Solved: How to get Transmission to send emails via exim again.

If none of the more specific forums is the right place to ask
Post Reply
Message
Author
Krondor
Posts: 11
Joined: 2021-09-09 00:05

Solved: How to get Transmission to send emails via exim again.

#1 Post by Krondor »

Since upgrading to Debian 11, I've noticed that my transmission-daemon no longer executes the "finished torrent" script I told it to. I tested the script and it seems good, I even tried making permissions very permissive which didn't help. I didn't find any logs in /var/log and I tried to run transmission-daemon in the foreground, but I can't seem to get it running as the debian-transmission user that it usually runs as; it just exits right away with no message. How can I get logs and try to figure out why my script is no longer running?

Thanks!
Last edited by Krondor on 2021-10-15 20:48, edited 1 time in total.

User avatar
Hallvor
Posts: 1309
Joined: 2009-04-16 18:35
Location: Kristiansand, Norway
Has thanked: 12 times
Been thanked: 34 times

Re: Where are transmission-daemon logs?

#2 Post by Hallvor »

debian-transmission may not have the necessary permissions to write to /var/log (or logging isn't enabled). It may also be pointed to a different directory.

You can select a different directory by running transmission-daemon with the -e parameter and location /path/to/transmission.log
Lenovo ThinkPad T440S, Intel Core i7-4600U CPU @ 2.10GHz, 8 GB RAM, 256 GB SSD, Debian Bullseye (KDE)
Installing and configuring Debian Bullseye: viewtopic.php?f=16&t=150334

Krondor
Posts: 11
Joined: 2021-09-09 00:05

Re: Where are transmission-daemon logs?

#3 Post by Krondor »

Right but how do I actually run it with that option? I'm not very familiar with systemd and it seems like putting these options in /etc/default/transmission-daemon or /etc/init/transmission-daemon.conf is ignored. When I try to start it as root using
su - debian-transmission /usr/bin/transmission-daemon -e /etc/transmission-daemon/log.log
it just exits right away with no message. What am I doing wrong?

Krondor
Posts: 11
Joined: 2021-09-09 00:05

Re: Where are transmission-daemon logs?

#4 Post by Krondor »

I figured it out! The file I had to edit was /lib/systemd/system/transmission-daemon.service according to https://www.cviorel.com/enable-transmis ... g-to-file/
I'm really curious wtf all these other systemd files I was editing with similar options are for. But now I have a log and I'm on my way to finding out why my script isn't running. I'll post the solution for others once I find it!

Krondor
Posts: 11
Joined: 2021-09-09 00:05

Re: Where are transmission-daemon logs?

#5 Post by Krondor »

Crap, as far as I can tell it is running it:
[2021-09-10 11:03:38.553] kubuntu-21.04-desktop-amd64.iso Calling script "/etc/transmission-daemon/torrent-finished.sh" (torrent.c:2270)

Krondor
Posts: 11
Joined: 2021-09-09 00:05

Re: Where are transmission-daemon logs?

#6 Post by Krondor »

So I've been digging into this, and I was able to prove that transmission *is* executing the script with all the environment variables that it should be. The real problem here is that the user debian-transmission cannot send email using exim4, while my normal user and the system can just fine. I get the error:

2021-09-23 16:27:57 1mTY8D-002dBG-PT Failed to create spool file /var/spool/exim4//input//1mTY8D-002dBG-PT-D: Permission denied
Can't send mail: sendmail process failed with error code 1

I changed the permissions of /var/spool/exim4 and /var/spool/exim4/input and then it crashed with a new error:

exim.c:783: chown(/var/spool/exim4//input//1mTYHP-002dGP-9v-D, 107:113) failed (Operation not permitted). Please contact the authors and refer to https://bugs.exim.org/show_bug.cgi?id=2391

When I go into input, I see a file created that is owned by debian-transmission! I tried running exim4 in various debug modes but didn't see any useful information. I feel like I'm so close to fixing this yet so far! Got any more tips for me o wise internet?

User avatar
Hallvor
Posts: 1309
Joined: 2009-04-16 18:35
Location: Kristiansand, Norway
Has thanked: 12 times
Been thanked: 34 times

Re: Where are transmission-daemon logs?

#7 Post by Hallvor »

Maybe you need to add debian-transmission to the correct group membership. If I am not terribly mistaken, mail.

https://www.howtogeek.com/50787/add-a-u ... -on-linux/

Why do you want to use e-mail? I use the Android app to connect to my headless torrentserver, and it notifies me of finished torrents. You can also use your mobile phone to start torrents or change settings. Very useful,
Lenovo ThinkPad T440S, Intel Core i7-4600U CPU @ 2.10GHz, 8 GB RAM, 256 GB SSD, Debian Bullseye (KDE)
Installing and configuring Debian Bullseye: viewtopic.php?f=16&t=150334

Krondor
Posts: 11
Joined: 2021-09-09 00:05

Re: Where are transmission-daemon logs?

#8 Post by Krondor »

I had that thought too, but my regular user isn't in any groups specific to mail or being a "normal" user. For comparison:
My user: jt cdrom floppy sudo audio dip video plugdev netdev scanner debian-transmission
debian-transmission: debian-transmission

Furthermore, I changed the debian-transmission user to have a bash login shell instead of false, su'd to this user as root, and then tested out the mail command and it worked just fine! So it's not even the user itself, it's seemingly only not working when the transmission daemon is actually running as a daemon and tries to send mail.

I use transmission-qt remotely and transmission-remote on the server to manage it. I still like using email because it's easier to read through when I'm ready and not accidentally cleared and also it would bother me with alerts when I don't care about handling torrents.

Darsh
Posts: 3
Joined: 2021-10-06 09:42

Re: Where are transmission-daemon logs?

#9 Post by Darsh »

I've got the same issue. I've upgraded to Debian 11, and Transmission stopped sending emails after the job completion, no matter what mail program I use: mail, mutt, or exim itself, the error is the same: "Failed to create a spool file".
The script itself has just one line (I've added full debug to get to the bottom of the issue):

Code: Select all

(/bin/echo "Subject: \"$TR_TORRENT_NAME\" done"; /bin/echo "Transmission finished downloading \"$TR_TORRENT_NAME\" to $TR_TORRENT_DIR on $TR
_TIME_LOCALTIME") | /usr/sbin/exim4 -d+all darsh
When I run this script with "sudo -u debian-transmission <command>", the email is sent successfully. However, when this same script is started by transmission daemon, the following lines appear in the debug:

Code: Select all

10:38:11 15622 Exim has no root privilege: uid=111 gid=100 euid=111 egid=100
10:38:11 15622 changed uid/gid: forcing real = effective
10:38:11 15622   uid=111 gid=100 pid=15622
10:38:11 15622   auxiliary group list: 100
10:38:11 15622 dropping to exim gid; retaining priv uid
10:38:11 15622 changing group to 103 failed: Operation not permitted
...
10:38:11 15622 Data file name: /var/spool/exim4//input//1mY3NL-00043y-UU-D
10:38:11 15622 LOG: MAIN PANIC DIE
10:38:11 15622   Failed to create spool file /var/spool/exim4//input//1mY3NL-00043y-UU-D: Permission denied
uid 111 is "daemon-transmission", gid 100 is "users", gid 103 is "Debian-exim", file permissions on the spool folder are:

Code: Select all

drwxr-x--- 7 Debian-exim Debian-exim 4096 May 10 18:52 /var/spool/exim4/
As far as I understand, Exim doesn't suid root here for some reason, and since it is not a root later, it cannot change its gid to Debian-exim, which prevents it to write into the spool folder, so it fails.
When I run this same script via sudo, there are no lines "Exim has no root privilege" and "changing to group 103 failed", so, as far as I understand, Exim successfully changes to root, then changes gid to 103, and successfully writes to the spool folder.

Is there a new setting in Exim to black or white list users or groups or daemons that Exim will allow to suid root? Looks like that Exim is simply not allowing Transmission to suid root. Or something else is preventing Exim to suid root when called from the transmission daemon.


Darsh

Darsh
Posts: 3
Joined: 2021-10-06 09:42

Re: Where are transmission-daemon logs?

#10 Post by Darsh »

This same script started from crontab from the same user daemon-transmission, is executed successfully, and the e-mail is successfully sent. So, when started from sudo or crond, setuid works. Only when started from Transmission, it fails. There must be something in Transmission itself...

And it turns out to be Transmission's new behaviour. Reading through Transmission's changelog:
=== https://github.com/transmission/transmi ... s/tag/3.00 ===
Daemon
- Harden transmission-daemon.service by disallowing privileges elevation (#795)
=== https://github.com/transmission/transmission/pull/795 ===
jelly commented on Dec 28, 2018
Systemd 227 introduced the option to make a service disallow elevating privileges.
===

Reporting to the Transmission team.

I've downgraded Transmission back to the buster's v2.94, it sends the emails fine - but it turned out to be unstable on bullseye, so I went for a workaround instead. I've de-coupled reporting the download and sending email functions. Transmission now saves the report to a file, while the cron job checks for this file's presence, and sends the contents via email when the file is present.


Regards,
Dmitry

Krondor
Posts: 11
Joined: 2021-09-09 00:05

Re: Where are transmission-daemon logs?

#11 Post by Krondor »

Wow that's some great detective work Dmitry! I'm filing a bug with Debian right now, but I'll hold off if you've already done it. Can you please link me to your bug report so I can watch it?

Krondor
Posts: 11
Joined: 2021-09-09 00:05

Re: Where are transmission-daemon logs?

#12 Post by Krondor »

Nevermind, I see your reply in the second link. Thanks again!

Krondor
Posts: 11
Joined: 2021-09-09 00:05

Re: Where are transmission-daemon logs?

#13 Post by Krondor »

I found an even easier workaround! Just do this:
  1. Edit /etc/systemd/system/multi-user.target.wants/transmission-daemon.service
  2. Change NoNewPrivileges=true to NoNewPrivileges=false
  3. run systemctl daemon-reload
  4. run service transmission-daemon restart

Krondor
Posts: 11
Joined: 2021-09-09 00:05

Re: Where are transmission-daemon logs?

#14 Post by Krondor »

I reported it to Debian and the maintainer is reporting it upstream :)

I regret not picking a better name for this thread now.

Darsh
Posts: 3
Joined: 2021-10-06 09:42

Re: Where are transmission-daemon logs?

#15 Post by Darsh »

Thanks to sandrotosi and ckerr at Transmission's GitHub - the issue is in systemd's setting "NoNewPrivileges=true" in /lib/systemd/system/transmission-daemom.service. After changing it to "false" and reloading the daemon the e-mails started working again.

Krondor, you should still be able to edit the subject of this thread.


Darsh

User avatar
sunrat
Global Moderator
Global Moderator
Posts: 3934
Joined: 2006-08-29 09:12
Location: Melbourne, Australia
Has thanked: 10 times
Been thanked: 47 times

Re: Where are transmission-daemon logs?

#16 Post by sunrat »

Krondor wrote: 2021-10-14 18:07I regret not picking a better name for this thread now.
You can edit the title in the first post, although I think that doesn't change it in replies made before the edit.
“ computer users can be divided into 2 categories:
Those who have lost data
...and those who have not lost data YET ”
Remember to BACKUP!

Krondor
Posts: 11
Joined: 2021-09-09 00:05

Re: Solved: How to get Transmission to send emails via exim again.

#17 Post by Krondor »

Thanks Sunrat, I've changed it to something more informative :)

Post Reply