SSH keys broke webmail

Installing, Configuring, Troubleshooting server daemons such as Web and Mail
Post Reply
OpenSage
Posts: 5
Joined: 2014/03/11 22:11:06

SSH keys broke webmail

Post by OpenSage » 2014/03/11 22:43:19

Hi I am a server noob. I wanted to learn more about servers so thought I would get a VPS and create a mail server with it. Last week I ordered a VPS and I got everything set up. SSH was preinstalled and logging in was no problem. I installed postfix, dovecot and squirrelmail. Maybe apache and php, but I think they might have been already included, or maybe squirrelmail installed them... can't remember. I got everything setup and configured and squirrelmail was working just fine with http login and ran several mail tests with success.

Today I decided to make ssh keys with non-password login for the command line, but after getting installed and activated then squirrelmail (website.com/webmail) was showing a blank page instead of a login page. The cli ssh keys are working perfect. I checked my /var/log/maillog file and no errors showed. I then checked /var/log/httpd/errors_log. I got these errors...
[Tue Mar 11 13:49:08 2014] [error] [client 198.23.xx.xx] PHP Warning: require_once(/etc/squirrelmail/config.php): failed to open stream: Permission denied in /usr/share/squirrelmail/functions/global.php on line 105
[Tue Mar 11 13:49:08 2014] [error] [client 198.23.xx.xx] PHP Fatal error: require_once(): Failed opening required '../config/config.php' (include_path='.:/usr/share/pear:/usr/share/php') in /usr/share/squirrelmail/functions/global.php on line 105
I viewed the global.php file it is talking about and line 105 was reading...
require_once(SM_PATH . 'config/config.php');
I was not sure how to edit that line, so I tried a few different ways and always got log errors for syntax problems.

I looked for /usr/share/pear and there is not such file. I also looked up /usr/share/php but that was an empty directory.

I am not sure what to do from here. My next guess is something needs to be done with /etc/squirrelmail/config.php but I am not sure. Or maybe setting up https for squirrelmail would fix the problem along the way.

Does anybody know why the ssh keys broke webmail and how to fix it?

Thanks,
Jeffrey

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: SSH keys broke webmail

Post by TrevorH » 2014/03/11 23:12:10

Post the output of `ls -laZ /usr/share/squirrelmail/config/config.php` and also what is displayed by the `getenforce` command
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

OpenSage
Posts: 5
Joined: 2014/03/11 22:11:06

Re: SSH keys broke webmail

Post by OpenSage » 2014/03/11 23:39:31

lrwxrwxrwx root root /usr/share/squirrelmail/config/config.php -> ../../../../etc/squirrelmail/config.php

and the getenforce command was disabled

I doubt this of importance, but I did stop services postfix, dovecot and httpd in that order and then restarted them just in case that would have helped, but it didn't hahaha.

OpenSage
Posts: 5
Joined: 2014/03/11 22:11:06

Re: SSH keys broke webmail

Post by OpenSage » 2014/03/12 00:19:28

I just did a test by sending an email from my gmail account to my vps mail server I am having a problem with. I then checked to see if the email was received. It was sent successfully by checking from the command line and was able to read it there. So the email service is still working, it is just the webmail (squirrelmail) that seems to be not displaying in the web browser.

I also just did a test using the "telnet mail smtp" method and successfully sent a mail to my gmail account.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: SSH keys broke webmail

Post by TrevorH » 2014/03/12 00:35:34

Now the output from

Code: Select all

ls -la /etc/squirrelmail/config.php
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

OpenSage
Posts: 5
Joined: 2014/03/11 22:11:06

Re: SSH keys broke webmail

Post by OpenSage » 2014/03/12 00:57:35

-rw-r----- 1 root root 6984 Mar 10 14:03 /etc/squirrelmail/config.php

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: SSH keys broke webmail

Post by TrevorH » 2014/03/12 01:55:00

So, yes, that's the reason. It's owned by the user root and the group root. The permissions on that file allow the owner to read and write it and the owning group to read it. The user that httpd runs with is called apache and it is in group apache thus it has no access to read the file. You need to either chgrp the file so that the owning group is apache or you need to set the "others" permission to allow anyone to read it.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

OpenSage
Posts: 5
Joined: 2014/03/11 22:11:06

Re: SSH keys broke webmail

Post by OpenSage » 2014/03/12 02:15:13

Holy Moly!!!! hahaha That was it. You are good sir Trevor. :D I didn't even think to mention that I also setup sudoers today and was having a problem with making it all work correctly, so I did a test by changing the groups recursively in /etc thinking they were all root and then changed them all back to root. Seems even though I failed to tell you that, it didn't faze you at all. Wow just amazing! Thank you very much Trevor.

I will leave this open and mark it as solved tomorrow after I know you have read this message. Thanks again Trevor. This was a great lesson on not assuming everything in a directory is all under the same owner or group. I hope I never make another bonehead move like that again. ;)

Post Reply