Email

Yum-cron 無法向 root 發送電子郵件

  • January 13, 2017

我正在嘗試調查我們的一台 CentOS 7 伺服器上的一個問題,該伺服器yum-cron未能通過執行操作的結果向 root 發送電子郵件。

它總是給出這個錯誤:

無法向 localhost 發送電子郵件:

$$ Errno 111 $$連接被拒絕

但是,我們還有其他具有相同配置的伺服器,這是唯一出現此類問題的伺服器。

以下是yum-cron.conf內容:

[commands]
#  What kind of update to use:
# default                            = yum upgrade
# security                           = yum --security upgrade
# security-severity:Critical         = yum --sec-severity=Critical upgrade
# minimal                            = yum --bugfix update-minimal
# minimal-security                   = yum --security update-minimal
# minimal-security-severity:Critical =  --sec-severity=Critical update-minimal
update_cmd = default

# Whether a message should be emitted when updates are available,
# were downloaded, or applied.
update_messages = yes

# Whether updates should be downloaded when they are available.
download_updates = yes

# Whether updates should be applied when they are available.  Note
# that download_updates must also be yes for the update to be applied.
apply_updates = yes

# Maximum amout of time to randomly sleep, in minutes.  The program
# will sleep for a random amount of time between 0 and random_sleep
# minutes before running.  This is useful for e.g. staggering the
# times that multiple systems will access update servers.  If
# random_sleep is 0 or negative, the program will run immediately.
# 6*60 = 360
random_sleep = 360


[emitters]
# Name to use for this system in messages that are emitted.  If
# system_name is None, the hostname will be used.
system_name = None

# How to send messages.  Valid options are stdio and email.  If
# emit_via includes stdio, messages will be sent to stdout; this is useful
# to have cron send the messages.  If emit_via includes email, this
# program will send email itself according to the configured options.
# If emit_via is None or left blank, no messages will be sent.
emit_via = email

# The width, in characters, that messages that are emitted should be
# formatted to.
output_width = 80


[email]
# The address to send email messages from.
email_from = root

# List of addresses to send messages to.
email_to = root

# Name of the host to connect to to send email messages.
email_host = localhost


[groups]
# NOTE: This only works when group_command != objects, which is now the default
# List of groups to update
group_list = None

# The types of group packages to install
group_package_types = mandatory, default

[base]
# This section overrides yum.conf

# Use this to filter Yum core messages
# -4: critical
# -3: critical+errors
# -2: critical+errors+warnings (default)
debuglevel = -2

# skip_broken = True
mdpolicy = group:main

# Uncomment to auto-import new gpg keys (dangerous)
# assumeyes = True

我仔細檢查過,它與其他伺服器上的配置文件相同。

此外,所有伺服器都postfix安裝為郵件伺服器,使用 sendgrid 作為 smtp 中繼。

最後,在所有mail伺服器上,通過命令手動向 root 發送電子郵件可以正常工作。

我應該檢查什麼才能使 cron 正確地向 root 發送電子郵件?

編輯:

經過一些測試,我注意到在有問題的伺服器上,沒有監聽 TCP 埠 25:

[root@srv1 ~]# ss -tnlp | grep :25
[root@srv1 ~]#

在另一台伺服器上,我得到:

[root@srv2 ~]# ss -tnlp | grep :25
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=768,fd=13))
[root@srv2 ~]#

PID 768 的程序在哪裡/usr/libexec/postfix/master -w

然後,我檢查了哪些程序對postfix服務處於活動狀態,並在我得到的第一台伺服器上:

[root@srv1 ~]# service postfix status
Redirecting to /bin/systemctl status  postfix.service
● postfix.service - Postfix Mail Transport Agent
  Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
  Active: active (running) since Tue 2017-01-10 09:18:55 CET; 5min ago
 Process: 17409 ExecStop=/usr/sbin/postfix stop (code=exited, status=0/SUCCESS)
 Process: 17431 ExecStart=/usr/sbin/postfix start (code=exited, status=0/SUCCESS)
 Process: 17428 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS)
 Process: 17421 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=0/SUCCESS)
Main PID: 17503 (master)
  CGroup: /system.slice/postfix.service
          ├─17503 /usr/libexec/postfix/master -w
          ├─17504 pickup -l -t unix -u
          └─17505 qmgr -l -t unix -u

而在第二個輸出是:

[root@srv2 ~]# service postfix status
Redirecting to /bin/systemctl status  postfix.service
● postfix.service - Postfix Mail Transport Agent
  Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled)
  Active: active (running) since Wed 2016-12-28 16:34:19 CET; 1 weeks 5 days ago
Main PID: 768 (master)
  CGroup: /system.slice/postfix.service
          ├─ 768 /usr/libexec/postfix/master -w
          ├─ 770 qmgr -l -t unix -u
          ├─8185 pickup -l -t unix -u
          └─9148 tlsmgr -l -t unix -u

所以看起來第一台伺服器tlsmgr根本沒有啟動,但是我在日誌中找不到任何錯誤。

最後我發現這不是問題,yum-cron而是postfix本身的配置問題。

事實上,在第一台伺服器上,master.cf文件是這樣的:

# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
#smtp      inet  n       -       n       -       -       smtpd
#smtp      inet  n       -       n       -       1       postscreen
#smtpd     pass  -       -       n       -       -       smtpd
#dnsblog   unix  -       -       n       -       0       dnsblog
#tlsproxy  unix  -       -       n       -       0       tlsproxy
submission inet n       -       n       -       -       smtpd
[...]

在第二台伺服器上是:

# Postfix master process configuration file.  For details on the format
# of the file, see the master(5) manual page (command: "man 5 master").
#
# Do not forget to execute "postfix reload" after editing this file.
#
# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       n       -       -       smtpd
#smtp      inet  n       -       n       -       1       postscreen
#smtpd     pass  -       -       n       -       -       smtpd
#dnsblog   unix  -       -       n       -       0       dnsblog
#tlsproxy  unix  -       -       n       -       0       tlsproxy
#submission inet n       -       n       -       -       smtpd
[...]

並通過將第一個文件設置為第二個文件,即取消註釋第一smtp行並刪除該submission行,我讓它按預期工作。

引用自:https://serverfault.com/questions/825252