Sieve extprograms ?not exexuting?
Hello, I was testing the extprograms plugin. I think I had it working in the past, but many things have changed since then, so no use trying to figure out where it broke - starting over again...
Debug-enabled log give me: Apr 27 04:11:36 mail dovecot: lmtp(test@example.com): Debug: qOGyA0DePHVaOyHEM/SpMA: sieve: action execute: running program: test.sh Apr 27 04:11:36 mail dovecot: lmtp(test@example.com): Debug: waiting for program `/usr/local/etc/dovecot/sieve_globals/test.sh' to finish after 0 seconds
So I guess it thinks it is running my script? But simple test script does nothing. Here it is:
#!/bin/sh read INPUT INPUT="Hello world: $INPUT" echo "$INPUT" >> /tmp/hello echo "---------------------------" >> /tmp/hello
Permissions on this script file for now are rwxrwxrwx But nothing goes to /tmp/hello at all. Script works when I run it manually. I also tried without the "read" but I think that's required isn't it? Anyway, what else can I do to debug this?
Dovecot 2.2.16 Pigeonhole 0.4.7
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Mon, 27 Apr 2015, E.B. wrote:
Well, first try with a script that cannot fail (well most likely), e.g.:
#!/bin/sh
( id date set ) >>/tmp/test.$$.log 2>&1
Note the /tmp/test.$$.log, so it will create a new file (hopefully) each time it runs, in order to bypass permission problems, if the file exists already.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBVT4Ds3z1H7kL/d9rAQIuKgf+J5lnE+6DHNZQYz4nA4Kt+xQI3ul0Gf9/ cdHUeyVfpYtPbSUheHalzlXMgnIulHNHs4FBuRpbWoTVG184Vy6ZVFXRUJSNRRyG wLZhYqVFyTa3zRpoxq1fdxbmdyPtq5dKzO8+lGeDAtiNZdi1cGVWfG1wYEbRQkUp cS7l9FiDba7DvwL6LjQZxGkUNsveyq6ZKitOsveSmWugUphfw0ko+84Y0yVI/5d6 QtslPOj7C4Ag5TFg+5UoQ3GSwOBaTY+kYzF58y4XNatpUWiKtOCbGv3P7FbEgfzl Xle6e6a6Wqg+7/3D11sy+1R9CQUIJjLA1dgC6E8Lgi5cdvyNqJdWRQ== =HO71 -----END PGP SIGNATURE-----
I tried your script for fun, same result. Log showing the script was called, but no output from the script.
I also deleted the script and made sure that debug log showed that sieve could not find the script. Is it chrooted or something weird?
I have confirmed it is being run by calling "exit 3" and seeing in the log that "program ... terminated with non-zero exit code 3" so problem is in commands accessing the filesystem I guess. I added this:
echo "HELLO WORLD" 1>&2
And log shows "Error: HELLO WORLD"
So it's working but no filesystem access. Calling from sieve script with:
execute :input "myinput" "test.sh";
Also tried
execute "test.sh";
Am 27.04.2015 um 20:55 schrieb E.B.:
In another thread you said you are running CentOS. So I strongly guess it is SELinux interfering. Check your auditd log
grep -i AVC /var/log/audit/audit.log
You can test whether your setup works after "setenforce 0". That sets SELinux into permissive mode, loggging AVCs but not blocking actions.
Alexander
I just tried this too:
touch /tmp/hello-world
And nothing. I tried to *read* from the filesystem:
TEST=$(cat /tmp/test) echo "TEST: $TEST" 1>&2
Nothing. I found that the script can do other things like connect to network or other services, but any way I try to do something with the filesystem come up empty.
Dont' know if calling the script via dovecot socket service would make this different because there is a bug that prevents extprograms execute via socket broken (see other thread).
Is this on purpose no filesystem access allowed? why?
participants (4)
-
Alexander Dalloz
-
E.B.
-
Steffen Kaiser
-
Stephan Bosch