Highlighted
antoniogutierre Absent Member.
Absent Member.
1617 views

Question about NSS, clustering Postfix over NSS shared vol.

Hi all!

I have a question related to NSS. I am thinking to deploy an antispam server
using Postfix, spam assassin, clam av, etc. So the first step on my implementation
is to port Postfix to a cluster-service using NCS and move the Postfix queue to a shared
volume, on a NSS volume from a SAN. So, here is the problem. I didnt have any problems
migrating MySQL to a resource and the data dir to a shared NSS volume but with Postfix
I am having a lot of problems moving the queue dir to a NSS filesystem.

I think that the problem comes to the special file types like sockets, named pipes, etc.
I have set up the users on LUM and assigned it on the NSS file system with rights command,
but when Postfix tries to start, I have this error:

host postfix/master[15616]: fatal: fifo_listen: create fifo public/pickup: Operation not permitted

I'm afraid that the problem is that pickup is a special file. So the question basically is, is
NSS able to manage this type of files? I am doing well moving the queue dir to a
NSS shared volume?

And, finally, If this could not be possible, Could I use a ext3 filesystem over NSS? I am a little
lost about that...

So much thanks!
Labels (1)
Tags (2)
0 Likes
4 Replies
warper2 Outstanding Contributor.
Outstanding Contributor.

Re: Question about NSS, clustering Postfix over NSS shared vol.

antoniogutierrez wrote:

>
> Hi all!
>
> I have a question related to NSS. I am thinking to deploy an antispam
> server
> using Postfix, spam assassin, clam av, etc. So the first step on my
> implementation
> is to port Postfix to a cluster-service using NCS and move the Postfix
> queue to a shared
> volume, on a NSS volume from a SAN. So, here is the problem. I didnt
> have any problems
> migrating MySQL to a resource and the data dir to a shared NSS volume
> but with Postfix
> I am having a lot of problems moving the queue dir to a NSS
> filesystem.
>
> I think that the problem comes to the special file types like sockets,
> named pipes, etc.
> I have set up the users on LUM and assigned it on the NSS file system
> with rights command,
> but when Postfix tries to start, I have this error:
>
> host postfix/master[15616]: fatal: fifo_listen: create fifo
> public/pickup: Operation not permitted
>
> I'm afraid that the problem is that pickup is a special file. So the
> question basically is, is
> NSS able to manage this type of files? I am doing well moving the queue
> dir to a
> NSS shared volume?
>
> And, finally, If this could not be possible, Could I use a ext3
> filesystem over NSS? I am a little
> lost about that...
>
> So much thanks!
>
>


I would try and have the socket file to be local to the machine. Mysql sets
up the same way when clustering. I have never even tried to get socket files
to load on an nss volume. There really is not a reason to do that.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: Question about NSS, clustering Postfix over NSS shared vol.

On 10.01.2012 17:36, antoniogutierrez wrote:
>
> Hi all!
>

[...]
>
> I think that the problem comes to the special file types like sockets,
> named pipes, etc.
> I have set up the users on LUM and assigned it on the NSS file system
> with rights command,
> but when Postfix tries to start, I have this error:
>
> host postfix/master[15616]: fatal: fifo_listen: create fifo
> public/pickup: Operation not permitted


Maybe postfix start with lokal postfix user id and not LUM User ID?

Show this 2 commands always the same userid?

id postfix
namuserlist postfix

is there a different postfixuser in /etc/password active?

grep postfix /etc/password

what is the userid where postfix "qmgr" running?

ps aunx | grep qmgr

what userid is used in in the filesystem for the /var/spool/postfix
directory?

ls -anl /var/spool/postfix/


Maybe you got some hint's and i can help you a little bit.

regards
Thomas






0 Likes
antoniogutierre Absent Member.
Absent Member.

Re: Question about NSS, clustering Postfix over NSS shared v

Hi Thomas, thank you for your reply. I think that the setup for LUM is ok, I have deactivated the
local "postfix" user and it's coming from LUM:

cmsa1:~ # namuserlist postfix
postfix:x:619:603::/home/postfix:/bin/bash
cmsa1:~ # id postfix
uid=619(postfix) gid=603(postfix1) groups=603(postfix1)
cmsa1:~ #
cmsa1:~ # grep postfix /etc/passwd
#postfix:x:51:51:Postfix Daemon:/var/spool/postfix:/bin/false


Now postfix is configured to use the "postfix" user: (/etc/postfix/main.cf)

mail_owner = postfix


So, I think that everything is fine, but the problem comes when postfix tries to create the public/pickup file:

cmsa1 postfix/master[16829]: fatal: fifo_listen: create fifo public/pickup: Operation not permitted


I think that the problem is the special file...
0 Likes
antoniogutierre Absent Member.
Absent Member.

Re: Question about NSS, clustering Postfix over NSS shared v

Hi warper2, thank you for your reply. So, you are right, in MySQL special
files like sockets stands on /var/lib/mysql, here the problem is easy because
when you setup MySQL on cluster you said to mysql load script to store
the socket file on a local directory. I think that I could set up postfix to store the socket and named
pipes files outside the queue directory, using links, but I dont know if its the better
solution.

The main reason to store the queue dir on a NSS volume comes because if a node
hangs up, the messages could be sended on the other node... but this is an assumption 🙂

Thank you!
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.