on 2-26-2009 3:04 PM Mark Hedges spake the following:
On Thu, 26 Feb 2009, Timo Sirainen wrote:
On Thu, 2009-02-26 at 14:23 -0800, Mark Hedges wrote:
Feb 26 14:14:06 anubis dovecot: child 25810 (pop3) killed with signal 11 It shouldn't be crashing. Could you get a gdb backtrace from this? http://dovecot.org/bugreport.html
I set mail_drop_priv_before_exec = yes, and I did
ulimit -c unlimited
andecho "/tmp/core" > /proc/sys/kernel/core_pattern
before starting dovecot, but I still didn't get a core dump anywhere. Seems like the home directory is okay. No core file. Even looked everywhere withlocate
afterupdatedb
. Is this a reason I can say that CentOS sucks too much to use in production? ;-)
Thousands (if not hundreds of thousands) of people are using CentOS in production. What makes you think it is CentOS? Just because you are trying to use a poorly (maybe inadequately is a better word) written application like openwebmail doesn't fault the OS.
Openwebmail was written to use setuid perl which has been less than safe for years. It doesn't do fcntl locking, which it probably should at least be able to do to stay current with many MTA's. It also does direct access to the mail store instead of going through an IMAP daemon. So that adds another point of contention.
It would probably be fine if it was the only access for mail, or maybe along with pop3. But throw in an IMAP mua, and maybe sieve or fancy procmail scripts and you have an accident waiting to happen.
I still have openwebmail running on one of my older servers, but it will go away when I get migrated to the replacement. It works only because the people that are using it don't access their mail with anything else. Even usermin from the webmin stable of progs does better access to mail in terms of versatility, although it is kind of ugly looking.
-- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't!!!!