tags 411094 - patch
severity 411094 normal
retitle 411094 Run spamass-milter as its own user
thanks
On Fri, 16 Feb 2007, Damir R. Islamov wrote:
> Package: spamass-milter
> Version: 0.3.1-4
> Severity: important
> File: /etc/default/spamass-milter
> Tags: patch
>
>
> If spamass-milter is run in a server with option performing virtusertable and
> alias expansion
> OPTIONS="-u nobody -i 127.0.0.1 -x"
This option has nothing to do with the user that spamass-milter is
running as; it only affects the default user spamass-milter passes to
spamc when it can't figure out what user to use.
> is generates errors like this
> Feb 13 03:08:35 trefle sendmail[22288]: NOQUEUE: SYSERR(nobody): can not
> chdir(/var/spool/mqueue/): Permission denied
>
> The solution was founded: spamass-milter should be run as a user (e.g.
> 'spamass')
> which should be included in 'smmsp' group.
> In this case spamass-milter is able to work with
> OPTIONS="-u spamass -i 127.0.0.1 -x"
> in /etc/default/spamass-milter file
>
> Also this solution doesn't brake security model.
It should run as its own user, but it definetly should not be gid
smmsp. If sendmail is unable to chdir to /var/spool/mqueue, then it
means that for some reason you've removed the setgid on
/usr/lib/sendmail.
Don Armstrong
--
UF: What's your favourite coffee blend?
PD: Dark Crude with heavy water. You are understandink? "If geiger
counter does not click, the coffee, she is just not thick."
http://www.donarmstrong.com http://rzlab.ucr.edu
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
