Question about NSS, clustering Postfix over NSS shared vol.

antoniogutierre · ‎2012-01-10

Hi all!

I have a question related to NSS. I am thinking to deploy an antispam server
using Postfix, spam assassin, clam av, etc. So the first step on my implementation
is to port Postfix to a cluster-service using NCS and move the Postfix queue to a shared
volume, on a NSS volume from a SAN. So, here is the problem. I didnt have any problems
migrating MySQL to a resource and the data dir to a shared NSS volume but with Postfix
I am having a lot of problems moving the queue dir to a NSS filesystem.

I think that the problem comes to the special file types like sockets, named pipes, etc.
I have set up the users on LUM and assigned it on the NSS file system with rights command,
but when Postfix tries to start, I have this error:

host postfix/master[15616]: fatal: fifo_listen: create fifo public/pickup: Operation not permitted

I'm afraid that the problem is that pickup is a special file. So the question basically is, is
NSS able to manage this type of files? I am doing well moving the queue dir to a
NSS shared volume?

And, finally, If this could not be possible, Could I use a ext3 filesystem over NSS? I am a little
lost about that...

So much thanks!

warper2 · ‎2012-01-10

antoniogutierrez wrote:

>
> Hi all!
>
> I have a question related to NSS. I am thinking to deploy an antispam
> server
> using Postfix, spam assassin, clam av, etc. So the first step on my
> implementation
> is to port Postfix to a cluster-service using NCS and move the Postfix
> queue to a shared
> volume, on a NSS volume from a SAN. So, here is the problem. I didnt
> have any problems
> migrating MySQL to a resource and the data dir to a shared NSS volume
> but with Postfix
> I am having a lot of problems moving the queue dir to a NSS
> filesystem.
>
> I think that the problem comes to the special file types like sockets,
> named pipes, etc.
> I have set up the users on LUM and assigned it on the NSS file system
> with rights command,
> but when Postfix tries to start, I have this error:
>
> host postfix/master[15616]: fatal: fifo_listen: create fifo
> public/pickup: Operation not permitted
>
> I'm afraid that the problem is that pickup is a special file. So the
> question basically is, is
> NSS able to manage this type of files? I am doing well moving the queue
> dir to a
> NSS shared volume?
>
> And, finally, If this could not be possible, Could I use a ext3
> filesystem over NSS? I am a little
> lost about that...
>
> So much thanks!
>
>

I would try and have the socket file to be local to the machine. Mysql sets
up the same way when clustering. I have never even tried to get socket files
to load on an nss volume. There really is not a reason to do that.

Anonymous_User · ‎2012-01-10

On 10.01.2012 17:36, antoniogutierrez wrote:
>
> Hi all!
>
[...]
>
> I think that the problem comes to the special file types like sockets,
> named pipes, etc.
> I have set up the users on LUM and assigned it on the NSS file system
> with rights command,
> but when Postfix tries to start, I have this error:
>
> host postfix/master[15616]: fatal: fifo_listen: create fifo
> public/pickup: Operation not permitted

Maybe postfix start with lokal postfix user id and not LUM User ID?

Show this 2 commands always the same userid?

id postfix
namuserlist postfix

is there a different postfixuser in /etc/password active?

grep postfix /etc/password

what is the userid where postfix "qmgr" running?

ps aunx | grep qmgr

what userid is used in in the filesystem for the /var/spool/postfix
directory?

ls -anl /var/spool/postfix/

Maybe you got some hint's and i can help you a little bit.

regards
Thomas

antoniogutierre · ‎2012-01-11

Hi Thomas, thank you for your reply. I think that the setup for LUM is ok, I have deactivated the
local "postfix" user and it's coming from LUM:

cmsa1:~ # namuserlist postfix
postfix:x:619:603::/home/postfix:/bin/bash
cmsa1:~ # id postfix
uid=619(postfix) gid=603(postfix1) groups=603(postfix1)
cmsa1:~ #
cmsa1:~ # grep postfix /etc/passwd
#postfix:x:51:51:Postfix Daemon:/var/spool/postfix:/bin/false

Now postfix is configured to use the "postfix" user: (/etc/postfix/main.cf)

mail_owner = postfix

So, I think that everything is fine, but the problem comes when postfix tries to create the public/pickup file:

cmsa1 postfix/master[16829]: fatal: fifo_listen: create fifo public/pickup: Operation not permitted

I think that the problem is the special file...

antoniogutierre · ‎2012-01-11

Hi warper2, thank you for your reply. So, you are right, in MySQL special
files like sockets stands on /var/lib/mysql, here the problem is easy because
when you setup MySQL on cluster you said to mysql load script to store
the socket file on a local directory. I think that I could set up postfix to store the socket and named
pipes files outside the queue directory, using links, but I dont know if its the better
solution.

The main reason to store the queue dir on a NSS volume comes because if a node
hangs up, the messages could be sended on the other node... but this is an assumption 🙂

Thank you!

Native File Access