[horde] [HORDE][WHUPS]: error on script pipe in postfix (zu früh gefreut)

Carsten horde-groupware at familie-lahme.de
Sun Mar 11 12:07:59 UTC 2018



Am 11.03.2018 um 12:35 schrieb Carsten:
>
>
> Am 10.03.2018 um 21:00 schrieb Jan Schneider:
>>
>> Zitat von Carsten <horde-groupware at familie-lahme.de>:
>>
>>> Am 10.03.2018 um 11:20 schrieb Jan Schneider:
>>>>
>>>> Zitat von Carsten <horde-groupware at familie-lahme.de>:
>>>>
>>>>> Am 09.03.2018 um 11:38 schrieb Jan Schneider:
>>>>>>
>>>>>> Zitat von Carsten <horde-groupware at familie-lahme.de>:
>>>>>>
>>>>>>> Hi all,
>>>>>>>
>>>>>>> I try the set up whups with automated ticket generation from mails.
>>>>>>>
>>>>>>> my postfix sends the incoming mail to the pipe, but returns such 
>>>>>>> an error:
>>>>>>>
>>>>>>> Mar  8 12:40:38 derdapp004 postfix/local[30799]: 04C7040C4C: 
>>>>>>> to=<whups at localhost>, orig_to=<whups@[mydn.tdl]>, relay=local, 
>>>>>>> delay=0.58, delays=0.09/0.04/0/0.45, dsn=5.3.0, status=bounced 
>>>>>>> (Command died with status 255: "/usr/bin/whups-mail-filter -g". 
>>>>>>> Command output: PHP Warning: 
>>>>>>> require_once(/usr/share/php/www/horde/whups/lib/Application.php): 
>>>>>>> failed to open stream: No such file or directory in 
>>>>>>> /usr/bin/whups-mail-filter on line 73 PHP Fatal error: 
>>>>>>> require_once(): Failed opening required 
>>>>>>> '/usr/share/php/www/horde/whups/lib/Application.php' 
>>>>>>> (include_path='.:/usr/share/php:/usr/share/pear') in 
>>>>>>> /usr/bin/whups-mail-filter on line 73 )
>>>>>>>
>>>>>>>
>>>>>>> If I pipe with the local user (root) from the command line, it 
>>>>>>> works perfect.
>>>>>>> I guess it is about a missing environment o.s.
>>>>>>>
>>>>>>> Can somebody advice, pls?
>>>>>>>
>>>>>>> br
>>>>>>> Carsten
>>>>>>
>>>>>> You have set the horde_dir configuration setting in PEAR only for 
>>>>>> the user that installed Horde, not for the user that runs the 
>>>>>> pipe. Either use the same user for both (web server user is 
>>>>>> always a good choice), or set the PEAR configuration for the 
>>>>>> other user too, or set the configuration globally:
>>>>>> $ pear config-set -c horde horde_dir /real/path/to/horde
>>>>>> $ pear config-set -c horde horde_dir /real/path/to/horde system
>>>>>>
>>>>>
>>>>> Hmm... ok, I see.
>>>>> Let's check:
>>>>> that's the user, I installed horde with:
>>>>> root at derdapp004 /etc/postfix # pear config-show -c horde|grep -i 
>>>>> horde_dir
>>>>> Base Horde directory           horde_dir /var/www/horde
>>>>>
>>>>> This is the user, the apache2 is running:
>>>>> root at derdapp004 /etc/postfix # sudo -u www-data pear config-show 
>>>>> -c horde|grep -i horde_dir
>>>>> Base Horde directory           horde_dir /usr/share/php/www/horde
>>>>>
>>>>> And that's the postfix user:
>>>>> root at derdapp004 /etc/postfix # sudo -u postfix pear config-show -c 
>>>>> horde|grep -i horde_dir
>>>>> Base Horde directory           horde_dir /usr/share/php/www/horde
>>>>>
>>>>>
>>>>> ok. just to verify, the issue is still persistent, one test before 
>>>>> the configuration change:
>>>>> ##############
>>>>> Mar  9 16:56:59 derdapp004 postfix/local[15222]: 117514085F: 
>>>>> to=<whups at localhost>, orig_to=<whups@[mydn.tld]>, relay=local, 
>>>>> delay=0.57, delays=0.08/0.04/0/0.46, dsn=5.3.0, status=bounced 
>>>>> (Command died with status 255: "/usr/bin/whups-mail-filter -g". 
>>>>> Command output: PHP Warning: 
>>>>> require_once(/whups/lib/Application.php): failed to open stream: 
>>>>> No such file or directory in /usr/bin/whups-mail-filter on line 73 
>>>>> PHP Fatal error: require_once(): Failed opening required 
>>>>> '/whups/lib/Application.php' 
>>>>> (include_path='.:/usr/share/php:/usr/share/pear') in 
>>>>> /usr/bin/whups-mail-filter on line 73 )
>>>>> ################
>>>>>
>>>>>
>>>>> Now I configure postfix for the dir, as root has it set:
>>>>> root at derdapp004 /etc/postfix # sudo -u postfix pear config-set -c 
>>>>> horde horde_dir /var/www/horde
>>>>> config-set (horde_dir, /var/www/horde, user) failed, channel 
>>>>> pear.horde.org
>>>>>
>>>>> uups... ?!?
>>>>> With that knowledge I searched again the all-knowing-heapdump and 
>>>>> found other horde user having that issue -which is a pear-issue, 
>>>>> not a horde issue.
>>>>> Daemon user do not have a interactive profile, so You !_have_! to 
>>>>> set it system wide from my point of view.
>>>>>
>>>>> root at derdapp004 /home # pear config-set -c horde horde_dir 
>>>>> /var/www/horde system
>>>>> config-set succeeded
>>>>>
>>>>> And again, we test:
>>>>> ##########################
>>>>> Mar  9 16:59:54 derdapp004 postfix/local[15508]: 4CC8340861: 
>>>>> to=<whups at localhost>, orig_to=<whups@[mydn.tld]>, relay=local, 
>>>>> delay=1, delays=0.06/0.03/0/0.95, dsn=5.3.0, status=bounced 
>>>>> (Command died with status 1: "/usr/bin/whups-mail-filter -g". 
>>>>> Command output: Fatal Error: No such backend "" found In 
>>>>> /var/www/horde/whups/lib/Factory/Driver.php on line 46 1. 
>>>>> Horde_Registry::appInit() 
>>>>> /usr/bin/whups-mail-filter:74              2. 
>>>>> Horde_Registry->pushApp() 
>>>>> /usr/share/php/Horde/Registry.php:299      3. 
>>>>> Horde_Registry->_pushAppError() 
>>>>> /usr/share/php/Horde/Registry.php:1640 4. 
>>>>> Horde_Registry::appInit() /usr/bin/whups-mail-filter:74 5. 
>>>>> Horde_Registry->pushApp() 
>>>>> /usr/share/php/Horde/Registry.php:299      6. 
>>>>> Horde_Registry->callAppMethod() 
>>>>> /usr/share/php/Horde/Registry.php:1635 7. call_user_func_array() 
>>>>> /usr/share/php/Horde/Registry.php:1197 8. 
>>>>> Horde_Registry_Application->init() 9. Whups_Application->_init() 
>>>>> /usr/share/php/Horde/Registry/Application.php:117 10. 
>>>>> Whups_Factory_Driver->create() 
>>>>> /var/www/horde/whups/lib/Application.php:49 )
>>>>>
>>>>> ##########################
>>>>>
>>>>> Here is my test mail for better debugging:
>>>>>
>>>>> ##########################
>>>>> root at derdapp001 ~ # sendmail whups@[mydn.tld]
>>>>> subject: Monitoring: test ticket
>>>>> data
>>>>> Hello World
>>>>> [CTRL]+d
>>>>> ##########################
>>>>>
>>>>> Let's give it a try on the local command line as postfix user:
>>>>> We create a little script:
>>>>> #################################
>>>>> 1 root at derdapp004 /tmp # cat testmail :(
>>>>> #!/bin/bash
>>>>> clear;
>>>>> echo "Hi, my name is $(whoami)";
>>>>> echo "from: root at derdapp001.[mydn.tld] _
>>>>> to: whups@[mydn.tld] _
>>>>> subject: Monitoring: test alert _
>>>>>  _
>>>>> hallo welt _
>>>>>  _
>>>>> "|whups-mail-filter -g -q monitoring;
>>>>> ######################################
>>>>>
>>>>> now we fire it as postfix:
>>>>> ####################################
>>>>> root at derdapp004 /tmp # sudo -u postfix /tmp/testmail
>>>>> learscreen]
>>>>> Hi, my name is postfix
>>>>>
>>>>> Message from syslogd at derdapp004 at Mar  9 17:28:18 ...
>>>>>  HORDE: No such backend "" found [pid 17708 on line 1679 of 
>>>>> "/usr/share/php/Horde/Registry.php"]
>>>>>
>>>>>   Fatal Error:
>>>>>   No such backend "" found
>>>>>   In /var/www/horde/whups/lib/Factory/Driver.php on line 46
>>>>>
>>>>>    1. Horde_Registry::appInit() /usr/bin/whups-mail-filter:74
>>>>>    2. Horde_Registry->pushApp() /usr/share/php/Horde/Registry.php:299
>>>>>    3. Horde_Registry->_pushAppError()
>>>>> /usr/share/php/Horde/Registry.php:1640
>>>>>    4. Horde_Registry::appInit() /usr/bin/whups-mail-filter:74
>>>>>    5. Horde_Registry->pushApp() /usr/share/php/Horde/Registry.php:299
>>>>>    6. Horde_Registry->callAppMethod()
>>>>> /usr/share/php/Horde/Registry.php:1635
>>>>>    7. call_user_func_array() /usr/share/php/Horde/Registry.php:1197
>>>>>    8. Horde_Registry_Application->init()
>>>>>    9. Whups_Application->_init()
>>>>> /usr/share/php/Horde/Registry/Application.php:117
>>>>>   10. Whups_Factory_Driver->create()
>>>>> /var/www/horde/whups/lib/Application.php:49
>>>>> ###################################
>>>>>
>>>>> Ok, give it a try on the root user:
>>>>>
>>>>> #######################################
>>>>> root at derdapp004 /tmp # ./testmail
>>>>> [clearscreen]
>>>>>
>>>>> Hi, my name is root
>>>>> Usage: whups-mail-filter [options]
>>>>>
>>>>> [bla bla bla]
>>>>>
>>>>>   Fatal Error:
>>>>>   --queue-name or --queue-id must specify a valid and public queue.
>>>>>      Available queues:
>>>>>
>>>>>   1. Horde_Cli->fatal() /usr/bin/whups-mail-filter:169
>>>>>
>>>>> ##########################################################
>>>>>
>>>>> WTF?!?!?
>>>>>
>>>>> Revert system pear setting:
>>>>> ####################################
>>>>> root at derdapp004 /tmp # pear config-set -c horde horde_dir '' system
>>>>> config-set succeeded
>>>>> ######################################
>>>>> again, local root test:
>>>>>
>>>>> #############################
>>>>> root at derdapp004 /tmp # ./testmail
>>>>> [clearscreen]
>>>>>
>>>>> [bla bla bla]
>>>>>
>>>>>   Fatal Error:
>>>>>   --queue-name or --queue-id must specify a valid and public queue.
>>>>>      Available queues:
>>>>>
>>>>>   1. Horde_Cli->fatal() /usr/bin/whups-mail-filter:169
>>>>>
>>>>> ###################################
>>>>>
>>>>> ok, last try, we check with the www-data:
>>>>>
>>>>> ##############################
>>>>> root at derdapp004 ~www # sudo -u www-data /tmp/testmail
>>>>> [clearscreen]
>>>>>
>>>>> Hi, my name is www-data
>>>>> root at derdapp004 ~www #
>>>>> ##############################
>>>>>
>>>>>
>>>>> Well... ok, what is now going on.
>>>>> Permission check on queue has been done.
>>>>> Full rights for guest (tuned up during debugging).
>>>>> So what is wrong here?
>>>>>
>>>>> *confused*
>>>>>
>>>>> Carsten
>>>>
>>>> Two things to rule out:
>>>>
>>>> - Use -Q instead of -q
>>>> - Try using -a
>>>>
>>> Hi,
>>> ok, changed the script like this:
>>> #################################
>>> root at derdapp004 /tmp # cat testmail :(
>>> #!/bin/bash
>>> clear;
>>> echo "Hi, my name is $(whoami)";
>>> echo "from: root at derdapp001.[mydn.tld] _
>>> to: whups@[mydn.tld] _
>>> subject: Monitoring: test alert _
>>>  _
>>> hallo welt _
>>>  _
>>> "|whups-mail-filter -g -Q 5 -a carsten@[mydn.tld];
>>> ###################################
>>> Check root user: OK
>>> Check www-data: OK
>>> Check postfix: failed
>>> ###############################
>>> Hi, my name is postfix
>>> PHP Warning: require_once(/var/www/horde/whups/lib/Application.php): 
>>> failed to open stream: Permission denied in 
>>> /usr/bin/whups-mail-filter on line 73
>>> PHP Fatal error:  require_once(): Failed opening required 
>>> '/var/www/horde/whups/lib/Application.php' 
>>> (include_path='.:/usr/share/php:/usr/share/pear') in 
>>> /usr/bin/whups-mail-filter on line 73
>>> ###############################
>>>
>>> Can You specify which files to check for permission settings?
>>> At the moment I have 744 on all directories at /var/www/horde
>>> and 745 on all files in the structure -I know a little insecure, but 
>>> it debugging time ;-)
>>>
>>> br
>>> Carsten
>>
>> /var/www/horde/whups/lib/Application.php is the file that cannot be 
>> opened due to permission problems.
>>
> Checked file permissions. As described above:
>
> ###################
> #
> root at derdapp004 ~www/horde/whups/lib # pwd
> /var/www/horde/whups/lib
> root at derdapp004 ~www/horde/whups/lib # ll Application.php
> -rwxr--r-x 1 www-data root 9169 Mar  7 11:33 Application.php
> ##
> ##################
>
> Let's check, what would be the output of a call of that file:
>
> #################
> ##
> root at derdapp004 ~www/horde/whups/lib # php -f Application.php
> root at derdapp004 ~www/horde/whups/lib #
> ##
> #################
>
> Now with postfix:
>
> #################
> ##
> root at derdapp004 ~www/horde # sudo -u postfix php -f 
> /var/www/horde/whups/lib/Application.php
> Could not open input file: /var/www/horde/whups/lib/Application.php
> #
> ##################
>
> Now I did a more intense check of the permissions, using
>
> ##############
> ##
> root at derdapp004 ~www/horde/whups/lib # sudo -u postfix ls 
> /var/www/horde/whups/lib
> ls: cannot access /var/www/horde/whups/lib: Permission denied
> root at derdapp004 ~www/horde/whups/lib # cd /var/www/horde
> root at derdapp004 ~www/horde # ll
> total 136
> [...snipp...]
> drwxr--r-- 13 www-data root  4096 Mar  7 11:33 whups
> ##
> ##############
>
> and bingo, a thing, I will never understand in the LX permission 
> context: You need execute to enter a directory
> Thinking about RBAC I solved it with this:
> 1st: create a group "www-horde"
> 2nd: put user postfix into that group
> 3rd: do a "chown -R www-data:www-horde /var/www/horde"
> 4th: do a "chmod -R 750 /var/www/horde"
> 5th: do another test:
>
> #################
> ##
> root at derdapp004 ~www/horde # sudo -u postfix /tmp/testmail
> learscreen]
> Hi, my name is postfix
> root at derdapp004 ~www/horde #
> ##
> #################
>
> Ticket created!! And now: be happy.... ;-)
>
> Thanks for You patients and help!!
>
> br
> Carsten

ok, back, where we have started. I've forgotten the test using the mail:
#######################
##

<whups at localhost> (expanded from <whups@[mydn.tld]>): Command died with
     status 255: "/usr/bin/whups-mail-filter -g -a carsten@[mydn.tld] -Q
     5". Command output: PHP Warning:
     require_once(/var/www/horde/whups/lib/Application.php): failed to open
     stream: Permission denied in /usr/bin/whups-mail-filter on line 73 PHP
     Fatal error:  require_once(): Failed opening required
     '/var/www/horde/whups/lib/Application.php'
     (include_path='.:/usr/share/php:/usr/share/pear') in
     /usr/bin/whups-mail-filter on line 73

##
#######################

*BöseFlüche*

What else have I missed?

br
Carsten


More information about the horde mailing list