Solaris中hostname引起的sendmail錯誤
一、故障現象
近期在巡檢中發現,日誌經常出現以下告警:
Feb 27 09:03:29 NOD2 sendmail[475]: [ID 702911 mail.crit] My unqualified host name (NOD2) unknown; sleeping for retry
Feb 27 09:04:30 NOD2 sendmail[475]: [ID 702911 mail.alert] unable to qualify my own domain name (NOD2) -- using short name
Feb 27 11:09:30 NOD2 sendmail[476]: [ID 702911 mail.crit] My unqualified host name (NOD2) unknown; sleeping for retry
Feb 27 11:10:30 NOD2 sendmail[476]: [ID 702911 mail.alert] unable to qualify my own domain name (NOD2) -- using short name
二、故障分析
通過此日誌可直觀的反映出爲“不合規的主機名”與“名稱太短,無法用作域名”的告警。所以先查看下hosts文件裏的名稱是否有誤
cat /etc/hosts
# Internet host table
#
::1 localhost
127.0.0.1 localhost
192.168.28.128 NOD1 loghost
192.168.48.128 NOD1-1
192.168.28.130 NODVIP
192.168.28.129 NOD2
192.168.48.129 NOD21
由於sendmail默認是先查找“fully qualified hostname”,但從hosts文件中看出本機的hostname爲NOD1,sendmail無法得到完整的主機名,故出現上面的日誌告警。所以我們將主機名修改爲完整主機名即可解決故障
三、解決步驟
1. 修改文件權限
由於solaris系統中,hosts文件默認是隻讀文件,故需要修改相應權限:
bash-3.2# ls -l /etc/hosts
lrwxrwxrwx 1 root root 12 2月 25日 14:43 /etc/hosts -> ./inet/hosts
可知/etc/hosts文件爲/etc/inet/hosts的鏈接文件,故真實文件爲etc/inet/hosts
bash-3.2# ls -l /etc/inet/hosts
-r--r--r-- 1 root sys 0 3月 1日 10:56 /etc/inet/hosts
bash-3.2# chmod u+w /etc/inet/hosts
bash-3.2# ls -l /etc/inet/hosts
-rw-r--r-- 1 root sys 0 3月 1日 10:56 /etc/inet/hosts
2. 添加完整主機名
hosts文件root用戶取得可寫權限,即可對內容修改,添加本機的完整主機名
bash-3.2# cat /etc/hosts
# Internet host table
#
::1 localhost
127.0.0.1 localhost
192.168.28.128 NOD1 NOD1.com loghost
192.168.48.128 NOD1-1
192.168.28.130 NODVIP
192.168.28.129 NOD2
192.168.48.129 NOD21
3. 測試方法:
1) sendmail命令查看
命令:/usr/lib/sendmail -d0.1 -bt < /dev/null
-d0.1是debug的等級,-bt是地址測試,</dev/null是輸入重定向。
① 修改前
bash-3.2# /usr/lib/sendmail -d0.1 -bt < /dev/null
Version 8.14.4+Sun
Compiled with: DNSMAP LDAPMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8
MIME8TO7 NAMED_BIND NDBM NETINET NETINET6 NETUNIX NEWDB NIS
NISPLUS PIPELINING SCANF STARTTLS TCPWRAPPERS USERDB
USE_LDAP_INIT XDEBUG
============ SYSTEM IDENTITY (after readcf) ============
(short domain name) $w = NOD1
(canonical domain name) $j = NOD1
(subdomain name) $m = <null>
(node name) $k = NOD1
========================================================
WARNING: local host name (NOD1) is not qualified; see cf/README: WHO AM I?
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
>
bash-3.2# Mar 1 11:23:10 NOD1 sendmail[1662]: [ID 702911 mail.alert] unable to qualify my own domain name (NOD1) -- using short name
有告警信息
② 修改後
bash-3.2# /usr/lib/sendmail -d0.1 -bt < /dev/null
Version 8.14.4+Sun
Compiled with: DNSMAP LDAPMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8
MIME8TO7 NAMED_BIND NDBM NETINET NETINET6 NETUNIX NEWDB NIS
NISPLUS PIPELINING SCANF STARTTLS TCPWRAPPERS USERDB
USE_LDAP_INIT XDEBUG
============ SYSTEM IDENTITY (after readcf) ============
(short domain name) $w = NOD1
(canonical domain name) $j = NOD1.com
(subdomain name) $m = com
(node name) $k = NOD1
========================================================
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter <ruleset> <address>
> bash-3.2#
無告警信息
2) 腳本測試
/usr/lib/mail/sh/check-hostname
① 修改前
bash-3.2# /usr/lib/mail/sh/check-hostname
Hostname NOD1 could not be fully qualified.
We recommend changing the /etc/hosts entry:
192.168.28.128 NOD1 loghost
to:
192.168.28.128 NOD1 NOD1.pick.some.domain loghost
bash-3.2# Mar 1 11:23:10 NOD1 sendmail[1662]: [ID 702911 mail.alert] unable to qualify my own domain name (NOD1) -- using short name
有告警信息
② 修改後
bash-3.2# /usr/lib/mail/sh/check-hostname
Hostname NOD1 OK: fully qualified as NOD1.com
故 障 解 決