Re: "error loading key" and "key data is not secure", only from time to time...

From: <>
Date: Tue, 15 Sep 2015 11:52:33 +0200

On 15 sept. 2015, at 09:01, wrote:

> Sep 14 22:00:22 ru opendkim[20323]: signlis: key data is not secure: /var/db/opendkim/ is in group 1003 which has multiple users (e.g., "opendkim")
> Sep 14 22:00:22 ru opendkim[20323]: 57BCC139A81: error loading key 'signlis'
> Sep 14 22:00:22 ru smtp/cleanup[89884]: 57BCC139A81: milter-reject: END-OF-MESSAGE from localhost[]: 4.7.1 Service unavailable - try again later; from=<> to=<> proto=ESMTP helo=<>
> and it happens only "some times", eg. for 0.25% of messages. Odd.

No more errors, so far, since I changed permissions of *.private as you advised me to.

>>> While I"m here: during my testings to find out what was wrong, I've used truss on the running opendkim process, and I was quite surprised to discover it stats /etc/nsswitch at a fast rate (more that 100 times per seconds). Is that expected?
>> that's definitely a question for the opendkim-dev list...
> I'll try there, then.

no need. After fixing file permissions, opendkim stats /etc/nsswitch about once per second. This is far better. Overall the rates of context switches and system calls have plummeted.

Received on Tue Sep 15 2015 - 09:52:48 PST

This archive was generated by hypermail 2.3.0 : Tue Sep 15 2015 - 10:00:01 PST