Re: Troubles starting fetchmail from init scripts
On 03/19/2010 08:53 PM, Jonathan Ryshpan wrote: On Fri, 2010-03-19 at 14:39 -0700, Craig White wrote: On Fri, 2010-03-19 at 14:08 -0700, Jonathan Ryshpan wrote: On Fri, 2010-03-19 at 15:02 -0500, Steven Stern wrote: On 03/19/2010 02:52 PM, Jonathan Ryshpan wrote: I have a little script to start fetchmail, which is activated in rc.local. It runs perfectly when started from a root login; but it fails when started from rc.local. Here is the info: === Scripts Start === $ more rc.local fetchmail-start :: rc.local :: #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. # Fork a script that will start fetchmail for jonrysh in a few seconds /etc/rc.d/fetchmail-start touch /var/lock/subsys/local :: fetchmail-start :: #!/bin/sh # # Start fetchmail for jonrysh su jonrysh -c 'sleep 5; fetchmail' === Messages Start === Fetchmail emits the following error message and fails: fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied What's happening? How can it be fixed? The perms on /home/jonrysh/.fetchmailrc need to be 600, with ownership given to jonrysh:jonrysh Everything is as you recommend. Note that the scheme works when invoked from a command window running a shell as root, but not from the init script. You could also start it without the su by adding it to your own crontab: @reboot sleep 30 fetchmail Thanks, I'll try this. But I'd still like to know what's the reason for the permission failure when running out of rc.local . SELinux issues? this works for me (in rc.local)... /bin/su - craig -c '/usr/bin/fetchmail' I tried it, and now things are worse than before. The startup script now reads: #!/bin/sh # # Start fetchmail for jonrysh su - jonrysh -c 'sleep 5; fetchmail' Now there's an additional error in boot.log: ... Starting atd: [ OK ] Error opening display! fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied The display did actually start OK after a short delay. It's a mystery to me. Thanks to all - jon Check to see if there are SELinux AVC messages in /var/log/audit/audit.log # grep fetchmail /var/log/audit/audit.log Also instead of using su, use runuser (Same thing except runuser does not use the pam stack.) -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Troubles starting fetchmail from init scripts
My startup script and configuration. I make it. On Sat, 20 Mar 2010 06:01:19 -0400, Daniel J Walsh dwa...@redhat.com wrote: On 03/19/2010 08:53 PM, Jonathan Ryshpan wrote: On Fri, 2010-03-19 at 14:39 -0700, Craig White wrote: On Fri, 2010-03-19 at 14:08 -0700, Jonathan Ryshpan wrote: On Fri, 2010-03-19 at 15:02 -0500, Steven Stern wrote: On 03/19/2010 02:52 PM, Jonathan Ryshpan wrote: I have a little script to start fetchmail, which is activated in rc.local. It runs perfectly when started from a root login; but it fails when started from rc.local. Here is the info: === Scripts Start === $ more rc.local fetchmail-start :: rc.local :: #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. # Fork a script that will start fetchmail for jonrysh in a few seconds /etc/rc.d/fetchmail-start touch /var/lock/subsys/local :: fetchmail-start :: #!/bin/sh # # Start fetchmail for jonrysh su jonrysh -c 'sleep 5; fetchmail' === Messages Start === Fetchmail emits the following error message and fails: fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied What's happening? How can it be fixed? The perms on /home/jonrysh/.fetchmailrc need to be 600, with ownership given to jonrysh:jonrysh Everything is as you recommend. Note that the scheme works when invoked from a command window running a shell as root, but not from the init script. You could also start it without the su by adding it to your own crontab: @reboot sleep 30 fetchmail Thanks, I'll try this. But I'd still like to know what's the reason for the permission failure when running out of rc.local . SELinux issues? this works for me (in rc.local)... /bin/su - craig -c '/usr/bin/fetchmail' I tried it, and now things are worse than before. The startup script now reads: #!/bin/sh # # Start fetchmail for jonrysh su - jonrysh -c 'sleep 5; fetchmail' Now there's an additional error in boot.log: ... Starting atd: [ OK ] Error opening display! fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied The display did actually start OK after a short delay. It's a mystery to me. Thanks to all - jon Check to see if there are SELinux AVC messages in /var/log/audit/audit.log # grep fetchmail /var/log/audit/audit.log Also instead of using su, use runuser (Same thing except runuser does not use the pam stack.) -- Sergio Augusto Vladisauskis - Oportunix IT Services Brasil - ME - Site: http://www.oportunix.com.br - Fone: +55 11 4221 8163 - Móvel: +55 11 8017 5065 - Skype: sergiovl-work - Registered Linux User: 305281 #!/bin/sh # # chkconfig: 235 91 10 # description: Starts and stops the fetchmail daemon used to retrieve mail \ # via various protocols (such as POP3 and IMAP4). # # config: /etc/fetchmailrc # ### BEGIN INIT INFO # Provides: fetchmail # Required-Start: $network # Required-Stop: $network # Default-Start: 3 4 5 # Short-Description: The fetchmail mail retrieving daemon # Description: Starts and stops the fetchmail daemon used to retrieve mail \ # via various protocols (such as POP3 and IMAP4). ### END INIT INFO # Source function library. . /etc/rc.d/init.d/functions # Source networking configuration. . /etc/sysconfig/network # Check that networking is up. [ $NETWORKING = no ] exit 0 # Source fetchmail configuration. if [ -s /etc/sysconfig/fetchmail ]; then . /etc/sysconfig/fetchmail else echo Configuration file not found exit 0 fi CONFFILE=/etc/fetchmailrc HOMEDIR=/var/run/fetchmail PIDFILE=$HOMEDIR/.fetchmail.pid UIDL=$HOMEDIR/.fetchmail-UIDL-cache OPTIONS=-s -d ${POLL:-180} -f $CONFFILE --pidfile $PIDFILE RETVAL=0 # Check that fetchmailrc exists. [ -s $CONFFILE ] || exit 0 # Check that group exists if ! grep -qs $USER /etc/group; then echo Adding $USER group groupadd -g 200 $USER fi # Check that user exists. if ! grep -qs $USER /etc/passwd; then echo Adding $USER user useradd -u 200 -g $USER -d $HOMEDIR -s /sbin/nologin $USER fi # create uidl cache file if ! grep -qs idfile $CONFFILE [ -d $HOMEDIR ]; then OPTIONS=$OPTIONS -i $UIDL touch $UIDL chown -h $USER $UIDL chmod 0600 $UIDL fi # See how we were called. case $1 in start) if [ ! -f
Re: Troubles starting fetchmail from init scripts
On 03/19/2010 02:52 PM, Jonathan Ryshpan wrote: I have a little script to start fetchmail, which is activated in rc.local. It runs perfectly when started from a root login; but it fails when started from rc.local. Here is the info: === Scripts Start === $ more rc.local fetchmail-start :: rc.local :: #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. # Fork a script that will start fetchmail for jonrysh in a few seconds /etc/rc.d/fetchmail-start touch /var/lock/subsys/local :: fetchmail-start :: #!/bin/sh # # Start fetchmail for jonrysh su jonrysh -c 'sleep 5; fetchmail' === Messages Start === Fetchmail emits the following error message and fails: fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied What's happening? How can it be fixed? Thanks - jon The perms on /home/jonrysh/.fetchmailrc need to be 600, with ownership given to johrysh:johnrysh You could also start it without the su by adding it to your own crontab: @reboot sleep 30 fetchmail -- -- Steve -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Troubles starting fetchmail from init scripts
On Fri, 2010-03-19 at 15:02 -0500, Steven Stern wrote: On 03/19/2010 02:52 PM, Jonathan Ryshpan wrote: I have a little script to start fetchmail, which is activated in rc.local. It runs perfectly when started from a root login; but it fails when started from rc.local. Here is the info: === Scripts Start === $ more rc.local fetchmail-start :: rc.local :: #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. # Fork a script that will start fetchmail for jonrysh in a few seconds /etc/rc.d/fetchmail-start touch /var/lock/subsys/local :: fetchmail-start :: #!/bin/sh # # Start fetchmail for jonrysh su jonrysh -c 'sleep 5; fetchmail' === Messages Start === Fetchmail emits the following error message and fails: fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied What's happening? How can it be fixed? The perms on /home/jonrysh/.fetchmailrc need to be 600, with ownership given to jonrysh:jonrysh Everything is as you recommend. Note that the scheme works when invoked from a command window running a shell as root, but not from the init script. You could also start it without the su by adding it to your own crontab: @reboot sleep 30 fetchmail Thanks, I'll try this. But I'd still like to know what's the reason for the permission failure when running out of rc.local . SELinux issues? Thanks - jon -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Troubles starting fetchmail from init scripts
On Fri, 2010-03-19 at 14:08 -0700, Jonathan Ryshpan wrote: On Fri, 2010-03-19 at 15:02 -0500, Steven Stern wrote: On 03/19/2010 02:52 PM, Jonathan Ryshpan wrote: I have a little script to start fetchmail, which is activated in rc.local. It runs perfectly when started from a root login; but it fails when started from rc.local. Here is the info: === Scripts Start === $ more rc.local fetchmail-start :: rc.local :: #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. # Fork a script that will start fetchmail for jonrysh in a few seconds /etc/rc.d/fetchmail-start touch /var/lock/subsys/local :: fetchmail-start :: #!/bin/sh # # Start fetchmail for jonrysh su jonrysh -c 'sleep 5; fetchmail' === Messages Start === Fetchmail emits the following error message and fails: fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied What's happening? How can it be fixed? The perms on /home/jonrysh/.fetchmailrc need to be 600, with ownership given to jonrysh:jonrysh Everything is as you recommend. Note that the scheme works when invoked from a command window running a shell as root, but not from the init script. You could also start it without the su by adding it to your own crontab: @reboot sleep 30 fetchmail Thanks, I'll try this. But I'd still like to know what's the reason for the permission failure when running out of rc.local . SELinux issues? this works for me (in rc.local)... /bin/su - craig -c '/usr/bin/fetchmail' Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Troubles starting fetchmail from init scripts
On Fri, 2010-03-19 at 14:39 -0700, Craig White wrote: On Fri, 2010-03-19 at 14:08 -0700, Jonathan Ryshpan wrote: On Fri, 2010-03-19 at 15:02 -0500, Steven Stern wrote: On 03/19/2010 02:52 PM, Jonathan Ryshpan wrote: I have a little script to start fetchmail, which is activated in rc.local. It runs perfectly when started from a root login; but it fails when started from rc.local. Here is the info: === Scripts Start === $ more rc.local fetchmail-start :: rc.local :: #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. # Fork a script that will start fetchmail for jonrysh in a few seconds /etc/rc.d/fetchmail-start touch /var/lock/subsys/local :: fetchmail-start :: #!/bin/sh # # Start fetchmail for jonrysh su jonrysh -c 'sleep 5; fetchmail' === Messages Start === Fetchmail emits the following error message and fails: fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied What's happening? How can it be fixed? The perms on /home/jonrysh/.fetchmailrc need to be 600, with ownership given to jonrysh:jonrysh Everything is as you recommend. Note that the scheme works when invoked from a command window running a shell as root, but not from the init script. You could also start it without the su by adding it to your own crontab: @reboot sleep 30 fetchmail Thanks, I'll try this. But I'd still like to know what's the reason for the permission failure when running out of rc.local . SELinux issues? this works for me (in rc.local)... /bin/su - craig -c '/usr/bin/fetchmail' I tried it, and now things are worse than before. The startup script now reads: #!/bin/sh # # Start fetchmail for jonrysh su - jonrysh -c 'sleep 5; fetchmail' Now there's an additional error in boot.log: ... Starting atd: [ OK ] Error opening display! fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied The display did actually start OK after a short delay. It's a mystery to me. Thanks to all - jon -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Re: Troubles starting fetchmail from init scripts
On Fri, 2010-03-19 at 15:02 -0500, Steven Stern wrote: You could also start it without the su by adding it to your own crontab: @reboot sleep 5 fetchmail This works fine, and looks like the right way to do it. No need to mess with the startup scripts. Thanks again - jon -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines