I think the solution, is this: Modify /etc/cron.daily to reset the permissions - just before the sleep stanza:
chown -R debian-spamd:debian:spamd /var/lib/spamassassin; ...and that's it. People can now run sa-update as root, and "invoke-rc.d spamassassin" and it will work. That evening, the cronjob will quietly reset the ownership/permissions to what they should be (on debian), in order for them to run without error. ...how does this not fulfill each case? -- Mark On Mar 19, 2015, at 10:33 PM, Bob Proulx <b...@proulx.com> wrote: > Bob Proulx wrote: >> Mark - Syminet wrote: >>> Fixed with the following commands: >>> >>> chown -R debian-spamd:debian-spamd /etc/spamassassin /var/lib/spamassassin >> >> Yes. > > Actually no. I neglected to see the /etc/spamassassin in there. > Don't do that. That's bad. Those files should be owned by root. The > sa-update process should not be able to write to them. > > chown -R root:root /etc/spamassassin > > Sorry for fumbling that part of my response. > > Bob
signature.asc
Description: Message signed with OpenPGP using GPGMail
