Ubuntu 16.04.1 – cron mail not working

September 19, 2016

I recently ran into a strange issue. I wasn’t getting mail from cron – even though I could mail myself locally without incident. My cron daemon was running fine, and I had MAILTO=user specified in the crontab.

The first piece of advice everyone says when you search about this is “make sure you can send mail to yourself.” And I could – using mail or mailx and sending to andrew. And if you try searching for help after that, you get lost in the weeds of people trying to send mail to Gmail, and setting up postfix, and going insane.

After a little poking around, I noticed this in my /var/log/mail.log:

Sep 12 04:28:01 myserver postfix/qmgr[2902]: A292710059B: 
   from=<root@myserver.mydomain.com>, size=800, nrcpt=1 (queue active)
Sep 12 04:28:01 myserver postfix/error[20839]: A292710059B:
   to=<andrew@myserver.mydomain.com>, orig_to=<andrew>, relay=none, delay=1.4,
   delays=1/0.12/0/0.25, dsn=5.0.0, status=bounced (myserver.mydomain.com)

I’ve been faking my domain name and it looks like when I upgraded to Ubuntu 16.04.1 things stopped working. (I have a sneaking suspicion that the upgrade process yanked the domain address out of /etc/hosts. But maybe cron changed and started using my FQDN instead of my local mail address.)

But even after changing my hosts file from: myserver

to: myserver myserver.mydomain.com

things weren’t mailing again. I finally changed my crontab to MAILTO=andrew@localhost instead. But that seems kind of bogus. If you’ve got better ideas (/etc/mailname maybe?) let me know.

Final cleanup for the ALIX firewall

July 6, 2012

Finally, there are a few things that I either forgot to do or that make life easier.

Setting up localtime
By defaut, /etc/localtime is set to Alberta, where OpenBSD has its home. I need to set it to somewhere closer.

rm /etc/localtime; ln -s /usr/share/zoneinfo/US/Mountain /etc/localtime

Now date shows the correct time.

I wrote a script to make the LEDs move back and forth. I start this at boot. (In an earlier version of the firewall, I edited /etc/rc to turn LEDs on when certain thresholds had been passed in the boot process. But now I don’t want to muck up /etc/rc so much.)

First of all, you need to allow the ports to be written before OpenBSD gets all secure on you. Edit /etc/rc.securelevel and add:

# Place local actions here.
echo -n 'enabling LED pins'
gpioctl -q /dev/gpio0 6 set out iout
gpioctl -q /dev/gpio0 25 set out iout
gpioctl -q /dev/gpio0 27 set out iout

I got these numbers from the Status LEDs section of the ALIX manual.

Then create /usr/local/bin/cylon:

#!/bin/ksh -

gpioctl -q /dev/gpio0 6 0
gpioctl -q /dev/gpio0 25 0
gpioctl -q /dev/gpio0 27 1

gpioctl -q /dev/gpio0 6 0
gpioctl -q /dev/gpio0 25 1
gpioctl -q /dev/gpio0 27 0

gpioctl -q /dev/gpio0 6 1
gpioctl -q /dev/gpio0 25 0
gpioctl -q /dev/gpio0 27 0

gpioctl -q /dev/gpio0 6 0
gpioctl -q /dev/gpio0 25 0
gpioctl -q /dev/gpio0 27 0

while [ true ] ; do
 sleep 1
 sleep 1
 sleep 1
 sleep 1

Finally, start it from /etc/rc.local:

# Add your local startup actions here.
echo -n 'cylon'
sh /usr/local/bin/cylon &

On reboot, yay, blinky! That at least tells you the kernel hasn’t crashed.

Reducing the mail
Because flashrd is really OpenBSD, it sends mail more suited to a server than a firewall with limited disk.

First thing I noticed:

Running security(8):

Checking special files and directories.
Output format is:
                criteria (shouldbe, reallyis)
        permissions (0644, 0755)

I fixed that with a chmod 0644 /etc/rc.conf.local. So now /usr/libexec/security shows no problems. Good.

Once that’s done, make things complain less:

crontab -uroot -e

and comment out:

#30     1       *       *       *       /bin/sh /etc/daily
#30     3       *       *       6       /bin/sh /etc/weekly

This prevents the daily and weekly reports, leaving just the monthly one.

Next, I noticed that sendmail gets run from root’s crontab, so it doesn’t need to run at boot:


sendmail_flags=NO       # "-L sm-mta -C/etc/mail/localhost.cf -bd -q30m"

That should keep the thing running a little longer without running out of disk. Actually, /var/mail is on the MFS, so it will keep it from running out of ramdisk.

(This post is part of Building an ALIX firewall)