[CentOS] Sendmail with TLS, permission problem

Tue Aug 12 09:38:59 UTC 2008
Jussi Hirvi <greenspot at greenspot.fi>

Ralph Angenendt (ra+centos at br-online.de) kirjoitteli (12.8.2008 12:21):
>> Thanks for quick reply. That didn't help yet. The error message in maillog
>> is still the same: "sendmail.pem unsafe: Permission denied". The directory
>> perms are now: 
>> [root at mail mail]# ls -ld / /etc /etc/mail /etc/mail/certs
>> drwxr-xr-x 24 root root  4096 Mar 29  2007 /
>> drwxr-xr-x 96 root root 12288 Aug 12 04:02 /etc
>> drwxr-xr-x  5 root root  4096 Aug 12 12:14 /etc/mail
>> dr-x------  2 mail mail  4096 Aug 11 14:42 /etc/mail/certs
> 
> IIRC sendmail checks from /etc/mail downwards, so /etc/mail is open too
> wide still.

On another machine (Fecore Core 3, Sendmail 8.13) the /etc/mail perms are
755 too, and it works - thoug there is no SMTP-AUTH on that machine.

I tried it, but the error message in maillog persists after Sendmail
restart. The perms are now:

[root at mail mail]# ls -ld / /etc /etc/mail /etc/mail/certs
drwxr-xr-x 24 root root  4096 Mar 29  2007 /
drwxr-xr-x 96 root root 12288 Aug 12 04:02 /etc
drwx------  5 root root  4096 Aug 12 12:37 /etc/mail
dr-x------  2 mail mail  4096 Aug 11 14:42 /etc/mail/certs
[root at mail mail]# ls -l /etc/mail/certs/
total 1924
-rw------- 1 mail mail    1371 Aug 11 12:15 cacert.pem
-rw------- 1 mail mail     963 Aug 11 12:15 cakey.pem
-rw-r--r-- 1 root root 1952422 Aug 11 14:26 revoke.crl
-rw------- 1 mail mail    2258 Aug 11 12:16 sendmail.pem

I cannot help thinking that this is *not* actually about the permissions -
it must be about something else.

- Jussi

--
Jussi Hirvi * Green Spot
Topeliuksenkatu 15 C * 00250 Helsinki * Finland
Tel. & fax +358 9 493 981 * Mobile +358 40 771 2098 (only sms)
jussi.hirvi at greenspot.fi * http://www.greenspot.fi