Debian Bug report logs - #714770
[chroot] saslauthd bind mount fails during boot

Reply or subscribe to this bug.

Display info messages

Message #5 received at [email protected] (full text, mbox, reply):

From: Daniel Pocock <[email protected]>

To: Debian Bug Tracking System <[email protected]>

Subject: saslauthd bind mount fails during boot

Date: Tue, 02 Jul 2013 19:59:05 +0200

Package: postfix
Version: 2.9.6-2
Severity: important

As per the wiki, I've got a bind mount in fstab:

/var/run/saslauthd /var/spool/postfix/var/run/saslauthd none bind 0 0

This has been working for quite some time (over 1 year)

However, since upgrading to wheezy, I've observed that this is not
mounted during booting and consequently Postfix fails to authenticate
any SMTP submission clients.  The logs contain messages like this:

SASL LOGIN authentication failed: generic failure
warning: SASL authentication failure: cannot connect to saslauthd
server: No such file or directory

and the boot log contains:

[....] Mounting local filesystems...mount: special device
/var/run/saslauthd does not exist

Manually running

mount /var/spool/postfix/var/run/saslauthd
service postfix restart

fixes the issue.

The root cause may be associated with the sequence of mounting /var and
the /var/run tmpfs.  mount tells me that /var/run is mounted like this:

tmpfs on /run type tmpfs (rw,nosuid,noexec,relatime,size=52088k,mode=755)

Message #10 received at [email protected] (full text, mbox, reply):

From: "Dmitriy M. Lapchik" <[email protected]>

To: [email protected]

Subject: saslauthd bind mount fails during boot

Date: Sat, 04 Jan 2014 00:41:00 +0700

Hello!

Now you don't have to mount anything. Look into the /etc/default/saslauthd:

# Example for chroot Postfix users: "-c -m 
/var/spool/postfix/var/run/saslauthd"
# Example for non-chroot Postfix users: "-c -m /var/run/saslauthd"

Message #15 received at [email protected] (full text, mbox, reply):

From: Jacob Anawalt <[email protected]>

To: Debian Bug Tracking System <[email protected]>

Subject: Re: saslauthd bind mount fails during boot

Date: Thu, 1 May 2014 17:26:42 -0600

Package: postfix
Version: 2.9.6-2
Followup-For: Bug #714770

Dear Maintainer,

I had a Debian 6.0/squeeze system running multiple postfix instances and
using the bind mount example to get the saslauthd mux to the chroots as
suggested in the wiki.

Since upgrading to Debian 7.0/wheezy the mount has failed on boot due, I
believe, to the /run directory change from /var/run to /run as a tempfs.
Now on each boot I get the "mount: special device /run/saslauthd does
not exist". (I initially got the message about /var/run but I attempted
to fix it by updating the fstab to point to /run instead.

It appears this fails because /etc/init.d/mountall.sh calls mount_local
before mount_run so the mounts under /run fail at first and are not
retried.

If I run mount -a or mount /var/run/postfix/var/run/saslauthd (and again
for the other postfix chroots) after boot it works.

I have seen the README.Debian and am aware of the -m option to saslauthd,
but that doesn't cover multiple postfix instances. Running multiple
instances of saslauthd seems daunting and heavy-handed to fix something
that bind mount use to provide.

Ideally postfix would see that smtpd is chrooted, needs sasl, and does what
it needs to do to bring saslauthd or whatever it's configured to use into
the chroot via bind mounts, multiple saslauthd instances or whatever.

Overall I appreciate having Postfix on Debian. Thank you for that!

-- System Information:
Debian Release: 7.5
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages postfix depends on:
ii  adduser                3.113+nmu3
ii  cpio                   2.11+dfsg-0.1
ii  debconf [debconf-2.0]  1.5.49
ii  dpkg                   1.16.14
ii  libc6                  2.13-38+deb7u1
ii  libdb5.1               5.1.29-5
ii  libsasl2-2             2.1.25.dfsg1-6+deb7u1
ii  libsqlite3-0           3.7.13-1+deb7u1
ii  libssl1.0.0            1.0.1e-2+deb7u7
ii  lsb-base               4.1+Debian8+deb7u1
ii  netbase                5.0
ii  ssl-cert               1.0.32

Versions of packages postfix recommends:
ii  python  2.7.3-4+deb7u1

Versions of packages postfix suggests:
ii  bsd-mailx [mail-reader]        8.1.2-0.20111106cvs-1
ii  dovecot-common                 1:2.1.7-7
ii  dovecot-core [dovecot-common]  1:2.1.7-7
ii  libsasl2-modules               2.1.25.dfsg1-6+deb7u1
ii  mutt [mail-reader]             1.5.21-6.2+deb7u2
pn  postfix-cdb                    <none>
ii  postfix-doc                    2.9.6-2
pn  postfix-ldap                   <none>
pn  postfix-mysql                  <none>
ii  postfix-pcre                   2.9.6-2
pn  postfix-pgsql                  <none>
ii  procmail                       3.22-20
pn  resolvconf                     <none>
ii  sasl2-bin                      2.1.25.dfsg1-6+deb7u1
pn  ufw                            <none>

-- debconf information:
  postfix/master_upgrade_warning:
  postfix/db_upgrade_warning: true
* postfix/mailname: dhcp-146.office
  postfix/tlsmgr_upgrade_warning:
  postfix/dynamicmaps_upgrade_warning:
  postfix/recipient_delim: +
* postfix/main_mailer_type: No configuration
  postfix/transport_map_warning:
  postfix/retry_upgrade_warning:
  postfix/kernel_version_warning:
  postfix/relayhost:
  postfix/procmail: true
  postfix/bad_recipient_delimiter:
  postfix/chattr: false
  postfix/root_address:
  postfix/rfc1035_violation: false
  postfix/mydomain_warning:
  postfix/mynetworks: 127.0.0.0/8 [redacted]
  postfix/destinations: $myhostname, $mydomain, $myhostname.$mydomain,
www.$mydomain, [redacted], localhost, localhost.localdomain,
[redacted]
  postfix/nqmgr_upgrade_warning:
  postfix/not_configured:
  postfix/sqlite_warning:
  postfix/mailbox_limit: 0
  postfix/protocols: ipv4

-- 
Jacob

Message #20 received at [email protected] (full text, mbox, reply):

From: "Brent W. Baccala" <[email protected]>

To: [email protected]

Subject: Still a problem on Ubuntu 18.04.1 LTS

Date: Wed, 7 Nov 2018 20:53:47 -0500

[Message part 1 (text/plain, inline)]

Hi -

I had a problem with this on Ubuntu 18.04.1 LTS (bionic).  After installing
the packages postfix and sasl2-bin, I then (after at least an hour of
debugging), ended up putting in a symlink from /var/run/saslauthd to
/var/spool/postfix/var/run/saslauthd.

I didn't change much from the standard configuration - just added
/etc/postfix/sasl/smtpd.conf and uncommented the stuff in master.cf to
listen on port 587.  In particular, I didn't alter the chroot setting - it
was chroot out of the box.

I think something needs to be added to,
perhaps, /usr/lib/postfix/configure-instance.sh, to create a bind mount for
this directory when postfix starts.  Maybe that's not quite right, since
there's a sequencing issue for the saslauthd/postfix startup order, but
something like this is in order.

It should work out of the box, without having to move around system
directories or manually add bind mounts.

    agape
    brent

[Message part 2 (text/html, inline)]

Message #25 received at [email protected] (full text, mbox, reply):

From: Michael Tokarev <[email protected]>

To: [email protected]

Subject: Re: Bug#714770: saslauthd bind mount fails during boot

Date: Mon, 2 Dec 2024 10:02:55 +0300

Control: retitle -1 [chroot] saslauthd bind mount fails during boot

Another bug due to chroot-by-default in debian postfix which has been
advised against by upstream countless number of times over the years.

/mjt

Send a report that this bug log contains spam.