-1

I have a script that handles piped emails and sends out automatic responses. This script has been working fine for over a year, yet after my host upgraded to cPanel 11.38.2 my script fails to send email:

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  pipe to |/home/user/public_html/email_proc.php
    generated by email@domain.com

The following text was generated during the delivery attempt:

------ pipe to |/home/user/public_html/email_proc.php
       generated by email@domain.com ------

2013-12-24 10:36:27 [6] Cannot open main log file "/var/log/exim_mainlog": Read-only file system: euid=0 egid=32007
2013-12-24 10:36:27 [6] cwd=/home/user/public_html/ 5 args: /usr/sbin/sendmail -t -i -f email@domain.com
2013-12-24 10:36:27 [6] Cannot open main log file "/var/log/exim_mainlog": Read-only file system: euid=0 egid=32007
exim: could not open panic log - aborting: see message(s) above

I've been going back and forth with the host provider since I don't have ssh access I can't see exactly what is going on, but they insist it is a cPanel or php bug and is out of their control. Then they created a test email account and found the mail server is working fine, but I keep telling them there is something going on with their php library access configuration not the mail server itself.

Can someone provide some suggestions on either:

  1. How I could try to track this down with limited server access.

  2. Suggestions for the technical support to try to fix the problem?

Thanks!

Further testing shows that this problem is specific to the cPanel email pipe. If the script is run directly via Apache everything works fine. If it is run via the pipe with exec it fails. If anyone could make a suggestion it would be appreciated. This seems to be beyond the knowledge of the admin staff.

user6972
  • 107
  • 4
  • Looks like exim after upgrade use different uid/gid. At least exim can't access logfiles (or containing directory) and has no permission to run script `email-proc.php`. – Kondybas Dec 25 '13 at 08:00
  • "Read-only file system" is blatantly obvious. Your system administrator needs to fix this. – Michael Hampton Dec 25 '13 at 08:20
  • @MichaelHampton They claim to have set all the permissions. I've suggested they make sure the php daemons have proper group access too. I'm not sure how this is off topic as I've hired professionals who don't seem to be up to the task. Now I'm seeking further assistance. – user6972 Dec 25 '13 at 08:53
  • Again, this has nothing to do with permissions. – Michael Hampton Dec 25 '13 at 16:50
  • @MichaelHampton apparently it has to due with permissions allowed to exim under newer cPanel versions. See edit. – user6972 Dec 25 '13 at 22:35

1 Answers1

0

UPDATE for others who encounter this problem on shared systems that are jailshell or noshell:

cPanel 11.38 now forces strict rules The second and third items effect piped mail applications.

  • Filesystems mounted within virtfs are now mounted nosuid.
  • Most Filesystems mounted within virtfs are now mounted read-only on CentOS 6, CloudLinux 6, RHEL 6, or later
  • The mail delivery system has been updated to be aware of jailshell and now runs all piped deliveries though jailshell
  • Users of mod_ruid2 can now enable “Jailed apache” support which will chroot() each virtual host into their virtfs.
  • Cron jobs are now run with jailshell.

Turns out this problem is related to a cPanel bug fixed in 11.40.1:

Fixed case 80437: Fix jailshell recursive mount readonly fs problem

If a filesystem designated as a read/write virtfs mount existed on the system as a separate filesystem, it would also be treated as a recursive mount causing it to inherit the parent filesystem's ro or rw status without regard for the mount flags specified for the filesystem in question.

user6972
  • 107
  • 4