我正在尝试调查我们的一台 CentOS 7 服务器中的一个问题,该服务器yum-cron无法向 root 发送包含执行操作结果的电子邮件。
它总是出现这个错误:
无法向本地主机发送电子邮件:[Errno 111] 连接被拒绝
但是,我们有其他具有相同配置的服务器,而这是唯一出现此类问题的服务器。
以下是yum-cron.conf内容:
[commands]
# What kind of update to use:
# default = yum upgrade
# security = yum --security upgrade
# security-severity:Critical = yum --sec-severity=Critical upgrade
# minimal = yum --bugfix update-minimal
# minimal-security = yum --security update-minimal
# minimal-security-severity:Critical = --sec-severity=Critical update-minimal
update_cmd = default
# Whether a message should be emitted when updates are available,
# were downloaded, or applied.
update_messages = yes
# Whether updates should be downloaded when they are available.
download_updates = yes
# Whether updates should be applied when they are available. Note
# that download_updates must also be yes for the update to be applied.
apply_updates = yes
# Maximum amout of time to randomly sleep, in minutes. The program
# will sleep for a random amount of time between 0 and random_sleep
# minutes before running. This is useful for e.g. staggering the
# times that multiple systems will access update servers. If
# random_sleep is 0 or negative, the program will run immediately.
# 6*60 = 360
random_sleep = 360
[emitters]
# Name to use for this system in messages that are emitted. If
# system_name is None, the hostname will be used.
system_name = None
# How to send messages. Valid options are stdio and email. If
# emit_via includes stdio, messages will be sent to stdout; this is useful
# to have cron send the messages. If emit_via includes email, this
# program will send email itself according to the configured options.
# If emit_via is None or left blank, no messages will be sent.
emit_via = email
# The width, in characters, that messages that are emitted should be
# formatted to.
output_width = 80
[email]
# The address to send email messages from.
email_from = root
# List of addresses to send messages to.
email_to = root
# Name of the host to connect to to send email messages.
email_host = localhost
[groups]
# NOTE: This only works when group_command != objects, which is now the default
# List of groups to update
group_list = None
# The types of group packages to install
group_package_types = mandatory, default
[base]
# This section overrides yum.conf
# Use this to filter Yum core messages
# -4: critical
# -3: critical+errors
# -2: critical+errors+warnings (default)
debuglevel = -2
# skip_broken = True
mdpolicy = group:main
# Uncomment to auto-import new gpg keys (dangerous)
# assumeyes = True
我仔细检查了一下,它与其他服务器上的配置文件相同。
此外,所有服务器都已postfix安装为邮件服务器,使用 sendgrid 作为 smtp 中继。
最后,全部服务器,通过mail命令手动向 root 发送电子邮件,没有任何错误。
我应该检查什么才能使 cron 正确地向 root 发送电子邮件?
编辑:
经过一些测试后,我注意到出现问题的服务器上没有任何内容在监听 TCP 端口 25:
[root@srv1 ~]# ss -tnlp | grep :25
[root@srv1 ~]#
而在另一台服务器上我得到:
[root@srv2 ~]# ss -tnlp | grep :25
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=768,fd=13))
[root@srv2 ~]#
其中 PID 为 768 的进程是/usr/libexec/postfix/master -w。
然后我检查了该服务中哪些进程处于活动状态postfix,在第一台服务器上我得到:
[root@srv1 ~]# service postfix status
Redirecting to /bin/systemctl status postfix.service
● postfix.service - Postfix Mail Transport Agent
Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2017-01-10 09:18:55 CET; 5min ago
Process: 17409 ExecStop=/usr/sbin/postfix stop (code=exited, status=0/SUCCESS)
Process: 17431 ExecStart=/usr/sbin/postfix start (code=exited, status=0/SUCCESS)
Process: 17428 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS)
Process: 17421 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=0/SUCCESS)
Main PID: 17503 (master)
CGroup: /system.slice/postfix.service
├─17503 /usr/libexec/postfix/master -w
├─17504 pickup -l -t unix -u
└─17505 qmgr -l -t unix -u
而第二个输出是:
[root@srv2 ~]# service postfix status
Redirecting to /bin/systemctl status postfix.service
● postfix.service - Postfix Mail Transport Agent
Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2016-12-28 16:34:19 CET; 1 weeks 5 days ago
Main PID: 768 (master)
CGroup: /system.slice/postfix.service
├─ 768 /usr/libexec/postfix/master -w
├─ 770 qmgr -l -t unix -u
├─8185 pickup -l -t unix -u
└─9148 tlsmgr -l -t unix -u
因此看起来第一台服务器tlsmgr根本没有启动,但是我在日志中找不到任何错误。
答案1
最后我发现这不是问题,yum-cron而是配置postfix本身的问题。
事实上,在第一台服务器上,该master.cf文件是这样的:
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
#smtp inet n - n - - smtpd
#smtp inet n - n - 1 postscreen
#smtpd pass - - n - - smtpd
#dnsblog unix - - n - 0 dnsblog
#tlsproxy unix - - n - 0 tlsproxy
submission inet n - n - - smtpd
[...]
而在第二台服务器上则是:
# Postfix master process configuration file. For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
#smtp inet n - n - 1 postscreen
#smtpd pass - - n - - smtpd
#dnsblog unix - - n - 0 dnsblog
#tlsproxy unix - - n - 0 tlsproxy
#submission inet n - n - - smtpd
[...]
通过将第一个文件设置为第二个文件,即取消注释第一smtp行并删除该submission行,我使其按预期工作。