Atomicorp

Posted: **Fri Jan 09, 2009 12:20 pm**

Installing qmail-scanner on plesk 8.6 and centos 4.5 we get the following error related to "perl-suidperl" that is installed:

Code: Select all

yum install qmail-scanner

Setting up Install Process
Setting up repositories
plesk                     100% |=========================|  951 B    00:00
update                    100% |=========================|  951 B    00:00
base                      100% |=========================| 1.1 kB    00:00
atomic                    100% |=========================|  951 B    00:00
addons                    100% |=========================|  951 B    00:00
extras                    100% |=========================| 1.1 kB    00:00
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Package qmail-scanner.noarch 1:2.02-1.el4.art set to be updated
--> Running transaction check

Dependencies Resolved

=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
 qmail-scanner           noarch     1:2.02-1.el4.art  atomic            338 k

Transaction Summary
=============================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)
Total download size: 338 k
Is this ok [y/N]: y
Downloading Packages:
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: qmail-scanner                ######################### [1/1]
Can't do setuid (cannot exec sperl)
Can't do setuid (cannot exec sperl)

Installed: qmail-scanner.noarch 1:2.02-1.el4.art
Complete!

--------------------------------------------------

I've tried a small test perl script and it seems to work:

Code: Select all

   4 -rwsr-s---   1 1000     1000           94 Jan  9 04:19 testsetuid.pl

./testsetuid.pl
My real user id is 0 but my effective user id is 1000

Of course mail queue is locked and nothing is delivered:

...
Jan 9 10:11:18 srv01 relaylock: /var/qmail/bin/relaylock: mail from 85.107.53.50:50981 (dsl85-107-13618.ttnet.net.tr)
Jan 9 10:11:19 srv01 relaylock: /var/qmail/bin/relaylock: mail from 201.222.219.133:1327 (133-219-222-201.adsl.terra.cl)
Jan 9 10:11:21 srv01 relaylock: /var/qmail/bin/relaylock: mail from 90.178.118.172:28027 (172.118.broadband11.iol.cz)
Jan 9 10:11:22 srv01 relaylock: /var/qmail/bin/relaylock: mail from 222.99.254.200:1226 (not defined)
Jan 9 10:11:23 srv01 relaylock: /var/qmail/bin/relaylock: mail from 201.222.219.133:1435 (133-219-222-201.adsl.terra.cl)
Jan 9 10:11:24 srv01 relaylock: /var/qmail/bin/relaylock: mail from 125.164.213.182:4427 (182.subnet125-164-213.speedy.telkom.net.id)
Jan 9 10:11:25 srv01 relaylock: /var/qmail/bin/relaylock: mail from 201.222.219.133:1490 (133-219-222-201.adsl.terra.cl)
Jan 9 10:11:28 srv01 relaylock: /var/qmail/bin/relaylock: mail from 201.222.219.133:1564 (133-219-222-201.adsl.terra.cl)
Jan 9 10:11:30 srv01 relaylock: /var/qmail/bin/relaylock: mail from 201.222.219.133:1602 (133-219-222-201.adsl.terra.cl)
Jan 9 10:11:33 srv01 relaylock: /var/qmail/bin/relaylock: mail from 123.238.54.184:3753 (not defined)
...

Other details:
ls /usr/bin/qmail-scanner-reconfigure -las
0 lrwxrwxrwx 1 root root 54 Jan 9 09:14 /usr/bin/qmail-scanner-reconfigure -> /usr/share/qmail-scanner/qmail-scanner-reconfigure.psa

EDIT:
Errors are generated by these two commands in qmail-scanner-reconfigure.psa:

Code: Select all

# setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -g
Can't do setuid (cannot exec sperl)
# setuidgid qscand /var/qmail/bin/qmail-scanner-queue.pl -z
Can't do setuid (cannot exec sperl)

perl-suidperl seems correctly installed:
# rpm -qa | grep perl-s
perl-suidperl-5.8.5-36.el4_6.3

Any suggestions will be greatly appreciated.

Thank You

EDIT:

I have reinstalled the same version of some rpms and it solved.

Code: Select all

mkdir /root/perl-reinstall
cd /root/perl-reinstall
wget http://isoredirect.centos.org/centos/4/os/i386/CentOS/RPMS/perl-suidperl-5.8.5-36.el4_6.3.i386.rpm
wget http://isoredirect.centos.org/centos/4/os/i386/CentOS/RPMS/perl-5.8.5-36.el4_6.3.i386.rpm
wget http://isoredirect.centos.org/centos/4/os/i386/CentOS/RPMS/perl-Time-HiRes-1.55-3.i386.rpm
rpm -ivh --force perl-5.8.5-36.el4_6.3.i386.rpm
rpm -ivh --force perl-suidperl-5.8.5-36.el4_6.3.i386.rpm
rpm -ivh --force perl-Time-HiRes-1.55-3.i386.rpm

Posted: **Fri Jan 09, 2009 6:07 pm**

It is the version of Perl that's the problem.

If you enable the CentosPlus repo in Centos 4 you'll get a more recent Perl, which does not cause this problem.

Keep in mind that this might have unexpected effects elsewhere, but it is working OK on our systems, with Plesk et al.

Posted: **Sat Jan 10, 2009 5:56 am**

I'm pretty sure you don't need the CentOS Plus version of Perl to run qmail-scanner on CentOS 4, because we're doing fine with the regular Perl on our CentOS 4 boxes.

Posted: **Sat Jan 10, 2009 11:54 am**

Yeah it was built to run with regular base/updates channels. I've been running qmail-scanner with it for years and years now.

Posted: **Sat Jan 10, 2009 6:12 pm**

Really? I've had a hell of a lot of trouble and the only way I've ever managed to get it to work was with the updated CentosPlus Perl.

Posted: **Sun Jan 11, 2009 6:57 am**

Yes, really.

# rpm -q perl perl-suidperl qmail-scanner
perl-5.8.5-36.el4_6.3
perl-suidperl-5.8.5-36.el4_6.3
qmail-scanner-2.02-1.el4.art

Posted: **Sun Jan 11, 2009 2:05 pm**

I wonder if it has something to do with being VPS-based then?

I've had this issue three times, all on Centos 4 VPSes that I've created, all solved by installing the CentosPlus Perl (5.8.

.

I don't see HOW there could be a difference, but given that Virtuozzo VPSes use symlinks here there and everywhere, I suppose it isn't outside the realm of possibilities.

By88 -- are you on a dedicated server or a VPS?

Faris.

Atomicorp

qmail-scanner install problem

qmail-scanner install problem