Issue: MailWatch unable to detect that MailScanner is running or tally the children processes

[hifihedgehog]

Issue summary

Steps to reproduce

1. Run latest CyberPanel (v2.3.1 Stable) and OpenLiteSpeed (1.7.16)?

Expected result

It should detect MailScanner service and enumerate the running child processes. I can see from the terminal and the logs that MailScanner is screening and filtering out spam, but MailWatch cannot see the processes. Postfix is not impacted.

Actual result

Installation

Version and method

• MailWatch Version: stable 1.2.18
• Install type: Zip install
• Updated from an older MailWatch or fresh install: Fresh install

Server configuration

• Operation System: CentOS 7
• PHP version: 7.3
• Database: 0.6.8-MariaDB
• Mail Server: Postfix
• Used web server: OpenLiteSpeed (1.7.16)

Client configuration

• Operation System: Windows 11
• Browser: Edge 102.0.1245.33

[Skywalker-11]

Can you try to run ps ax | grep MailScanner | grep -v grep The output should look like

  87605 ?        Ss     0:00 MailScanner: starting child
 133399 ?        S      0:03 MailScanner: waiting for messages
 134075 ?        S      0:03 MailScanner: waiting for messages
 134464 ?        S      0:04 MailScanner: waiting for messages
 135000 ?        S      0:04 MailScanner: waiting for messages
 135440 ?        S      0:03 MailScanner: waiting for messages
 135568 ?        S      0:03 MailScanner: waiting for messages
 136507 ?        S      0:02 MailScanner: waiting for messages
 141682 ?        S      0:01 MailScanner: waiting for messages
 141826 ?        S      0:01 MailScanner: waiting for messages
 142111 ?        S      0:01 MailScanner: waiting for messages

Also check if the same command works when run as the web server user

[usmannasir]

@hifihedgehog is this resolved on your end?

I've made some changes to our Mailscanner install script, still MailWatch can not detect it.

[Skywalker-11]

@usmannasir do you use the same server configuration? What is the output of the above command? Also try creating a php file with the following code and check the output:

<?php
exec('ps ax | grep MailScanner | grep -v grep', $output);
var_dump($output);

[hifihedgehog]

@hifihedgehog is this resolved on your end?

I've made some changes to our Mailscanner install script, still MailWatch can not detect it.

@usmannasir, no, not resolved as of yet. MailWatch otherwise works. It just can't see the MailScanner processes.

[hifihedgehog]

Can you try to run ps ax | grep MailScanner | grep -v grep The output should look like

  87605 ?        Ss     0:00 MailScanner: starting child
 133399 ?        S      0:03 MailScanner: waiting for messages
 134075 ?        S      0:03 MailScanner: waiting for messages
 134464 ?        S      0:04 MailScanner: waiting for messages
 135000 ?        S      0:04 MailScanner: waiting for messages
 135440 ?        S      0:03 MailScanner: waiting for messages
 135568 ?        S      0:03 MailScanner: waiting for messages
 136507 ?        S      0:02 MailScanner: waiting for messages
 141682 ?        S      0:01 MailScanner: waiting for messages
 141826 ?        S      0:01 MailScanner: waiting for messages
 142111 ?        S      0:01 MailScanner: waiting for messages

Also check if the same command works when run as the web server user

@Skywalker-11, ah, I think I see the problem. If I run as the web server user which is "nobody" under OpenLiteSpeed and CyberPanel, I get no output:

sudo -u nobody ps ax | grep MailScanner | grep -v grep

No output.

@usmannasir, the nobody user is not able to see the MailScanner processes with the command above.

[hifihedgehog]

Responding to this, @Skywalker-11:

<?php
exec('ps ax | grep MailScanner | grep -v grep', $output);
var_dump($output);

I get the following when I try running this in a php file.

array(0) { }

The issue is the nobody user is not able to see the MailScanner processes.

[shawniverson]

nobody is a special that is not supposed to be able to do this. Have you considered running php-fpm and setting up a user for this purpose?

[hifihedgehog]

@shawniverson, that is how CyberPanel installs and manages MailWatch and MailScanner automatically, so that would be a question best fielded to @usmannasir. Do bear in mind that I am running LiteSpeed, specifically OpenLiteSpeed, and LSAPI is highly preferred over PHP-FPM in that environment.

@usmannasir, I uninstalled and reinstalled MailWatch and MailScanner with your latest script. The latest script did not fix and this issue and additionally it broke MailWatch's ability to see the scan queue for me. Let me know and I can create a ticket with you in CyberPanel so you can take a look at my server.

[hifihedgehog]

@usmannasir, note Ticket #ZY5NQ2DNI.

[usmannasir]

@hifihedgehog thanks for your research. Due to security reasons we've put a restriction in that others users can not see processes run by other users.

Did you figure out why It can't see the scan queue?

[hifihedgehog]

Did you figure out why It can't see the scan queue?

No, I have not. It simply stopped after uninstalling and reinstalling with the latest script.

[usmannasir]

@hifihedgehog

Sorry for my late reply.

If I comment out following line from /etc/fstab

proc /proc proc defaults,hidepid=2 0 0

then mailscanner is able to see the processes.

[usmannasir]

@hifihedgehog

MailScanner is still not scanning mails for you?

[hexitnz]

A fresh install of CP on Ubunutu 20.04 and then install spamassin then Mailwatch. Going to the Mailwatch webui I get the following:

MailScanner: NO Postfix: NO

When I use @hifihedgehog suggestion of commenting out fstab proc /proc proc defaults,hidepid=2 0 0, I get the following:

MailScanner: YES Postfix: YES

But I don't know what elese the commenting out is effecting. Any suggetions why this mod is needed and any correct way to fix the issue?

[endelwar]

hidepid is a system hardening measure, read more on this link https://linux-audit.com/linux-system-hardening-adding-hidepid-to-proc/

If you hide process pids MailWatch can't enumerate the running processes.