著者: Chris Zimmerman 日付: To: exim-users, Chris Zimmerman 題目: Re: [exim] Failed to read delivery status
On Sat, Oct 18, 2008 at 4:09 PM, Phil Pennock <exim-users@???>wrote:
> On 2008-09-30 at 19:00 -0400, Chris Zimmerman wrote:
> [ delivery subprocesses failing ]
> > Has anyone any thoughts on this at all? I'm not sure where to proceed.
>
> I've just managed to replicate your problem. I'm not sure that it will
> help you though, as in my case it was an example of PEBKAC.
>
> Rebuilding my colo box, second attempt (don't ask) I managed to mess up
> the mount options on my devices. Uhm, I'd had less than 2 hours sleep
> after a week of short sleep, but my cognac-bribed local hands-on was
> there so ... I ended up putting the mount options for /var on /usr.
>
> Having /usr mounted nosuid is Not A Good Plan.
>
> In particular, when Exim comes to re-exec itself it fails, despite being
> setuid. During the first attempt, it was running as exim before trying
> to regain privileges. During the queue-run, it hasn't dropped
> privileges so doesn't need to try to regain them.
>
> Any chance that the problem you're seeing might have a similar cause,
> such as lack of setuid bit on the binary or obnoxious mount options?
>
> -Phil
>
That is certainly a possibility as I went ahead and just imaged a new
machine and transferred over the accounts. Haven't seen the issue since. It
was ongoing since the previous machine was built a few months ago.