Mailserver error after /var/vmail/ rsync between 2 servers

Discussion in 'Server Operation' started by SwOsHiE, Nov 22, 2011.

  1. SwOsHiE

    SwOsHiE New Member

    Hello!

    I've succesfully installed a rsync setup for wwwroot replication using this guide:

    http://www.howtoforge.com/mirroring_with_rsync

    But when it came to doing this for /var/vmail/ the script at [6] did something that messed up the mailserver, I cannot login and the server is not responding anymore :confused:. I forgot to modify the parts in the script, I only modified the path and server information.

    What could be wrong? What is it in the /var/vmail/ folder that is sensetive and messes up the mailserver?

    I tried to uninstall dovecot and then install it again and did a ISPconfig3 Update to reconfigure all services but nothing else and then deleted all the mail accounts (I have about 5 right now) and then added them again, but with no resaults!?

    Best regards,
    Mattias
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Which error messages do you get in the mail log file?
     
  3. SwOsHiE

    SwOsHiE New Member

    Nov 22 18:36:06 btsv02 dovecot: imap-login: Login: user=<user@domain.com>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
    Nov 22 18:36:06 btsv02 dovecot: dovecot: Fatal: chdir(/var/vmail/domain.com/user/) failed: Permission denied (euid=5000(vmail) egid=5000(vmail) missing +x perm: /var/vmail/domain.com)
    Nov 22 18:36:06 btsv02 dovecot: dovecot: child 25352 (imap) returned error 89 (Fatal failure)

    Looks like the folders got some other permission?!
     
  4. nbhadauria

    nbhadauria New Member

    check permission of /var/vmail/domain.com/user/ it should have vmail.vmail..

    can you post the output of ..

    ls -ld /var/vmail/domain.com/user/ /var/vmail/domain.com/ /var/vmail/
     
    Last edited: Nov 22, 2011
  5. SwOsHiE

    SwOsHiE New Member

    drwx------ 3 vmail vmail 4096 21 nov 22.13 /var/vmail/domain.com/user/


    drwx------ 4 root root 4096 21 nov 22.13 /var/vmail/domain/


    drwxr-xr-x 6 5016 vmail 4096 21 nov 22.22 /var/vmail/
     
  6. nbhadauria

    nbhadauria New Member

    Change the following permission ..

    drwx------ 4 root root 4096 21 nov 22.13 /var/vmail/domain/

    chown vmail.vmail -R /var/vmail/domain.com/
     
  7. SwOsHiE

    SwOsHiE New Member

    This solves the problem indeed, BUT new created mail accounts get the same problem :( The first mailaccount in a domain works because it does not create a domain folder under /var/vmail, but when a secound mail account is created, the folder in /var/vmail is created and get's the root permission.
     
  8. SwOsHiE

    SwOsHiE New Member

    A thought that came to my head said that you should be able to give /var/vmail/ full permission to vmail.vmail and ALSO add this permission to all sub-directories, but I do not know how to make such a command?! Is this possible?
     
  9. nbhadauria

    nbhadauria New Member

    it already have full permission don't worry about that..

    can you explain a little more about your problem ..

    i didn't get that you said that you rsync that directory from some other server. now you are trying to add new account..

    are you using to server two mail servers ??
     
  10. SwOsHiE

    SwOsHiE New Member

    I am sorry for being so missleading..

    I am using 2 servers (Mirror setup with ISPconfig3), The first server is used always and the mirror server is used if the first server goes down.

    To always have the same information at both servers, I've been using MySQL master-master replication, /var/www/ rsync and was on my way to make /var/vmail rsync. The last step updated the files on the mirror server but also made some changes on the first server witch I did not expect, my bad.

    After this, the permission thing started and newley created accounts get this problem.

    I hope I made some things clear to you?

    Best regards,
    Mattias
     
  11. nbhadauria

    nbhadauria New Member

    so now you are adding account on first server then rsync /var/vmail and then trying to login on other server ???


    also can you post output of ..

    tail /etc/passwd

    from both server i just want to check if uid of vmail matches on both server..
     
  12. SwOsHiE

    SwOsHiE New Member

    I've only configured rsync ONE-WAY to the mirror, in other words, the mirror is only checking the first servers folders, I tried to login on both servers after the problem accured, same thing on both servers. Now when I've restored the permission problem, the first server works again, have not tried the mirror yet.

    Server 1 /etc/passwd:

    wwwsync:x:5006:5006::/home/wwwsync:/bin/bash
    web5:x:5007:5007::/var/www/clients/client3/web5:/bin/false
    web7:x:5008:5005::/var/www/clients/client1/web7:/bin/false
    web9:x:5009:5005::/var/www/clients/client1/web9:/bin/false
    web13:x:5010:5009::/var/www/clients/client7/web13:/bin/false
    web15:x:5011:5009::/var/www/clients/client7/web15:/bin/false
    web17:x:5012:5009::/var/www/clients/client7/web17:/bin/false
    web19:x:5013:5010::/var/www/clients/client9/web19:/bin/false
    web21:x:5014:5010::/var/www/clients/client9/web21:/bin/false
    web23:x:5015:5011::/var/www/clients/client13/web23:/bin/false

    Server 2 /etc/passwd:

    web3:x:5005:5005::/var/www/clients/client1/web3:/bin/false
    web5:x:5006:5006::/var/www/clients/client3/web5:/bin/false
    web7:x:5007:5005::/var/www/clients/client1/web7:/bin/false
    web9:x:5008:5005::/var/www/clients/client1/web9:/bin/false
    web13:x:5009:5008::/var/www/clients/client7/web13:/bin/false
    web15:x:5010:5008::/var/www/clients/client7/web15:/bin/false
    web17:x:5011:5008::/var/www/clients/client7/web17:/bin/false
    web19:x:5012:5009::/var/www/clients/client9/web19:/bin/false
    web21:x:5013:5009::/var/www/clients/client9/web21:/bin/false
    web23:x:5014:5010::/var/www/clients/client13/web23:/bin/false

    I guess you wanted to see the output for the mailsync user, this I removed sorry to say. I do not want to try rsync again until I know exactly how to implement it without destroying something :p

    Advice on both restoring the permission on the folders and also make the new created folders work with right permissions?

    Also, how would you do the rsync setup for /var/vmail/?

    All help is very much appreciated!

    Best regards,
    Mattias
     
  13. SwOsHiE

    SwOsHiE New Member

    Just found a error log message from ISPC Cron log:

    groupdel: cannot remove the primary group of user 'web11'
    mkdir: cannot create directory "/var/vmail/domain.com": Access denied
    mkdir: cannot create directory "/var/vmail/......

    show for all of my domains in /var/vmail/.
     
  14. nbhadauria

    nbhadauria New Member

    I can tell you this that is you want to use same directory permission on both the servers you need to make sure that all your /etc/passwd records matches..


    Ex.

    web5:x:5007:5007::/var/www/clients/client3/web5:/bin/false

    web5:x:5006:5006::/var/www/clients/client3/web5:/bin/false

    now if you try to access the same folder on other server there permission will not match because of different uid,gid .

    so make sure you use same uid and gid for all the users (spaciously vmail user)..
     
  15. SwOsHiE

    SwOsHiE New Member

    Thank you for your reply!

    Is there a way to include permissions of folders in the rsync setup? If it does, what is the best way to do it?

    I still have the permission problem for new created mail accounts, any toughts?

    Best regards,
    Mattias
     

Share This Page