Bug 1778424

Summary: OpenSMTPD Does not deliver offline messages
Product: [Fedora] Fedora Reporter: Alexander E. Patrakov <patrakov>
Component: opensmtpdAssignee: Denis Fateyev <denis>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 31CC: denis
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: opensmtpd-6.6.2p1-1.fc30 opensmtpd-6.6.2p1-1.fc31 opensmtpd-6.6.2p1-1.el8 Doc Type: ---
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-02-09 01:03:59 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Alexander E. Patrakov 2019-11-30 23:05:11 UTC 
Description of problem:

I was surprised (on Debian) that OpenSMTPD lost a cron mail that cron managed to submit while smtpd was not running (stopped temporarily for maintenance). I expected smtpd to send it later, when I start it, but the message just kept sitting in /var/spool/smtpd/offline. Then I retested this on Fedora 31, and found that it is also affected.

Version-Release number of selected component (if applicable): opensmtpd-6.0.3p1-8

# ls -l /etc/alternatives/mta
lrwxrwxrwx 1 root root 28 Nov 29 13:59 /etc/alternatives/mta -> /usr/sbin/sendmail.opensmtpd

How reproducible: always

Steps to Reproduce:

1. dnf install opensmtpd
2. systemctl start opensmtpd  # so that it creates the hierarchy under /var/spool/smtpd
3. systemctl stop opensmtpd  # let's pretend it was stopped and forgotten by accident
4. Use a text editor co create a "mail.txt" file, containing some valid mail headers, a blank line, and a body, suitable for submission to sendmail
5. sendmail -f you -t < mail.txt
6. As a user, it says "cannot create temporary file /var/spool/smtpd/offline/1575154903.XXXXMn5Om8: Permission denied". As root, it returns error code 75 and puts the email into /var/spool/smtpd/offline, as expected
7. systemctl start opensmtpd

Actual results: the offline message sits in /var/spool/smtpd/offline forever.

Expected results: smtpd should pick up the offline message and send it out.

Additional info:

This has been traced to the fact that the package installs /usr/sbin/smtpctl (pointed to by /usr/sbin/sendmail.opensmtpd) with the wrong permissions. Upstream expects /usr/sbin/smtpctl to be setgid to the same group that owns /var/spool/smtpd/offline, while Fedora's package installs it setgid root.

See:

# ls -ld /var/spool/smtpd/offline/
drwxrwx--- 2 root smtpq 6 Nov 29 14:04 /var/spool/smtpd/offline/

Upstream code that checks permissions on offline queue files: https://github.com/OpenSMTPD/OpenSMTPD/blob/c139eb1610e931739d6cde4194c9560124b08165/smtpd/smtpd.c#L1604

Upstream fix: https://github.com/OpenSMTPD/OpenSMTPD/commit/e02d05d2ec470899363de4be658aca26de5a2466
Comment 1 Fedora Update System 2020-01-31 13:13:17 UTC 
FEDORA-EPEL-2020-5f15009f1d has been submitted as an update to Fedora EPEL 8. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-5f15009f1d
Comment 2 Fedora Update System 2020-01-31 13:13:18 UTC 
FEDORA-2020-a861033a4d has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2020-a861033a4d
Comment 3 Fedora Update System 2020-01-31 13:13:19 UTC 
FEDORA-2020-270ef80e9e has been submitted as an update to Fedora 30. https://bodhi.fedoraproject.org/updates/FEDORA-2020-270ef80e9e
Comment 4 Fedora Update System 2020-02-01 01:05:07 UTC 
libasr-1.0.4-1.fc30, opensmtpd-6.6.2p1-1.fc30 has been pushed to the Fedora 30 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-270ef80e9e
Comment 5 Fedora Update System 2020-02-01 01:36:26 UTC 
libasr-1.0.4-1.el8, opensmtpd-6.6.2p1-1.el8 has been pushed to the Fedora EPEL 8 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-5f15009f1d
Comment 6 Fedora Update System 2020-02-01 02:03:16 UTC 
libasr-1.0.4-1.fc31, opensmtpd-6.6.2p1-1.fc31 has been pushed to the Fedora 31 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-a861033a4d
Comment 7 Fedora Update System 2020-02-09 01:03:59 UTC 
libasr-1.0.4-1.fc30, opensmtpd-6.6.2p1-1.fc30 has been pushed to the Fedora 30 stable repository. If problems still persist, please make note of it in this bug report.
Comment 8 Fedora Update System 2020-02-09 01:31:42 UTC 
libasr-1.0.4-1.fc31, opensmtpd-6.6.2p1-1.fc31 has been pushed to the Fedora 31 stable repository. If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Update System 2020-02-16 00:16:37 UTC 
libasr-1.0.4-1.el8, opensmtpd-6.6.2p1-1.el8 has been pushed to the Fedora EPEL 8 stable repository. If problems still persist, please make note of it in this bug report.