script. You could also start it without the su by adding it to your own crontab: @reboot sleep 30 fetchmail Thanks, I'll try this. But I'd still like to know what's the reason for the permission failure when running out of rc.local . SELinux issues? this works for me (in rc.local)... /bin/su - craig -c '/usr/bin/fetchmail' Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Troubles starting fetchmail from init scripts
On Fri, 2010-03-19 at 14:39 -0700, Craig White wrote: On Fri, 2010-03-19 at 14:08 -0700, Jonathan Ryshpan wrote: On Fri, 2010-03-19 at 15:02 -0500, Steven Stern wrote: On 03/19/2010 02:52 PM, Jonathan Ryshpan wrote: I have a little script to start fetchmail, which is activated in rc.local. It runs perfectly when started from a root login; but it fails when started from rc.local. Here is the info: === Scripts Start === $ more rc.local fetchmail-start :: rc.local :: #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. # Fork a script that will start fetchmail for jonrysh in a few seconds /etc/rc.d/fetchmail-start touch /var/lock/subsys/local :: fetchmail-start :: #!/bin/sh # # Start fetchmail for jonrysh su jonrysh -c 'sleep 5; fetchmail' === Messages Start === Fetchmail emits the following error message and fails: fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied What's happening? How can it be fixed? The perms on /home/jonrysh/.fetchmailrc need to be 600, with ownership given to jonrysh:jonrysh Everything is as you recommend. Note that the scheme works when invoked from a command window running a shell as root, but not from the init script. You could also start it without the su by adding it to your own crontab: @reboot sleep 30 fetchmail Thanks, I'll try this. But I'd still like to know what's the reason for the permission failure when running out of rc.local . SELinux issues? this works for me (in rc.local)... /bin/su - craig -c '/usr/bin/fetchmail' I tried it, and now things are worse than before. The startup script now reads: #!/bin/sh # # Start fetchmail for jonrysh su - jonrysh -c 'sleep 5; fetchmail' Now there's an additional error in boot.log: ... Starting atd: [ OK ] Error opening display! fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied The display did actually start OK after a short delay. It's a mystery to me. Thanks to all - jon -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Troubles starting fetchmail from init scripts
On Fri, 2010-03-19 at 15:02 -0500, Steven Stern wrote: You could also start it without the su by adding it to your own crontab: @reboot sleep 5 fetchmail This works fine, and looks like the right way to do it. No need to mess with the startup scripts. Thanks again - jon -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
