Bug#968234: sendmail starttls moans about unsafe key "Permission denied"
Package: sendmail
Version: 8.15.2-14~deb10u1
sendmail complains about an unsafe key file during starttls:
# grep STARTTLS=client /var/log/mail.log | grep Permission
Aug 11 13:10:33 srvvm01 sendmail[51615]: STARTTLS=client: file /etc/mail/private/mailhost.key.pem unsafe: Permission denied
Aug 11 13:10:34 srvvm01 sendmail[51642]: STARTTLS=client: file /etc/mail/private/mailhost.key.pem unsafe: Permission denied
Aug 11 13:17:55 srvvm01 sendmail[53046]: STARTTLS=client: file /etc/mail/private/mailhost.key.pem unsafe: Permission denied
Aug 11 13:18:40 srvvm01 sendmail[53236]: STARTTLS=client: file /etc/mail/private/mailhost.key.pem unsafe: Permission denied
Aug 11 13:20:01 srvvm01 sm-msp-queue[53595]: STARTTLS=client: file /etc/mail/private/mailhost.key.pem unsafe: Permission denied
Aug 11 13:27:26 srvvm01 sendmail[54902]: STARTTLS=client: file /etc/mail/private/mailhost.key.pem unsafe: Permission denied
Aug 11 13:27:26 srvvm01 sendmail[54912]: STARTTLS=client: file /etc/mail/private/mailhost.key.pem unsafe: Permission denied
Aug 11 13:31:45 srvvm01 sendmail[56332]: STARTTLS=client: file /etc/mail/private/mailhost.key.pem unsafe: Permission denied
Aug 11 13:34:23 srvvm01 sendmail[57094]: STARTTLS=client: file /etc/mail/private/mailhost.key.pem unsafe: Permission denied
Aug 11 13:40:01 srvvm01 sm-msp-queue[58067]: STARTTLS=client: file /etc/mail/private/mailhost.key.pem unsafe: Permission denied
Aug 11 13:57:45 srvvm01 sendmail[60870]: STARTTLS=client: file /etc/mail/private/mailhost.key.pem unsafe: Permission denied
Aug 11 14:00:01 srvvm01 sendmail[61323]: STARTTLS=client: file /etc/mail/private/mailhost.key.pem unsafe: Permission denied
Aug 11 14:00:01 srvvm01 sm-msp-queue[61339]: STARTTLS=client: file /etc/mail/private/mailhost.key.pem unsafe: Permission denied
The access bits appear to be fine, though:
# ls -ald / /etc /etc/mail /etc/mail/private /etc/mail/private/mailhost.key.pem
drwxr-xr-x 29 root root 4096 Aug 11 09:10 /
drwxr-xr-x 124 root root 12288 Aug 11 12:50 /etc
drwxr-sr-x 10 smmta smmsp 4096 Aug 11 12:52 /etc/mail
drwx------ 2 root smmsp 4096 Aug 11 12:44 /etc/mail/private
-r-------- 1 root smmsp 1679 Jul 7 11:10 /etc/mail/private/mailhost.key.pem
Regards
Harri
Reply to: