上周,在我的 FreeBSD 服务器上更新 MySQL 的过程中,我做了一件事,pkg upgrade昨晚我的服务器重新启动后,sendmail 无法启动:
/etc/mail # make start
Starting: sendmailShared object "libdb-6.1.so" not found, required by "sendmail"
sendmail-clientmqueueShared object "libdb-6.1.so" not found, required by "sendmail"
我试过
# pkg upgrade sendmail
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
pkg: sendmail is not installed, therefore upgrade is impossible
Checking integrity... done (0 conflicting)
Your packages are up to date.
和
/usr/ports/mail/sendmail # make
===> License Sendmail accepted by the user
===> Found saved configuration for sendmail+tls+sasl2+db6-8.15.2
===> sendmail+tls+sasl2+db5-8.15.2_3 depends on file: /usr/local/sbin/pkg - found
=> sendmail.8.15.2.tar.gz doesn't seem to exist in /usr/ports/distfiles/.
=> Attempting to fetch `ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz`
fetch: `ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz`: No route to host
=> Attempting to fetch `ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.15.2.tar.gz`
fetch: `ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.15.2.tar.gz`: Permission denied
=> Attempting to fetch `ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz`
fetch: `ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz`: No route to host
=> Couldn't fetch it - please try to retrieve this
=> port manually into /usr/ports/distfiles/ and try again.
*** Error code 1
Stop.
make[1]: stopped in /usr/ports/mail/sendmail
*** Error code 1
Stop.
make: stopped in /usr/ports/mail/sendmail
我发现没有通往的路由,这真的很奇怪ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz。我尝试使用traceroute,但似乎 UDP 数据包被阻止了防火墙设置为允许 ICMP 数据包进行跟踪路由。我找到并安装tcptraceroute并检查了服务器地址:
# tcptraceroute ftp7.freebsd.org
Selected device re0, address 100.0.193.99, port 47109 for outgoing packets
Tracing the path to ftp7.freebsd.org (212.219.56.184) on TCP port 80 (http), 30 hops max
1 lo0-100.BSTNMA-VFTTP-304.verizon-gni.net (100.0.193.1) 0.873 ms 4.060 ms 1.295 ms
2 B3304.BSTNMA-LCR-21.verizon-gni.net (100.41.201.13) 4.982 ms 2.465 ms 3.963 ms
3 * * *
4 * * *
5 0.ae7.GW10.EWR6.ALTER.NET (140.222.231.129) 13.909 ms 13.042 ms 16.170 ms
6 customer.customer.alter.net (157.130.91.86) 12.101 ms 13.999 ms 14.463 ms
7 nyk-bb2-link.telia.net (62.115.134.109) 12.736 ms 12.905 ms 10.899 ms
8 ldn-bb2-link.telia.net (213.155.133.6) 87.360 ms 90.585 ms 88.851 ms
9 ldn-b3-link.telia.net (62.115.137.197) 87.316 ms 86.608 ms 85.195 ms
10 jisc-ic-318433-ldn-b3.c.telia.net (62.115.148.159) 80.234 ms 81.564 ms 81.709 ms
11 ae29.londpg-sbr2.ja.net (146.97.33.2) 82.335 ms 80.600 ms 81.831 ms
12 ae30.londtw-sbr2.ja.net (146.97.33.6) 81.793 ms 80.232 ms 82.312 ms
13 kpsn.londtw-sbr2.ja.net (146.97.41.86) 82.862 ms 82.107 ms 82.119 ms
14 212.219.171.222 83.104 ms 85.585 ms 88.442 ms
15 www.mirrorservice.org (212.219.56.184) [open] 85.161 ms 83.739 ms 85.358 ms
我仔细检查了一下,确保在我没注意的时候没有发生任何变化,但还是make失败了,出现了同样的“没有到主机的路由”错误。我检查了防火墙是否阻止了 FTP 连接:
# less /var/log/security
Aug 21 11:00:00 Dreamer newsyslog[20945]: logfile turned over due to size>100K
Aug 21 11:00:09 Dreamer kernel: ipfw: 56599 Deny TCP 123.59.55.92:48049 100.0.193.99:3128 in via re0
Aug 21 11:00:44 Dreamer kernel: ipfw: 56599 Deny TCP 93.174.95.87:36924 100.0.193.102:110 in via re0
Aug 21 11:00:47 Dreamer last message repeated 2 times
Aug 21 11:00:47 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:23489 212.219.56.184:21 out via re0
Aug 21 11:00:54 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:59597 212.219.56.184:21 out via re0
Aug 21 11:01:45 Dreamer kernel: ipfw: 56599 Deny TCP 182.191.88.195:45481 100.0.193.102:23 in via re0
Aug 21 11:01:48 Dreamer kernel: ipfw: 56599 Deny TCP 182.191.88.195:45481 100.0.193.102:23 in via re0
Aug 21 11:02:13 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:28015 212.219.56.184:21 out via re0
Aug 21 11:02:13 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:23314 209.246.26.16:21 out via re0
Aug 21 11:02:13 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:26752 212.219.56.184:21 out via re0
Aug 21 11:04:10 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:25337 212.219.56.184:21 out via re0
Aug 21 11:04:10 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:37933 209.246.26.16:21 out via re0
Aug 21 11:04:10 Dreamer kernel: ipfw: 299 Deny TCP 100.0.193.99:65061 212.219.56.184:21 out via re0
然后我尝试
# wget `ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz`
--2016-08-21 11:05:45-- `ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz`
=> 'sendmail.8.15.2.tar.gz'
Resolving ftp7.freebsd.org (ftp7.freebsd.org)... 212.219.56.184, 2001:630:341:12::184
Connecting to ftp7.freebsd.org (ftp7.freebsd.org)|212.219.56.184|:21... failed: Permission denied.
Connecting to ftp7.freebsd.org (ftp7.freebsd.org)|2001:630:341:12::184|:21... failed: No route to host.
看来“没有到主机的路由“信息只是个幌子——真正的问题是”没有权限“在 IPV4 连接上。
当我将 URL 粘贴ftp://ftp7.freebsd.org/pub/FreeBSD/ports/distfiles/sendmail.8.15.2.tar.gz到浏览器中时,出现错误对话框,提示“550 无法更改目录”。当我使用 WinSCP 连接到 ftp7.freebsd.org 并导航到 /pub/FreeBSD/ports/distfiles/ 时,我发现一个 README.txt 文件,其中写道
Our distfiles cache has been moved to: `http://distcache.FreeBSD.org/ports-distfiles/` distfiles can be fetched by name from there, as specified in the corresponding port that uses it.
我刚刚重新运行了portsnap fetch更新(再次,对于第 n 个我尝试了 FTP服务器(本周一次),然后make在 sendmail 端口目录中再次尝试 - 仍然出现 FTP 失败。
如果 distfiles 缓存已被移动,为什么在尝试获取端口的 distfiles 时,port 目录中的 make 仍然使用旧路径?
此外,当我尝试http://distcache.freebsd.org/ports-distfiles/使用浏览器导航到时,我得到了403 禁止错误页面从nginx。
由于上述问题,我无法检索 sendmail 分发文件,因此我尝试
# pkg install sendmail
Updating FreeBSD repository catalogue...
Fetching meta.txz: 100% 944 B 0.9kB/s 00:01
Fetching packagesite.txz: 100% 6 MiB 5.8MB/s 00:01
Processing entries: 100%
FreeBSD repository update completed. 25584 packages processed.
Updating database digests format: 100%
pkg: No packages available to install matching 'sendmail' have been found in the repositories
我也发过这个帖子https://forums.freebsd.org/threads/57359/但没有收到任何有用的答复。
我无法获得 sendmail 端口的分发文件,而且也没有可用的包,所以目前我处于真的困难的处境,因为这是一个生产服务器爆炸了!
我要做什么才能使 sendmail 再次运行?
# uname -a
FreeBSD Dreamer.FKEinternet.net 10.2-RELEASE FreeBSD 10.2-RELEASE #0: Mon Oct 5 23:53:36 EDT 2015 [email protected].:/usr/obj/usr/src/sys/GENERIC amd64
答案1
我发现自己做错了——我没有资格发送邮件正确包装:pkg install mail/sendmail让我重新开始运行。
答案2
这有效
# wget http://distcache.FreeBSD.org/ports-distfiles/sendmail.8.15.2.tar.gz
--2016-08-21 17:47:28-- http://distcache.freebsd.org/ports-distfiles/sendmail.8.15.2.tar.gz
Resolving distcache.freebsd.org (distcache.freebsd.org)... 96.47.72.71, 2610:1c1:1:606c::50:1
Connecting to distcache.freebsd.org (distcache.freebsd.org)|96.47.72.71|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 2207417 (2.1M) [application/octet-stream]
Saving to: ‘sendmail.8.15.2.tar.gz’
sendmail.8.15.2.tar.gz 100%[======================================================================================================================================>] 2.10M 2.37MB/s in 0.9s
2016-08-21 17:47:28 (2.37 MB/s) - ‘sendmail.8.15.2.tar.gz’ saved [2207417/2207417]
您可以使用变量更改服务器端口的使用。我不确定如何使更改永久生效(要更改哪个配置文件)。听起来像是在 Makefile 中。
https://www.freebsd.org/doc/handbook/ports-using.html
In rare cases, such as when an organization has a local distfiles repository, the MASTER_SITES variable can be used to override the download locations specified in the Makefile. When using, specify the alternate location:
# cd /usr/ports/directory
# make MASTER_SITE_OVERRIDE=ftp://ftp.organization.org/pub/FreeBSD/ports/distfiles/ fetch
所以你可以做这样的事情
# cd /usr/ports/mail/sendmail
# make MASTER_SITE_OVERRIDE=http://distcache.FreeBSD.org/ports-distfiles/ fetch
我希望自己对 ports 有更多了解,但我不会运行 FreeBSD。我认为编译系统上安装的每个软件包是没有意义的。我敢打赌,如果你四处看看,你会发现 sendmail 就在软件包管理存储库的某个地方。