Troubles starting fetchmail from init scripts

Daniel J Walsh dwalsh at redhat.com
Sat Mar 20 10:01:19 UTC 2010 

On 03/19/2010 08:53 PM, Jonathan Ryshpan wrote:
> On Fri, 2010-03-19 at 14:39 -0700, Craig White wrote:
>    
>> On Fri, 2010-03-19 at 14:08 -0700, Jonathan Ryshpan wrote:
>>      
>>> On Fri, 2010-03-19 at 15:02 -0500, Steven Stern wrote:
>>>        
>>>> On 03/19/2010 02:52 PM, Jonathan Ryshpan wrote:
>>>>          
>>>>> I have a little script to start fetchmail, which is activated in
>>>>> rc.local.  It runs perfectly when started from a root login; but it
>>>>> fails when started from rc.local.
>>>>>
>>>>> Here is the info:
>>>>> =========================== Scripts Start ===========================
>>>>>          $ more rc.local fetchmail-start
>>>>>          ::::::::::::::
>>>>>          rc.local
>>>>>          ::::::::::::::
>>>>>          #!/bin/sh
>>>>>          #
>>>>>          # This script will be executed *after* all the other init scripts.
>>>>>          # You can put your own initialization stuff in here if you don't
>>>>>          # want to do the full Sys V style init stuff.
>>>>>
>>>>>          # Fork a script that will start fetchmail for jonrysh in a few seconds
>>>>>          /etc/rc.d/fetchmail-start
>>>>>
>>>>>          touch /var/lock/subsys/local
>>>>>          ::::::::::::::
>>>>>          fetchmail-start
>>>>>          ::::::::::::::
>>>>>          #!/bin/sh
>>>>>          #
>>>>>          # Start fetchmail for jonrysh
>>>>>
>>>>>          su jonrysh -c 'sleep 5; fetchmail'
>>>>>
>>>>> =========================== Messages Start ===========================
>>>>> Fetchmail emits the following error message and fails:
>>>>>          fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied
>>>>>
>>>>> What's happening?  How can it be fixed?
>>>>>            
>>>        
>>>> The perms on /home/jonrysh/.fetchmailrc need to be 600, with ownership
>>>> given to jonrysh:jonrysh
>>>>          
>>> Everything is as you recommend.  Note that the scheme works when invoked
>>> from a command window running a shell as root, but not from the init
>>> script.
>>>
>>>        
>>>> You could also start it without the su by adding it to your own crontab:
>>>>    @reboot sleep 30&  fetchmail
>>>>          
>>> Thanks, I'll try this.  But I'd still like to know what's the reason for
>>> the permission failure when running out of rc.local .  SELinux issues?
>>>
>>>        
>> ----
>> this works for me (in rc.local)...
>>
>> /bin/su - craig -c '/usr/bin/fetchmail'&
>>      
> I tried it, and now things are worse than before.  The startup script
> now reads:
>          #!/bin/sh
>          #
>          # Start fetchmail for jonrysh
>
>          su - jonrysh -c 'sleep 5; fetchmail'
>
> Now there's an additional error in boot.log:
>          ...
>          Starting atd:                                              [
>          OK  ]
>          Error opening display!
>          fetchmail: open: /home/jonrysh/.fetchmailrc: Permission denied
>
> The display did actually start OK after a short delay.  It's a mystery
> to me.
>
> Thanks to all - jon
>
>
>
>
>    
Check to see if there are SELinux AVC messages in /var/log/audit/audit.log

# grep fetchmail /var/log/audit/audit.log

Also instead of using su, use runuser  (Same thing except runuser does 
not use the pam stack.)

More information about the users mailing list