qpsmtpd
qpsmtpd copied to clipboard
Published
20 hours ago •
smtpd
smtpd
Permission denied when running as non-root user
Hi all,
Sorry about the incredibly generic title, but I really do hope there is something generic that I'm missing which is causing this. First, what I'm running:
Oracle Linux 8.6 SElinux enabled enforcing (but have also tried disabled)
I have qpsmtpd running with the following:
/usr/bin/perl -I/opt/qpsmtpd/lib -Tw /opt/qpsmtpd/qpsmtpd-forkserver --detach -p 2525 -l 127.0.0.1 -m 500 --user root --pid-file /run/qpsmtpd.pid
However, if I try to run it as a non-root user, eg. postfix, I get permission denied as per below (this is with full debug enabled).
Things I have tried, as mentioned checking audit.log and find no denied errors (I mean there were originally some that I have worked through), audit2allow -a is much the same.
I've changed pems (recursively) on the /usr/share/perl5/vendor_perl/Net directory to 777 to no avail, so switched back.
I've then done the same chmod -R 777 on /usr/share/perl5/vendor_perl still no dice - switched back.
I also tried copying the /usr/share/perl5/vendor_perl/Net directory and placing it under /opt/qpsmtpd/lib as that is specified as a lib location as you can see from my forkserver line above, paths in the error message below change to /opt/qpsmtpd/lib, but still the exact same error.
I've looked into the FATAL PROGRAM ERROR bug and can't see anything I can really do there or why I'm having the issue I am (also considering root works... I think it's unrelated).
I also ran a lsof with the qpsmtpd service stopped, then again with it running and have diffed the two outputs, but nothing obvious stands out... output is also included below.
I'm pretty much out of ideas, any help would be appreciated.
*** FATAL PROGRAM ERROR!! Unknown instance method 'size'
*** which the program has attempted to call for the object:
***
. IN OPT ; no data
***
*** THIS IS A BUG IN THE CALLING SOFTWARE, which incorrectly assumes
*** that the object would be of a particular type. The type of an
*** object should be checked before calling any of its methods.
***
Can't locate Net/DNS/RR/OPT.pm: lib/Net/DNS/RR/OPT.pm: Permission denied at (eval 46) line 1.
Net::DNS::RR 1611 at /usr/share/perl5/vendor_perl/Net/DNS/Resolver/Base.pm line 1013.
Net::DNS::Resolver::Base::_make_query_packet(Net::DNS::Resolver=HASH(0x5637a206d560), "127.0.0.1", "PTR") called at /usr/share/perl5/vendor_perl/Net/DNS/Resolver/Base.pm line 406
Net::DNS::Resolver::Base::send(Net::DNS::Resolver=HASH(0x5637a206d560), "127.0.0.1", "PTR") called at /usr/share/perl5/vendor_perl/Net/DNS/Resolver/Base.pm line 378
Net::DNS::Resolver::Base::query(Net::DNS::Resolver=HASH(0x5637a206d560), "127.0.0.1", "PTR") called at /opt/qpsmtpd/lib/Qpsmtpd/Base.pm line 108
Qpsmtpd::Base::resolve_ptr(Qpsmtpd::Base=HASH(0x5637a1ea6360), "127.0.0.1") called at /opt/qpsmtpd/lib/Qpsmtpd/TcpServer.pm line 198
Qpsmtpd::TcpServer::tcpenv(Qpsmtpd::TcpServer=HASH(0x5637a1fc25f8), "127.0.0.1", "127.0.0.1") called at /opt/qpsmtpd/qpsmtpd-forkserver line 304
lsof diff, running qpsmtpd as root to try and see what qpsmtpd is touching:
# diff /tmp/lsof_stopped /tmp/lsof_started |grep -v lsof
778c778
< auditd 951 root 6w REG 252,3 4140619 157 /var/log/audit/audit.log
---
> auditd 951 root 6w REG 252,3 4140877 157 /var/log/audit/audit.log
817c817
< auditd 951 952 auditd root 6w REG 252,3 4140619 157 /var/log/audit/audit.log
---
> auditd 951 952 auditd root 6w REG 252,3 4140877 157 /var/log/audit/audit.log
856c856
< auditd 951 954 auditd root 6w REG 252,3 4140619 157 /var/log/audit/audit.log
---
> auditd 951 954 auditd root 6w REG 252,3 4140877 157 /var/log/audit/audit.log
2367a2368
> sssd_nss 1025 root 53u unix 0xffff9ba6990a6400 0t0 32424851 /var/lib/sss/pipes/nss type=STREAM
3489c3490
< splunkd 1166 root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
3578c3579
< splunkd 1166 1186 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1186 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
3667c3668
< splunkd 1166 1193 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1193 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
3756c3757
< splunkd 1166 1244 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1244 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
3845c3846
< splunkd 1166 1265 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1265 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
3934c3935
< splunkd 1166 1517 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1517 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
4023c4024
< splunkd 1166 1518 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1518 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
4112c4113
< splunkd 1166 1520 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1520 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
4201c4202
< splunkd 1166 1521 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1521 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
4290c4291
< splunkd 1166 1522 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1522 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
4379c4380
< splunkd 1166 1523 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1523 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
4468c4469
< splunkd 1166 1526 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1526 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
4557c4558
< splunkd 1166 1527 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1527 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
4646c4647
< splunkd 1166 1536 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1536 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
4735c4736
< splunkd 1166 1537 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1537 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
4824c4825
< splunkd 1166 1538 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1538 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
4913c4914
< splunkd 1166 1541 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1541 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
5002c5003
< splunkd 1166 1545 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1545 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
5091c5092
< splunkd 1166 1553 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1553 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
5180c5181
< splunkd 1166 1560 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1560 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
5269c5270
< splunkd 1166 1562 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1562 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
5358c5359
< splunkd 1166 1563 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1563 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
5447c5448
< splunkd 1166 1564 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1564 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
5536c5537
< splunkd 1166 1568 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1568 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
5625c5626
< splunkd 1166 1569 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1569 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
5714c5715
< splunkd 1166 1572 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1572 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
5803c5804
< splunkd 1166 1573 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1573 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
5892c5893
< splunkd 1166 1579 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1579 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
5981c5982
< splunkd 1166 1588 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1588 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
6070c6071
< splunkd 1166 1595 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1595 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
6159c6160
< splunkd 1166 1604 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1604 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
6248c6249
< splunkd 1166 1606 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1606 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
6337c6338
< splunkd 1166 1621 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1621 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
6426c6427
< splunkd 1166 1638 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1638 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
6515c6516
< splunkd 1166 1645 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1645 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
6604c6605
< splunkd 1166 1652 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1652 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
6693c6694
< splunkd 1166 1657 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1657 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
6782c6783
< splunkd 1166 1664 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1664 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
6871c6872
< splunkd 1166 1665 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1665 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
6960c6961
< splunkd 1166 1672 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1672 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
7049c7050
< splunkd 1166 1673 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 1673 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
7138c7139
< splunkd 1166 3044 splunkd root 46r REG 252,3 4140619 157 /var/log/audit/audit.log
---
> splunkd 1166 3044 splunkd root 46r REG 252,3 4140877 157 /var/log/audit/audit.log
7299c7300
< rsyslogd 44075 root 12w REG 252,3 4308360 804 /var/log/messages
---
> rsyslogd 44075 root 12w REG 252,3 4309780 804 /var/log/messages
7301c7302
< rsyslogd 44075 root 14w REG 252,3 614472 811 /var/log/qpsmtpd/qpsmtpd.log
---
> rsyslogd 44075 root 14w REG 252,3 614864 811 /var/log/qpsmtpd/qpsmtpd.log
7363c7364
< rsyslogd 44075 44076 in:imklog root 12w REG 252,3 4308360 804 /var/log/messages
---
> rsyslogd 44075 44076 in:imklog root 12w REG 252,3 4309780 804 /var/log/messages
7365c7366
< rsyslogd 44075 44076 in:imklog root 14w REG 252,3 614472 811 /var/log/qpsmtpd/qpsmtpd.log
---
> rsyslogd 44075 44076 in:imklog root 14w REG 252,3 614864 811 /var/log/qpsmtpd/qpsmtpd.log
7427c7428
< rsyslogd 44075 44077 in:imuxso root 12w REG 252,3 4308360 804 /var/log/messages
---
> rsyslogd 44075 44077 in:imuxso root 12w REG 252,3 4309780 804 /var/log/messages
7429c7430
< rsyslogd 44075 44077 in:imuxso root 14w REG 252,3 614472 811 /var/log/qpsmtpd/qpsmtpd.log
---
> rsyslogd 44075 44077 in:imuxso root 14w REG 252,3 614864 811 /var/log/qpsmtpd/qpsmtpd.log
7491c7492
< rsyslogd 44075 44078 in:imjour root 12w REG 252,3 4308360 804 /var/log/messages
---
> rsyslogd 44075 44078 in:imjour root 12w REG 252,3 4309780 804 /var/log/messages
7493c7494
< rsyslogd 44075 44078 in:imjour root 14w REG 252,3 614472 811 /var/log/qpsmtpd/qpsmtpd.log
---
> rsyslogd 44075 44078 in:imjour root 14w REG 252,3 614864 811 /var/log/qpsmtpd/qpsmtpd.log
7555c7556
< rsyslogd 44075 44079 imudp(w0) root 12w REG 252,3 4308360 804 /var/log/messages
---
> rsyslogd 44075 44079 imudp(w0) root 12w REG 252,3 4309780 804 /var/log/messages
7557c7558
< rsyslogd 44075 44079 imudp(w0) root 14w REG 252,3 614472 811 /var/log/qpsmtpd/qpsmtpd.log
---
> rsyslogd 44075 44079 imudp(w0) root 14w REG 252,3 614864 811 /var/log/qpsmtpd/qpsmtpd.log
7619c7620
< rsyslogd 44075 44080 rs:main root 12w REG 252,3 4308360 804 /var/log/messages
---
> rsyslogd 44075 44080 rs:main root 12w REG 252,3 4309780 804 /var/log/messages
7621c7622
< rsyslogd 44075 44080 rs:main root 14w REG 252,3 614472 811 /var/log/qpsmtpd/qpsmtpd.log
---
> rsyslogd 44075 44080 rs:main root 14w REG 252,3 614864 811 /var/log/qpsmtpd/qpsmtpd.log
10332,10380c10333,10430
---
> perl 290721 root cwd DIR 252,0 4096 2 /
> perl 290721 root rtd DIR 252,0 4096 2 /
> perl 290721 root txt REG 252,0 12616 21728 /usr/bin/perl
> perl 290721 root mem REG 252,3 6940392 263300 /var/lib/sss/mc/group
> perl 290721 root mem REG 252,0 20216 274953 /usr/lib64/perl5/vendor_perl/auto/Sys/Syslog/Syslog.so
> perl 290721 root mem REG 252,0 543304 4835 /usr/lib64/libpcre2-8.so.0.7.1
> perl 290721 root mem REG 252,0 168000 2536 /usr/lib64/libselinux.so.1
> perl 290721 root mem REG 252,0 33464 3263 /usr/lib64/libuuid.so.1.3.0
> perl 290721 root mem REG 252,0 343624 15976 /usr/lib64/libblkid.so.1.1.0
> perl 290721 root mem REG 252,0 103784 1333 /usr/lib64/libgcc_s-8-20210514.so.1
> perl 290721 root mem REG 252,0 371408 16062 /usr/lib64/libmount.so.1.1.0
> perl 290721 root mem REG 252,0 33752 3492 /usr/lib64/libcap.so.2.48
> perl 290721 root mem REG 252,0 918952 16069 /usr/lib64/libnss_systemd.so.2
> perl 290721 root mem REG 252,3 9253600 263299 /var/lib/sss/mc/passwd
> perl 290721 root mem REG 252,0 46320 16909 /usr/lib64/libnss_sss.so.2
> perl 290721 root mem REG 252,0 16048 272602 /usr/lib64/perl5/vendor_perl/auto/MIME/Base64/Base64.so
> perl 290721 root mem REG 252,0 20224 277349 /usr/lib64/perl5/vendor_perl/auto/Digest/MD5/MD5.so
> perl 290721 root mem REG 252,0 575072 273617 /usr/lib64/perl5/auto/re/re.so
> perl 290721 root mem REG 252,0 20304 273601 /usr/lib64/perl5/vendor_perl/auto/Cwd/Cwd.so
> perl 290721 root mem REG 252,0 42744 2602 /usr/lib64/librt-2.28.so
> perl 290721 root mem REG 252,0 32424 274732 /usr/lib64/perl5/vendor_perl/auto/Time/HiRes/HiRes.so
> perl 290721 root mem REG 252,0 7648 274320 /usr/lib64/perl5/auto/Sys/Hostname/Hostname.so
> perl 290721 root mem REG 252,0 111216 272610 /usr/lib64/perl5/vendor_perl/auto/Storable/Storable.so
> perl 290721 root mem REG 252,0 45808 273518 /usr/lib64/perl5/vendor_perl/auto/Encode/Encode.so
> perl 290721 root mem REG 252,0 53240 273549 /usr/lib64/perl5/vendor_perl/auto/List/Util/Util.so
> perl 290721 root mem REG 252,0 54352 2275 /usr/lib64/libnss_files-2.28.so
> perl 290721 root mem REG 252,0 20184 273587 /usr/lib64/perl5/auto/IO/IO.so
> perl 290721 root mem REG 252,0 50472 272631 /usr/lib64/perl5/vendor_perl/auto/Socket/Socket.so
> perl 290721 root mem REG 252,0 111048 274306 /usr/lib64/perl5/auto/POSIX/POSIX.so
> perl 290721 root mem REG 252,0 24120 274283 /usr/lib64/perl5/auto/Fcntl/Fcntl.so
> perl 290721 root mem REG 252,0 217800224 2132 /usr/lib/locale/locale-archive
> perl 290721 root mem REG 252,0 2089152 2263 /usr/lib64/libc-2.28.so
> perl 290721 root mem REG 252,0 17024 3095 /usr/lib64/libutil-2.28.so
> perl 290721 root mem REG 252,0 136032 3126 /usr/lib64/libcrypt.so.1.1.0
> perl 290721 root mem REG 252,0 1598776 2529 /usr/lib64/libm-2.28.so
> perl 290721 root mem REG 252,0 19584 2464 /usr/lib64/libdl-2.28.so
> perl 290721 root mem REG 252,0 88824 2584 /usr/lib64/libresolv-2.28.so
> perl 290721 root mem REG 252,0 150152 2562 /usr/lib64/libpthread-2.28.so
> perl 290721 root mem REG 252,0 2181152 21377 /usr/lib64/libperl.so.5.26.3
> perl 290721 root mem REG 252,0 1106304 2333 /usr/lib64/ld-2.28.so
> perl 290721 root 0r CHR 1,3 0t0 18 /dev/null
> perl 290721 root 1w CHR 1,3 0t0 18 /dev/null
> perl 290721 root 2w CHR 1,3 0t0 18 /dev/null
> perl 290721 root 3r REG 252,7 10804 274943 /opt/qpsmtpd/qpsmtpd-forkserver
> perl 290721 root 4r REG 252,3 9253600 263299 /var/lib/sss/mc/passwd
> perl 290721 root 5u unix 0xffff9ba6990a7600 0t0 32425460 type=STREAM
> perl 290721 root 6u IPv4 32425461 0t0 TCP localhost:ms-v-worlds (LISTEN)
> perl 290721 root 8u unix 0xffff9ba5a238b600 0t0 32424853 type=DGRAM
> perl 290721 root 9r REG 252,3 6940392 263300 /var/lib/sss/mc/group
