Postfix logging some OTP related permission denied messages

Ashish Shukla आशीष शुक्ल wahjava.ml at gmail.com
Sun Jun 29 15:12:36 UTC 2008 

,--- Michael Powell writes:
| आशीष शुक्ल Ashish Shukla wrote:

|| Hi,
|| 
|| I'm running 7.0-RELEASE-p2 (amd64). I'm running Postfix 2.5.1_2,1 mail
|| server instead of the default Sendmail which ships with base distribution.
|| 
|| My mail server is working fine with no issues except that I noticed that
|| some messages in /var/log/messages:
|| 
----| 8---->8----
|| Jun 29 03:12:45 chateau postfix/smtpd[1159]: OTP unavailable because can't
|| read/write key database /etc/opiekeys: Permission denied Jun 29 03:18:22
|| chateau postfix/smtpd[1535]: OTP unavailable because can't read/write key
|| database /etc/opiekeys: Permission denied Jun 29 03:23:55 chateau
|| postfix/smtpd[1873]: OTP unavailable because can't read/write key database
|| /etc/opiekeys: Permission denied Jun 29 04:18:25 chateau
|| postfix/smtpd[78118]: OTP unavailable because can't read/write key
|| database /etc/opiekeys: Permission denied Jun 29 16:07:11 chateau
|| postfix/smtpd[1712]: OTP unavailable because can't read/write key database
|| /etc/opiekeys: Permission denied Jun 29 16:07:17 chateau
|| postfix/smtpd[1712]: OTP unavailable because can't read/write key database
|| /etc/opiekeys: Permission denied Jun 29 16:13:30 chateau
|| postfix/smtpd[2125]: OTP unavailable because can't read/write key database
|| /etc/opiekeys: Permission denied ----8<----8<----
|| 
|| I've not done anything explicitly to turn on support for One-time
|| passwords in my system.
|| 
|| Any ideas, reasons behind these messages ?
|| 
|| TIA

| Greetings:

| I've seen some suggestions which involve making changes for allowing the
| access to the files, but my thoughts are if you are not making use of this
| feature this would be tantamount to a small form of security violation.

| The shortcut is probably just to give the group 'mail' rw permissions to
| opiekeys and don't overly muck with a config that works correctly.

| If when you installed Postfix it installed cyrus-sasl as a dependency you
| might try going into /usr/ports/security/cyrus-sasl2 and doing make config
| and clearing the checkbox option near the bottom "OTP Enable OTP auth",
| then make deinstall, and make reinstall.

Reinstall cyrus-sasl2 without OTP support worked, and now no more OTP
related messages.

| -Mike

Thanks :)
-- 
·-- ·- ···· ·--- ·- ···- ·- ·--·-· --· -- ·- ·· ·-·· ·-·-·- -·-· --- --
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20080629/54832f2c/attachment.pgp

More information about the freebsd-questions mailing list