我试图在我们的CentOS 7服务器上调查一个问题, yum-cron因为执行操作的结果而无法发送电子邮件到根目录。
它总是给这个错误:
无法发送电子邮件到本地主机:[Errno 111]连接被拒绝
但是,我们有其他服务器具有相同的configuration,这是唯一显示这样的问题。
这里是yum-cron.conf内容:
[commands] # What kind of update to use: # default = yum upgrade # security = yum --security upgrade # security-severity:Critical = yum --sec-severity=Critical upgrade # minimal = yum --bugfix update-minimal # minimal-security = yum --security update-minimal # minimal-security-severity:Critical = --sec-severity=Critical update-minimal update_cmd = default # Whether a message should be emitted when updates are available, # were downloaded, or applied. update_messages = yes # Whether updates should be downloaded when they are available. download_updates = yes # Whether updates should be applied when they are available. Note # that download_updates must also be yes for the update to be applied. apply_updates = yes # Maximum amout of time to randomly sleep, in minutes. The program # will sleep for a random amount of time between 0 and random_sleep # minutes before running. This is useful for eg staggering the # times that multiple systems will access update servers. If # random_sleep is 0 or negative, the program will run immediately. # 6*60 = 360 random_sleep = 360 [emitters] # Name to use for this system in messages that are emitted. If # system_name is None, the hostname will be used. system_name = None # How to send messages. Valid options are stdio and email. If # emit_via includes stdio, messages will be sent to stdout; this is useful # to have cron send the messages. If emit_via includes email, this # program will send email itself according to the configured options. # If emit_via is None or left blank, no messages will be sent. emit_via = email # The width, in characters, that messages that are emitted should be # formatted to. output_width = 80 [email] # The address to send email messages from. email_from = root # List of addresses to send messages to. email_to = root # Name of the host to connect to to send email messages. email_host = localhost [groups] # NOTE: This only works when group_command != objects, which is now the default # List of groups to update group_list = None # The types of group packages to install group_package_types = mandatory, default [base] # This section overrides yum.conf # Use this to filter Yum core messages # -4: critical # -3: critical+errors # -2: critical+errors+warnings (default) debuglevel = -2 # skip_broken = True mdpolicy = group:main # Uncomment to auto-import new gpg keys (dangerous) # assumeyes = True
我加倍检查,它是相同的其他服务器上的configuration文件。
另外,所有服务器都安装了postfix作为邮件服务器,它使用sendgrid作为smtp中继。
最后,在所有的服务器上,通过mail命令手动发送邮件到根目录是没有任何错误的。
我应该检查什么,使cron发送电子邮件正确的根?
编辑:
经过一些testing,我发现在服务器上有问题,没有什么监听TCP端口25:
[root@srv1 ~]# ss -tnlp | grep :25 [root@srv1 ~]#
而在另一台服务器上,我得到:
[root@srv2 ~]# ss -tnlp | grep :25 LISTEN 0 100 127.0.0.1:25 *:* users:(("master",pid=768,fd=13)) [root@srv2 ~]#
其中PID为768的进程是/usr/libexec/postfix/master -w 。
然后我检查了哪些进程在哪里激活了postfix服务,并在我得到的第一台服务器上:
[root@srv1 ~]# service postfix status Redirecting to /bin/systemctl status postfix.service ● postfix.service - Postfix Mail Transport Agent Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled) Active: active (running) since Tue 2017-01-10 09:18:55 CET; 5min ago Process: 17409 ExecStop=/usr/sbin/postfix stop (code=exited, status=0/SUCCESS) Process: 17431 ExecStart=/usr/sbin/postfix start (code=exited, status=0/SUCCESS) Process: 17428 ExecStartPre=/usr/libexec/postfix/chroot-update (code=exited, status=0/SUCCESS) Process: 17421 ExecStartPre=/usr/libexec/postfix/aliasesdb (code=exited, status=0/SUCCESS) Main PID: 17503 (master) CGroup: /system.slice/postfix.service ├─17503 /usr/libexec/postfix/master -w ├─17504 pickup -l -t unix -u └─17505 qmgr -l -t unix -u
而在第二个输出是:
[root@srv2 ~]# service postfix status Redirecting to /bin/systemctl status postfix.service ● postfix.service - Postfix Mail Transport Agent Loaded: loaded (/usr/lib/systemd/system/postfix.service; enabled; vendor preset: disabled) Active: active (running) since Wed 2016-12-28 16:34:19 CET; 1 weeks 5 days ago Main PID: 768 (master) CGroup: /system.slice/postfix.service ├─ 768 /usr/libexec/postfix/master -w ├─ 770 qmgr -l -t unix -u ├─8185 pickup -l -t unix -u └─9148 tlsmgr -l -t unix -u
所以看起来在第一台服务器tlsmgr根本没有启动,但是我在日志中找不到任何错误。
最后我发现这不是yum-cron的问题,而是postfix本身的configuration。
实际上,在第一台服务器上, master.cf文件是这样的:
# Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== #smtp inet n - n - - smtpd #smtp inet n - n - 1 postscreen #smtpd pass - - n - - smtpd #dnsblog unix - - n - 0 dnsblog #tlsproxy unix - - n - 0 tlsproxy submission inet n - n - - smtpd [...]
而在第二台服务器上则是:
# Postfix master process configuration file. For details on the format # of the file, see the master(5) manual page (command: "man 5 master"). # # Do not forget to execute "postfix reload" after editing this file. # # ========================================================================== # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) # ========================================================================== smtp inet n - n - - smtpd #smtp inet n - n - 1 postscreen #smtpd pass - - n - - smtpd #dnsblog unix - - n - 0 dnsblog #tlsproxy unix - - n - 0 tlsproxy #submission inet n - n - - smtpd [...]
并通过设置第一个文件作为第二,即取消注释第一个smtp线,并删除submission线,我得到它按预期工作。