0

In the process of updating MySQL on my FreeBSD server last week, I did a pkg upgrade and after my server rebooted itself last night, sendmail won't start:

/etc/mail # make start
Starting: sendmailShared object "libdb-6.1.so" not found, required by "sendmail"
 sendmail-clientmqueueShared object "libdb-6.1.so" not found, required by "sendmail"

I tried

# pkg upgrade sendmail
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
pkg: sendmail is not installed, therefore upgrade is impossible
Checking integrity... done (0 conflicting)
Your packages are up to date.

and

/usr/ports/mail/sendmail # make
===>  License Sendmail accepted by the user
===>  Found saved configuration for sendmail+tls+sasl2+db6-8.15.2
===>  sendmail+tls+sasl2+db5-8.15.2_3 depends on file: /usr/local/sbin/pkg - found
=> sendmail.8.15.2.tar.gz doesn't seem to exist in /usr/ports/distfiles/.
=> Attempting to fetch `ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz`
fetch: `ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz`: No route to host
=> Attempting to fetch `ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.15.2.tar.gz`
fetch: `ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.15.2.tar.gz`: Permission denied
=> Attempting to fetch `ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz`
fetch: `ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz`: No route to host
=> Couldn't fetch it - please try to retrieve this
=> port manually into /usr/ports/distfiles/ and try again.
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/mail/sendmail
*** Error code 1

Stop.
make: stopped in /usr/ports/mail/sendmail

I found it really odd there wasn't a route to ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz. I tried using traceroute but it seems the UDP packets are being blocked by ipfw which is set up to allow ICMP packets for traceroute. I found and installed tcptraceroute and checked the server address:

# tcptraceroute ftp7.freebsd.org
Selected device re0, address 100.0.193.99, port 47109 for outgoing packets
Tracing the path to ftp7.freebsd.org (212.219.56.184) on TCP port 80 (http), 30 hops max
1  lo0-100.BSTNMA-VFTTP-304.verizon-gni.net (100.0.193.1)  0.873 ms  4.060 ms  1.295 ms
2  B3304.BSTNMA-LCR-21.verizon-gni.net (100.41.201.13)  4.982 ms  2.465 ms  3.963 ms
3  * * *
4  * * *
5  0.ae7.GW10.EWR6.ALTER.NET (140.222.231.129)  13.909 ms  13.042 ms  16.170 ms
6  customer.customer.alter.net (157.130.91.86)  12.101 ms  13.999 ms  14.463 ms
7  nyk-bb2-link.telia.net (62.115.134.109)  12.736 ms  12.905 ms  10.899 ms
8  ldn-bb2-link.telia.net (213.155.133.6)  87.360 ms  90.585 ms  88.851 ms
9  ldn-b3-link.telia.net (62.115.137.197)  87.316 ms  86.608 ms  85.195 ms
10  jisc-ic-318433-ldn-b3.c.telia.net (62.115.148.159)  80.234 ms  81.564 ms  81.709 ms
11  ae29.londpg-sbr2.ja.net (146.97.33.2)  82.335 ms  80.600 ms  81.831 ms
12  ae30.londtw-sbr2.ja.net (146.97.33.6)  81.793 ms  80.232 ms  82.312 ms
13  kpsn.londtw-sbr2.ja.net (146.97.41.86)  82.862 ms  82.107 ms  82.119 ms
14  212.219.171.222  83.104 ms  85.585 ms  88.442 ms
15  www.mirrorservice.org (212.219.56.184) [open]  85.161 ms  83.739 ms  85.358 ms

I double-checked to be sure something hadn't changed while I wasn't looking, but make failed with the same "No route to host" error. I checked to see if the firewall was blocking the FTP connection:

# less /var/log/security
Aug 21 11:00:00 Dreamer newsyslog[20945]: logfile turned over due to size>100K
Aug 21 11:00:09 Dreamer kernel: ipfw: 56599 Deny TCP 123.59.55.92:48049 100.0.193.99:3128 in via re0
Aug 21 11:00:44 Dreamer kernel: ipfw: 56599 Deny TCP 93.174.95.87:36924 100.0.193.102:110 in via re0
Aug 21 11:00:47 Dreamer last message repeated 2 times
Aug 21 11:00:47 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:23489 212.219.56.184:21 out via re0
Aug 21 11:00:54 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:59597 212.219.56.184:21 out via re0
Aug 21 11:01:45 Dreamer kernel: ipfw: 56599 Deny TCP 182.191.88.195:45481 100.0.193.102:23 in via re0
Aug 21 11:01:48 Dreamer kernel: ipfw: 56599 Deny TCP 182.191.88.195:45481 100.0.193.102:23 in via re0
Aug 21 11:02:13 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:28015 212.219.56.184:21 out via re0
Aug 21 11:02:13 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:23314 209.246.26.16:21 out via re0
Aug 21 11:02:13 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:26752 212.219.56.184:21 out via re0
Aug 21 11:04:10 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:25337 212.219.56.184:21 out via re0
Aug 21 11:04:10 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:37933 209.246.26.16:21 out via re0
Aug 21 11:04:10 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:65061 212.219.56.184:21 out via re0

I then tried

# wget `ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz`
--2016-08-21 11:05:45--  `ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz`
  => 'sendmail.8.15.2.tar.gz'
Resolving ftp7.freebsd.org (ftp7.freebsd.org)... 212.219.56.184, 2001:630:341:12::184
Connecting to ftp7.freebsd.org (ftp7.freebsd.org)|212.219.56.184|:21... failed: Permission denied.
Connecting to ftp7.freebsd.org (ftp7.freebsd.org)|2001:630:341:12::184|:21... failed: No route to host.

It seems the "No route to host" message is a red herring - the real problem is "Permission denied" on the IPV4 connection.

When I paste the URL ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz into my browser, I get an error dialog saying "550 Failed to change directory." When I connect to ftp7.freebsd.org using WinSCP and navigate to /pub/FreeBSD/ports/distfiles/ I find a README.txt that says

Our distfiles cache has been moved to:

`http://distcache.FreeBSD.org/ports-distfiles/`

distfiles can be fetched by name from there, as specified
in the corresponding port that uses it.

I just re-ran portsnap fetch update (again, for the nth time this week), then tried make again in the sendmail ports directory - and got the same FTP failure.

If the distfiles cache has been moved, why is make in a port directory still using the old path when attempting to fetch the distfiles for the port?

Also, when I try to navigate to http://distcache.freebsd.org/ports-distfiles/ with my browser, I get a 403 Forbidden error page from nginx.

Because of the problems described above, I am unable to retrieve the sendmail distribution files, so I tried

# pkg install sendmail
Updating FreeBSD repository catalogue...
Fetching meta.txz: 100%  944 B  0.9kB/s  00:01
Fetching packagesite.txz: 100%  6 MiB  5.8MB/s  00:01
Processing entries: 100%
FreeBSD repository update completed. 25584 packages processed.
Updating database digests format: 100%
pkg: No packages available to install matching 'sendmail' have been found in the repositories

I've also posted this at https://forums.freebsd.org/threads/57359/ but haven't gotten any usable replies.

I can't get the sendmail port's distribution files, and there isn't a package available, so at the moment I'm in a really difficult position because this is a PRODUCTION server that blew up!.

What do I have to do to get sendmail working again?

# uname -a
FreeBSD Dreamer.FKEinternet.net 10.2-RELEASE FreeBSD 10.2-RELEASE #0: Mon Oct  5 23:53:36 EDT 2015  root@Dreamer.FKEinternet.com.:/usr/obj/usr/src/sys/GENERIC  amd64
FKEinternet
  • 291
  • 2
  • 4
  • 10

2 Answers2

0

I found out what I did wrong - I didn't qualify the sendmail package properly: pkg install mail/sendmail got me back up and running.

FKEinternet
  • 291
  • 2
  • 4
  • 10
0

This works

# wget http://distcache.FreeBSD.org/ports-distfiles/sendmail.8.15.2.tar.gz
--2016-08-21 17:47:28--  http://distcache.freebsd.org/ports-distfiles/sendmail.8.15.2.tar.gz
Resolving distcache.freebsd.org (distcache.freebsd.org)... 96.47.72.71, 2610:1c1:1:606c::50:1
Connecting to distcache.freebsd.org (distcache.freebsd.org)|96.47.72.71|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2207417 (2.1M) [application/octet-stream]
Saving to: ‘sendmail.8.15.2.tar.gz’

sendmail.8.15.2.tar.gz                                     100%[======================================================================================================================================>]   2.10M  2.37MB/s    in 0.9s    

2016-08-21 17:47:28 (2.37 MB/s) - ‘sendmail.8.15.2.tar.gz’ saved [2207417/2207417]

You can change the server ports uses with an variable. I'm not sure how to make the change permanent (what config file to change). It sounds like it's in the Makefile(s).

https://www.freebsd.org/doc/handbook/ports-using.html

In rare cases, such as when an organization has a local distfiles repository, the MASTER_SITES variable can be used to override the download locations specified in the Makefile. When using, specify the alternate location:

# cd /usr/ports/directory
# make MASTER_SITE_OVERRIDE=ftp://ftp.organization.org/pub/FreeBSD/ports/distfiles/ fetch

So you could do something like this

# cd /usr/ports/mail/sendmail
# make MASTER_SITE_OVERRIDE=http://distcache.FreeBSD.org/ports-distfiles/ fetch

I wish I know more about ports, but I'd don't run FreeBSD. I don't think it makes sense to compile every package that you install on your system. I bet sendmail is in the package management repos somewhere if you look around.

Ryan Babchishin
  • 6,160
  • 2
  • 16
  • 36