Error on starting SASL and STARTTLS
Paul Howarth
paul at city-fan.org
Fri Oct 1 14:15:09 UTC 2004
antonio.nunes at lifefoundation.plus.com wrote:
> I've just tried to get secure smtp going on port 25 with sendmail on a
> Fedora Core 2 server. After ironing out some initial problems there seems
> to be one last I can't resolve. I can't get TLS to actually work. The
> sendmail log show the following:
>
> Sep 28 17:27:51 mail sendmail[8606]: error:
> safesasl(/usr/lib/sasl2/Sendmail.conf) failed: World writable directory
> Sep 28 17:27:51 mail sendmail[8606]: error:
> safesasl(/usr/lib/sasl2/libanonymous.so.2) failed: World writable
> directory
> Sep 28 17:27:51 mail sendmail[8606]: error:
> safesasl(/usr/lib/sasl2/libdigestmd5.so.2) failed: World writable
> directory
> Sep 28 17:27:51 mail sendmail[8606]: error:
> safesasl(/usr/lib/sasl2/libsasldb.so.2) failed: World writable directory
> Sep 28 17:27:51 mail sendmail[8606]: error:
> safesasl(/usr/lib/sasl2/liblogin.so.2) failed: World writable directory
> Sep 28 17:27:51 mail sendmail[8606]: error:
> safesasl(/usr/lib/sasl2/libcrammd5.so.2) failed: World writable directory
> Sep 28 17:27:51 mail sendmail[8606]: error:
> safesasl(/usr/lib/sasl2/libplain.so.2) failed: World writable directory
> Sep 28 17:27:51 mail sendmail[8691]: starting daemon (8.12.11):
> SMTP+queueing at 01:00:00
> Sep 28 17:27:51 mail sendmail[8691]: STARTTLS=server: file
> /usr/share/ssl/certs/sendmail.pem unsafe: World writable directory
>
> I've tried making the sasl2 directory and the certs directory only
> writable by root but to no avail. The files listed in sasl2 are linked and
> the symbolic links do not seem to want to change with chown whatever I
> try.
>
> I'd much appreciate it if anybody could help me out here.
What is the output of:
ls -ld / /usr /usr/lib /usr/lib/sasl2 /usr/share /usr/share/ssl
/usr/share/ssl/certs
(that's all one line)
Sendmail will complain if any of these directories are world-writable.
On my machine, I get:
drwxr-xr-x 23 root root 4096 Sep 16 07:36 /
drwxr-xr-x 16 root root 4096 Sep 14 22:33 /usr
drwxr-xr-x 53 root root 36864 Oct 1 04:08 /usr/lib
drwxr-xr-x 2 root root 4096 Sep 13 08:10 /usr/lib/sasl2
drwxr-xr-x 126 root root 4096 Sep 3 14:54 /usr/share
drwxr-xr-x 7 root root 4096 Jun 21 10:16 /usr/share/ssl
drwxr-xr-x 2 root root 4096 Sep 27 19:58 /usr/share/ssl/certs
Paul (fellow PlusNet user).
More information about the fedora-list
mailing list