[SOLVED] Fehler beim einrichten PMG-Cluster

K

k.winter

New Member
May 24, 2022
15
2
3
Hallo,

leider habe ich bei dem Einrichten eines PMG-Clusters auf dem Master einige Fehler bzw komme hier nicht weiter. Ggf. kann mir hier jemand helfen. Vorab noch ein paar allgemeine Infos zum Master (MX1) und Node (MX2):

Master - MX1 // pmgversion -v
Code: 
proxmox-mailgateway-container: 7.1-1 (API: 7.1-3/4c093c92, running kernel: 5.15.35-1-pve)
pmg-api: 7.1-3
pmg-gui: 3.1-3
clamav-daemon: 0.103.6+dfsg-0+deb11u1
ifupdown: 0.8.36+pve1
libarchive-perl: 3.4.0-1
libjs-extjs: 7.0.0-1
libjs-framework7: 4.4.7-1
libproxmox-acme-perl: 1.4.2
libproxmox-acme-plugins: 1.4.2
libpve-apiclient-perl: 3.2-1
libpve-common-perl: 7.2-1
libpve-http-server-perl: 4.1-2
libxdgmime-perl: 1.0-1
lvm2: not correctly installed
pmg-docs: 7.1-2
pmg-i18n: 2.7-2
pmg-log-tracker: 2.3.1-1
postgresql-13: 13.7-0+deb11u1
proxmox-mini-journalreader: 1.3-1
proxmox-spamassassin: 3.4.6-4
proxmox-widget-toolkit: 3.5.1
pve-xtermjs: 4.16.0-1
root@mx1:~#

Node - MX2 // pmgversion -v
Code: 
proxmox-mailgateway-container: 7.1-1 (API: 7.1-3/4c093c92, running kernel: 5.15.35-1-pve)
pmg-api: 7.1-3
pmg-gui: 3.1-3
clamav-daemon: 0.103.5+dfsg-0+deb11u1
ifupdown: residual config
ifupdown2: 3.1.0-1+pmx3
libarchive-perl: 3.4.0-1
libjs-extjs: 7.0.0-1
libjs-framework7: 4.4.7-1
libproxmox-acme-perl: 1.4.2
libproxmox-acme-plugins: 1.4.2
libpve-apiclient-perl: 3.2-1
libpve-common-perl: 7.2-1
libpve-http-server-perl: 4.1-2
libxdgmime-perl: 1.0-1
lvm2: not correctly installed
pmg-docs: 7.1-2
pmg-i18n: 2.7-2
pmg-log-tracker: 2.3.1-1
postgresql-13: 13.7-0+deb11u1
proxmox-mini-journalreader: 1.3-1
proxmox-spamassassin: 3.4.6-4
proxmox-widget-toolkit: 3.5.1
pve-xtermjs: 4.16.0-1

Nach dem Erstellen des Clusters auf dem Master (MX1) und dem Joiner der Node (MX2) bekomme ich im Syslog jedoch folgende "Fehler":

Master - MX1
Code: 
May 31 08:32:31 mx1 pmgdaemon[1459]: successful auth for user 'root@pam'
May 31 08:32:31 mx1 sshd[7573]: Accepted publickey for root from XXX.XX.XX.XXX port 58960 ssh2: RSA SHA256:5dSJURkOpxuJE8D7blnYBop/rUWAmC/vxEUpE/BaosE
May 31 08:32:31 mx1 sshd[7573]: pam_unix(sshd:session): session opened for user root(uid=0) by (uid=0)
May 31 08:32:31 mx1 dbus-daemon[125]: [system] Activating via systemd: service name='org.freedesktop.login1' unit='dbus-org.freedesktop.login1.service' requested by ':1.3' (uid=0 pid=7573 comm="sshd: root [priv]    " label="unconfined")
May 31 08:32:31 mx1 systemd[1]: Starting Load Kernel Module drm...
May 31 08:32:31 mx1 systemd[1]: modprobe@drm.service: Succeeded.
May 31 08:32:31 mx1 systemd[1]: Finished Load Kernel Module drm.
May 31 08:32:31 mx1 systemd[1]: Starting User Login Management...
May 31 08:32:31 mx1 systemd[7576]: systemd-logind.service: Failed to set up mount namespacing: /run/systemd/unit-root/proc: Permission denied
May 31 08:32:31 mx1 systemd[7576]: systemd-logind.service: Failed at step NAMESPACE spawning /lib/systemd/systemd-logind: Permission denied
May 31 08:32:31 mx1 systemd[1]: systemd-logind.service: Main process exited, code=exited, status=226/NAMESPACE
May 31 08:32:31 mx1 systemd[1]: systemd-logind.service: Failed with result 'exit-code'.
May 31 08:32:31 mx1 systemd[1]: Failed to start User Login Management.
May 31 08:32:31 mx1 systemd[1]: systemd-logind.service: Scheduled restart job, restart counter is at 1.
May 31 08:32:31 mx1 systemd[1]: Stopped User Login Management.
May 31 08:32:31 mx1 systemd[1]: Starting Load Kernel Module drm...
May 31 08:32:31 mx1 systemd[1]: modprobe@drm.service: Succeeded.
May 31 08:32:31 mx1 systemd[1]: Finished Load Kernel Module drm.
May 31 08:32:31 mx1 systemd[1]: Starting User Login Management...
May 31 08:32:31 mx1 systemd[7580]: systemd-logind.service: Failed to set up mount namespacing: /run/systemd/unit-root/proc: Permission denied
May 31 08:32:31 mx1 systemd[7580]: systemd-logind.service: Failed at step NAMESPACE spawning /lib/systemd/systemd-logind: Permission denied
May 31 08:32:31 mx1 systemd[1]: systemd-logind.service: Main process exited, code=exited, status=226/NAMESPACE
May 31 08:32:31 mx1 systemd[1]: systemd-logind.service: Failed with result 'exit-code'.
May 31 08:32:31 mx1 systemd[1]: Failed to start User Login Management.
May 31 08:32:31 mx1 systemd[1]: systemd-logind.service: Scheduled restart job, restart counter is at 2.
May 31 08:32:31 mx1 systemd[1]: Stopped User Login Management.
May 31 08:32:31 mx1 systemd[1]: Starting Load Kernel Module drm...
May 31 08:32:31 mx1 systemd[1]: modprobe@drm.service: Succeeded.
May 31 08:32:31 mx1 systemd[1]: Finished Load Kernel Module drm.
 
Fortsetzung:
Master
Code: 
May 31 08:33:26 mx1 systemd[1]: Failed to start User Login Management.
May 31 08:33:41 mx1 sshd[7782]: Accepted publickey for root from XXX.XX.XX.XXX port 58966 ssh2: RSA SHA256:5dSJURkOpxuJE8D7blnYBop/rUWAmC/vxEUpE/BaosE
May 31 08:33:41 mx1 sshd[7782]: pam_unix(sshd:session): session opened for user root(uid=0) by (uid=0)
May 31 08:33:43 mx1 pmgmirror[7542]: starting cluster synchronization
May 31 08:33:44 mx1 pmgmirror[7542]: cluster synchronization finished  (0 errors, 0.18 seconds (files 0.12, database 0.06, config 0.00))
May 31 08:33:51 mx1 dbus-daemon[125]: [system] Failed to activate service 'org.freedesktop.login1': timed out (service_start_timeout=25000ms)
May 31 08:33:51 mx1 sshd[7782]: pam_systemd(sshd:session): Failed to create session: Failed to activate service 'org.freedesktop.login1': timed out (service_start_timeout=25000ms)
May 31 08:33:51 mx1 sshd[7734]: pam_systemd(sshd:session): Failed to create session: Failed to activate service 'org.freedesktop.login1': timed out (service_start_timeout=25000ms)
May 31 08:33:51 mx1 sshd[7734]: fatal: ssh_packet_send_debug: Broken pipe
May 31 08:33:51 mx1 sshd[7734]: pam_unix(sshd:session): session closed for user root
May 31 08:33:54 mx1 pmgpolicy[7547]: starting policy database maintenance (greylist, rbl)
May 31 08:33:54 mx1 pmgpolicy[7547]: end policy database maintenance (20 ms, 1 ms)
May 31 08:34:14 mx1 pmg-smtp-filter[7532]: starting database maintenance
May 31 08:34:14 mx1 pmg-smtp-filter[7532]: end database maintenance (3 ms)
May 31 08:35:01 mx1 CRON[7900]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
May 31 08:35:01 mx1 CRON[7901]: (root) CMD (command -v debian-sa1 > /dev/null && debian-sa1 1 1)
May 31 08:35:01 mx1 CRON[7900]: pam_unix(cron:session): session closed for user root
May 31 08:35:42 mx1 sshd[7933]: Accepted publickey for root from XXX.XX.XX.XXX port 58968 ssh2: RSA SHA256:5dSJURkOpxuJE8D7blnYBop/rUWAmC/vxEUpE/BaosE
May 31 08:35:42 mx1 sshd[7933]: pam_unix(sshd:session): session opened for user root(uid=0) by (uid=0)
May 31 08:35:42 mx1 systemd[1]: Starting Load Kernel Module drm...
May 31 08:35:42 mx1 dbus-daemon[125]: [system] Activating via systemd: service name='org.freedesktop.login1' unit='dbus-org.freedesktop.login1.service' requested by ':1.7' (uid=0 pid=7933 comm="sshd: root [priv]    " label="unconfined")
May 31 08:35:42 mx1 systemd[1]: modprobe@drm.service: Succeeded.
May 31 08:35:42 mx1 systemd[1]: Finished Load Kernel Module drm.
May 31 08:35:42 mx1 systemd[1]: Starting User Login Management...
May 31 08:35:42 mx1 systemd[7936]: systemd-logind.service: Failed to set up mount namespacing: /run/systemd/unit-root/proc: Permission denied
May 31 08:35:42 mx1 systemd[7936]: systemd-logind.service: Failed at step NAMESPACE spawning /lib/systemd/systemd-logind: Permission denied
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Main process exited, code=exited, status=226/NAMESPACE
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Failed with result 'exit-code'.
May 31 08:35:42 mx1 systemd[1]: Failed to start User Login Management.
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Scheduled restart job, restart counter is at 1.
May 31 08:35:42 mx1 systemd[1]: Stopped User Login Management.
May 31 08:35:42 mx1 systemd[1]: Starting Load Kernel Module drm...
May 31 08:35:42 mx1 systemd[1]: modprobe@drm.service: Succeeded.
May 31 08:35:42 mx1 systemd[1]: Finished Load Kernel Module drm.
May 31 08:35:42 mx1 systemd[1]: Starting User Login Management...
May 31 08:35:42 mx1 systemd[7940]: systemd-logind.service: Failed to set up mount namespacing: /run/systemd/unit-root/proc: Permission denied
May 31 08:35:42 mx1 systemd[7940]: systemd-logind.service: Failed at step NAMESPACE spawning /lib/systemd/systemd-logind: Permission denied
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Main process exited, code=exited, status=226/NAMESPACE
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Failed with result 'exit-code'.
May 31 08:35:42 mx1 systemd[1]: Failed to start User Login Management.
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Scheduled restart job, restart counter is at 2.
May 31 08:35:42 mx1 systemd[1]: Stopped User Login Management.
May 31 08:35:42 mx1 systemd[1]: Starting Load Kernel Module drm...
May 31 08:35:42 mx1 systemd[1]: modprobe@drm.service: Succeeded.
May 31 08:35:42 mx1 systemd[1]: Finished Load Kernel Module drm.
May 31 08:35:42 mx1 systemd[1]: Starting User Login Management...
May 31 08:35:42 mx1 systemd[7944]: systemd-logind.service: Failed to set up mount namespacing: /run/systemd/unit-root/proc: Permission denied
May 31 08:35:42 mx1 systemd[7944]: systemd-logind.service: Failed at step NAMESPACE spawning /lib/systemd/systemd-logind: Permission denied
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Main process exited, code=exited, status=226/NAMESPACE
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Failed with result 'exit-code'.
May 31 08:35:42 mx1 systemd[1]: Failed to start User Login Management.
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Scheduled restart job, restart counter is at 3.
May 31 08:35:42 mx1 systemd[1]: Stopped User Login Management.
May 31 08:35:42 mx1 systemd[1]: Starting Load Kernel Module drm...
May 31 08:35:42 mx1 systemd[1]: modprobe@drm.service: Succeeded.
May 31 08:35:42 mx1 systemd[1]: Finished Load Kernel Module drm.
May 31 08:35:42 mx1 systemd[1]: Starting User Login Management...
May 31 08:35:42 mx1 systemd[7948]: systemd-logind.service: Failed to set up mount namespacing: /run/systemd/unit-root/proc: Permission denied
May 31 08:35:42 mx1 systemd[7948]: systemd-logind.service: Failed at step NAMESPACE spawning /lib/systemd/systemd-logind: Permission denied
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Main process exited, code=exited, status=226/NAMESPACE
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Failed with result 'exit-code'.
May 31 08:35:42 mx1 systemd[1]: Failed to start User Login Management.
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Scheduled restart job, restart counter is at 4.
May 31 08:35:42 mx1 systemd[1]: Stopped User Login Management.
May 31 08:35:42 mx1 systemd[1]: Starting Load Kernel Module drm...
May 31 08:35:42 mx1 systemd[1]: modprobe@drm.service: Succeeded.
May 31 08:35:42 mx1 systemd[1]: Finished Load Kernel Module drm.
May 31 08:35:42 mx1 systemd[1]: Starting User Login Management...
May 31 08:35:42 mx1 systemd[7952]: systemd-logind.service: Failed to set up mount namespacing: /run/systemd/unit-root/proc: Permission denied
May 31 08:35:42 mx1 systemd[7952]: systemd-logind.service: Failed at step NAMESPACE spawning /lib/systemd/systemd-logind: Permission denied
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Main process exited, code=exited, status=226/NAMESPACE
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Failed with result 'exit-code'.
May 31 08:35:42 mx1 systemd[1]: Failed to start User Login Management.
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Scheduled restart job, restart counter is at 5.
May 31 08:35:42 mx1 systemd[1]: Stopped User Login Management.
May 31 08:35:42 mx1 systemd[1]: modprobe@drm.service: Start request repeated too quickly.
May 31 08:35:42 mx1 systemd[1]: modprobe@drm.service: Failed with result 'start-limit-hit'.
May 31 08:35:42 mx1 systemd[1]: Failed to start Load Kernel Module drm.
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Start request repeated too quickly.
May 31 08:35:42 mx1 systemd[1]: systemd-logind.service: Failed with result 'exit-code'.
May 31 08:35:42 mx1 systemd[1]: Failed to start User Login Management.
May 31 08:35:43 mx1 pmgmirror[7542]: starting cluster synchronization
May 31 08:35:43 mx1 pmgmirror[7542]: cluster synchronization finished  (0 errors, 0.15 seconds (files 0.11, database 0.04, config 0.00))

Node - MX2
Code: 
May 31 08:33:42 mx2 pmgdaemon[4745]: command 'rsync '--rsh=ssh -l root -o BatchMode=yes -o HostKeyAlias=mx1' -q -aq --timeout 10 '[XXX.XX.XX.XXX]:/var/spool/pmg/cluster/' /var/spool/pmg/cluster/' failed: exit code 30
May 31 08:33:42 mx2 pmgdaemon[392]: end task UPID:mx2:00001289:0473235C:6295B67F:clusterjoin::root@pam: command 'rsync '--rsh=ssh -l root -o BatchMode=yes -o HostKeyAlias=mx1' -q -aq --timeout 10 '[XXX.XX.XX.XXX]:/var/spool/pmg/cluster/' /var/spool/pmg/cluster/' failed: exit code 30
May 31 08:33:43 mx2 pmg-smtp-filter[4925]: Beginning prefork (2 processes)
May 31 08:33:43 mx2 pmg-smtp-filter[4925]: Starting "2" children
May 31 08:33:44 mx2 sshd[4959]: Accepted publickey for root from XXX.XX.XX.XXX port 35250 ssh2: RSA SHA256:Iu3oCcZcuEl4gFOj02kUnU/pXKGGk+HGB5IXAL4yPLo
May 31 08:33:44 mx2 sshd[4959]: pam_unix(sshd:session): session opened for user root(uid=0) by (uid=0)
May 31 08:33:44 mx2 sshd[4959]: Received disconnect from XXX.XX.XX.XXX port 35250:11: disconnected by user
May 31 08:33:44 mx2 sshd[4959]: Disconnected from user root XXX.XX.XX.XXX port 35250
May 31 08:33:44 mx2 sshd[4959]: pam_unix(sshd:session): session closed for user root
May 31 08:34:13 mx2 pmg-smtp-filter[4925]: starting database maintenance
May 31 08:34:13 mx2 pmg-smtp-filter[4925]: end database maintenance (9 ms)
May 31 08:35:42 mx2 pmgmirror[4938]: starting cluster synchronization
May 31 08:35:43 mx2 sshd[5042]: Accepted publickey for root from XXX.XX.XX.XXX port 35252 ssh2: RSA SHA256:Iu3oCcZcuEl4gFOj02kUnU/pXKGGk+HGB5IXAL4yPLo
May 31 08:35:43 mx2 sshd[5042]: pam_unix(sshd:session): session opened for user root(uid=0) by (uid=0)
May 31 08:35:43 mx2 sshd[5042]: Received disconnect from XXX.XX.XX.XXX port 35252:11: disconnected by user
May 31 08:35:43 mx2 sshd[5042]: Disconnected from user root XXX.XX.XX.XXX port 35252
May 31 08:35:43 mx2 sshd[5042]: pam_unix(sshd:session): session closed for user root
May 31 08:35:52 mx2 pmgpolicy[4943]: starting policy database maintenance (greylist, rbl)
May 31 08:35:52 mx2 pmgpolicy[4943]: end policy database maintenance (6 ms, 1 ms)
May 31 08:36:13 mx2 pmg-smtp-filter[4925]: starting database maintenance
May 31 08:36:13 mx2 pmg-smtp-filter[4925]: end database maintenance (2 ms)
May 31 08:36:22 mx2 pmgmirror[4938]: database sync 'mx1' failed - command 'rsync '--rsh=ssh -l root -o BatchMode=yes -o HostKeyAlias=mx1' -q --timeout 10 '[XXX.XX.XX.XXX]:/var/spool/pmg' /var/spool/pmg --files-from /tmp/quarantinefilelist.4938' failed: exit code 30
May 31 08:36:22 mx2 pmgmirror[4938]: cluster synchronization finished  (1 errors, 40.80 seconds (files 0.00, database 15.53, config 25.27))
 
Last edited:
k.winter said:
May 31 08:32:31 mx1 systemd[7576]: systemd-logind.service: Failed to set up mount namespacing: /run/systemd/unit-root/proc: Permission denied May 31 08:32:31 mx1 systemd[7576]: systemd-logind.service: Failed at step NAMESPACE spawning /lib/systemd/systemd-logind: Permission denied May 31 08:32:31 mx1 systemd[1]: systemd-logind.service: Main process exited, code=exited, status=226/NAMESPACE May 31 08:32:31 mx1 systemd[1]: systemd-logind.service: Failed with result 'exit-code'.
Click to expand...
ist das PMG als container in PVE installiert?
falls ja dann muss nesting fuer den container aktiviert werden - siehe
https://pmg.proxmox.com/wiki/index...._7.0#Installations_as_Container_on_Proxmox_VE
(das haben wir vor Kurzem hinzugefügt...)
 
Erstellen des Clusters und Joiner der Node hat nun scheinbar funktioniert.

NGINX: 
May 31 23:17:48 mx1 pmgmirror[1766]: starting cluster synchronization
May 31 23:17:48 mx1 pmgmirror[1766]: cluster synchronization finished  (0 errors, 0.19 seconds (files 0.11, database 0.08, config 0.00))
May 31 23:17:49 mx1 pmgpolicy[1771]: starting policy database maintenance (greylist, rbl)
May 31 23:17:49 mx1 pmgpolicy[1771]: end policy database maintenance (6 ms, 1 ms)
May 31 23:18:01 mx1 CRON[2000]: pam_unix(cron:session): session opened for user root(uid=0) by (uid=0)
May 31 23:18:01 mx1 CRON[2001]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
May 31 23:18:01 mx1 CRON[2000]: pam_unix(cron:session): session closed for user root
May 31 23:18:03 mx1 postfix/postscreen[2006]: CONNECT from [37.0.15.227]:62461 to [XXX.XX.XX.XXX]:25
May 31 23:18:03 mx1 postfix/dnsblog[2008]: addr 37.0.15.227 listed by domain dnsbl-1.uceprotect.net as 127.0.0.2
May 31 23:18:03 mx1 postfix/dnsblog[2008]: addr 37.0.15.227 listed by domain zen.spamhaus.org as 127.0.0.3
May 31 23:18:03 mx1 postfix/dnsblog[2008]: addr 37.0.15.227 listed by domain zen.spamhaus.org as 127.0.0.4
May 31 23:18:03 mx1 postfix/dnsblog[2008]: addr 37.0.15.227 listed by domain zen.spamhaus.org as 127.0.0.2
May 31 23:18:03 mx1 postfix/postscreen[2006]: PREGREET 11 after 0.02 from [37.0.15.227]:62461: EHLO User\r\n
May 31 23:18:03 mx1 postfix/dnsblog[2008]: addr 37.0.15.227 listed by domain all.spamrats.com as 127.0.0.38
May 31 23:18:03 mx1 postfix/postscreen[2006]: DNSBL rank 3 for [37.0.15.227]:62461
May 31 23:18:20 mx1 pmg-smtp-filter[1756]: starting database maintenance
May 31 23:18:20 mx1 pmg-smtp-filter[1756]: end database maintenance (3 ms)
May 31 23:18:21 mx1 pmgdaemon[1044]: successful auth for user 'root@pam'
May 31 23:18:21 mx1 pmgdaemon[1045]: successful auth for user 'root@pam'
May 31 23:19:22 mx1 sshd[2237]: Accepted publickey for root from XXX.XX.XX.XXX port 58982 ssh2: RSA SHA256:XXXXXXXX
May 31 23:19:22 mx1 sshd[2237]: pam_unix(sshd:session): session opened for user root(uid=0) by (uid=0)
May 31 23:19:22 mx1 systemd-logind[128]: New session c5 of user root.
May 31 23:19:22 mx1 systemd[1]: Started Session c5 of user root.
May 31 23:19:22 mx1 sshd[2237]: Received disconnect from XXX.XX.XX.XXX port 58982:11: disconnected by user
May 31 23:19:22 mx1 sshd[2237]: Disconnected from user root XXX.XX.XX.XXX port 58982
May 31 23:19:22 mx1 sshd[2237]: pam_unix(sshd:session): session closed for user root
May 31 23:19:22 mx1 systemd[1]: session-c5.scope: Succeeded.
May 31 23:19:22 mx1 systemd-logind[128]: Session c5 logged out. Waiting for processes to exit.
May 31 23:19:22 mx1 systemd-logind[128]: Removed session c5.
May 31 23:19:22 mx1 sshd[2249]: Accepted publickey for root from XXX.XX.XX.XXX port 58984 ssh2: RSA SHA256:XXXXXXXX
May 31 23:19:22 mx1 sshd[2249]: pam_unix(sshd:session): session opened for user root(uid=0) by (uid=0)
May 31 23:19:22 mx1 systemd-logind[128]: New session c6 of user root.
May 31 23:19:22 mx1 systemd[1]: Started Session c6 of user root.
May 31 23:19:22 mx1 sshd[2249]: Received disconnect from XXX.XX.XX.XXX port 58984:11: disconnected by user
May 31 23:19:22 mx1 sshd[2249]: Disconnected from user root XXX.XX.XX.XXX port 58984
May 31 23:19:22 mx1 sshd[2249]: pam_unix(sshd:session): session closed for user root
May 31 23:19:22 mx1 systemd[1]: session-c6.scope: Succeeded.
May 31 23:19:22 mx1 systemd-logind[128]: Session c6 logged out. Waiting for processes to exit.
May 31 23:19:22 mx1 systemd-logind[128]: Removed session c6.
May 31 23:19:48 mx1 pmgmirror[1766]: starting cluster synchronization
May 31 23:19:48 mx1 pmgmirror[1766]: cluster synchronization finished  (0 errors, 0.16 seconds (files 0.12, database 0.04, config 0.00))


Leider ist mit im Syslog von MX2 noch folgendes aufgefallen:
Code: 
May 31 23:19:53 mx2 pmg-smtp-filter[682]: starting database maintenance
May 31 23:19:53 mx2 pmg-smtp-filter[682]: end database maintenance (2 ms)
May 31 23:19:55 mx2 sshd[1151]: Failed password for root from 61.177.172.19 port 22503 ssh2
May 31 23:19:56 mx2 sshd[1151]: Received disconnect from 61.177.172.19 port 22503:11:  [preauth]
May 31 23:19:56 mx2 sshd[1151]: Disconnected from authenticating user root 61.177.172.19 port 22503 [preauth]
May 31 23:19:56 mx2 sshd[1151]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.19  user=root
May 31 23:20:03 mx2 sshd[1164]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.19  user=root
May 31 23:20:05 mx2 sshd[1164]: Failed password for root from 61.177.172.19 port 28013 ssh2
May 31 23:20:09 mx2 sshd[1164]: Failed password for root from 61.177.172.19 port 28013 ssh2
May 31 23:20:12 mx2 sshd[1164]: Failed password for root from 61.177.172.19 port 28013 ssh2
May 31 23:20:13 mx2 sshd[1164]: Received disconnect from 61.177.172.19 port 28013:11:  [preauth]
May 31 23:20:13 mx2 sshd[1164]: Disconnected from authenticating user root 61.177.172.19 port 28013 [preauth]
May 31 23:20:13 mx2 sshd[1164]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.19  user=root
May 31 23:20:19 mx2 sshd[1185]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.19  user=root
May 31 23:20:21 mx2 sshd[1185]: Failed password for root from 61.177.172.19 port 21879 ssh2
May 31 23:20:25 mx2 sshd[1185]: Failed password for root from 61.177.172.19 port 21879 ssh2
May 31 23:20:27 mx2 sshd[1185]: Failed password for root from 61.177.172.19 port 21879 ssh2
May 31 23:20:29 mx2 sshd[1185]: Received disconnect from 61.177.172.19 port 21879:11:  [preauth]
May 31 23:20:29 mx2 sshd[1185]: Disconnected from authenticating user root 61.177.172.19 port 21879 [preauth]
May 31 23:20:29 mx2 sshd[1185]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.19  user=root
May 31 23:21:22 mx2 pmgmirror[695]: starting cluster synchronization
May 31 23:21:22 mx2 pmgmirror[695]: cluster synchronization finished  (0 errors, 0.85 seconds (files 0.12, database 0.47, config 0.26))
May 31 23:21:42 mx2 pmgpolicy[700]: starting policy database maintenance (greylist, rbl)
May 31 23:21:42 mx2 pmgpolicy[700]: end policy database maintenance (5 ms, 1 ms)
May 31 23:21:49 mx2 sshd[1439]: Accepted publickey for root from XXX.XX.XX.XXX port 35260 ssh2: RSA SHA256:XXXXXXXX
May 31 23:21:49 mx2 sshd[1439]: pam_unix(sshd:session): session opened for user root(uid=0) by (uid=0)
May 31 23:21:49 mx2 sshd[1439]: Received disconnect from XXX.XX.XX.XXX port 35260:11: disconnected by user
May 31 23:21:49 mx2 sshd[1439]: Disconnected from user root XXX.XX.XX.XXX port 35260
May 31 23:21:49 mx2 sshd[1439]: pam_unix(sshd:session): session closed for user root
May 31 23:21:53 mx2 pmg-smtp-filter[682]: starting database maintenance
May 31 23:21:53 mx2 pmg-smtp-filter[682]: end database maintenance (2 ms)
May 31 23:23:22 mx2 pmgmirror[695]: starting cluster synchronization
May 31 23:23:23 mx2 pmgmirror[695]: cluster synchronization finished  (0 errors, 0.86 seconds (files 0.12, database 0.47, config 0.2

Die IP 61.177.172.19 ist jedoch völlig unbekannt. Kann ich dies einfach ignorieren? Dies taucht nur auf dem Node auf nicht auf dem Master.

Gleichzeitig gibt es auf dem Node wohl noch Probleme die Mails zu empfangen
Code: 
May 31 23:52:16 mx2 pmg-smtp-filter[712]: 2022/05/31-23:52:16 CONNECT TCP Peer: "[127.0.0.1]:50194" Local: "[127.0.0.1]:10024"
May 31 23:52:16 mx2 pmg-smtp-filter[712]: A08BC62968E103FED8: new mail message-id=<C8E600E0-4609-4C5F-8BE7-69AB7D4E1D5D@icloud.com>
May 31 23:52:19 mx2 pmg-smtp-filter[712]: A08BC62968E103FED8: SA score=0/5 time=2.970 bayes=undefined autolearn=ham autolearn_force=no hits=DKIM_SIGNED(0.1),DKIM_VALID(-0.1),DKIM_VALID_AU(-0.1),DKIM_VALID_EF(-0.1),FREEMAIL_FROM(0.001),RCVD_IN_DNSWL_LOW(-0.7),SPF_HELO_NONE(0.001),SPF_PASS(-0.001),T_SCC_BODY_TEXT_LINE(-0.01)
May 31 23:52:19 mx2 postfix/smtpd[4565]: connect from localhost[127.0.0.1]
May 31 23:52:19 mx2 postfix/smtpd[4565]: 40703A08BD: client=localhost[127.0.0.1], orig_client=mr85p00im-ztdg06021201.me.com[17.58.23.189]
May 31 23:52:19 mx2 postfix/cleanup[4566]: 40703A08BD: message-id=<C8E600E0-4609-4C5F-8BE7-69AB7D4E1D5D@icloud.com>
May 31 23:52:19 mx2 postfix/qmgr[583]: 40703A08BD: from=<XXXXXX@icloud.com>, size=3525, nrcpt=1 (queue active)
May 31 23:52:19 mx2 pmg-smtp-filter[712]: A08BC62968E103FED8: accept mail to <XXXXX@XXXXXX.de> (40703A08BD) (rule: default-accept)
May 31 23:52:19 mx2 postfix/smtpd[4565]: disconnect from localhost[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
May 31 23:52:19 mx2 pmg-smtp-filter[712]: A08BC62968E103FED8: processing time: 3.009 seconds (2.97, 0.018, 0)
May 31 23:52:19 mx2 postfix/smtpd[4556]: proxy-accept: END-OF-MESSAGE: 250 2.5.0 OK (A08BC62968E103FED8); from=<XXXXXX@icloud.com> to=<XXXXXX@XXXXXX.de> proto=ESMTP helo=<mr85p00im-ztdg06021201.me.com>
May 31 23:52:19 mx2 postfix/smtpd[4556]: disconnect from mr85p00im-ztdg06021201.me.com[17.58.23.189] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
May 31 23:52:49 mx2 postfix/smtp[4567]: connect to XXXXXXX[XXXXXXX]:25: Connection timed out
May 31 23:52:49 mx2 postfix/smtp[4567]: 40703A08BD: to=<mail@kevin-winter.de>, relay=none, delay=30, delays=0.01/0.01/30/0, dsn=4.4.1, status=deferred (connect to XXXXXXXXX:25: Connection timed out)
 
Last edited:
k.winter said:
Leider ist mit im Syslog von MX2 noch folgendes aufgefallen:
Click to expand...
sehe kein problem in dem log, dass mit der cluster-synchronisation zu tun hätte?
k.winter said:
Die IP 61.177.172.19 ist jedoch völlig unbekannt. Kann ich dies einfach ignorieren? Dies taucht nur auf dem Node auf nicht auf dem Master.
Click to expand...
Sieht nach einer brute-force attacke aus um auf das system zu kommen - wenn das PMG (oder sonst ein system) offen im Internet haengt, wuerde es sich anbieten eine firewall (mit nftables/iptables) einzurichten und auch fail2ban zu installieren.

k.winter said:
Gleichzeitig gibt es auf dem Node wohl noch Probleme die Mails zu empfangen
Click to expand...
k.winter said:
May 31 23:52:49 mx2 postfix/smtp[4567]: 40703A08BD: to=<mail@kevin-winter.de>, relay=none, delay=30, delays=0.01/0.01/30/0, dsn=4.4.1, status=deferred (connect to XXXXXXXXX:25: Connection timed out)
Click to expand...
da scheint die node nicht zum downstream server connecten zu können - vielleicht fehlt eine firewall policy die das erlaubt?
 
Danke. Alle Themen erledigt. Es gibt evtl nochmal einen neuen Threat falls ich bei einem weiteren Problem mit Fail2Ban nicht weiter komme.
 
  • Like
Reactions: Stoiko Ivanov
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom