[Gllug] SpamAssassin uid/gid
Nix
nix at esperi.org.uk
Tue Mar 13 23:27:07 UTC 2007
On 13 Mar 2007, Jon Dye verbalised:
> I've just installed a plug-in to spamassassin which attempts to write to
> its own log file. The log file has group writable permissions and my
> user is in that group. When I run spamassassin it can happily log to
> that file. When I use spamd (running as root) and spamc (run as me),
> spamd can't write to that file. After putting some debugging into the
> relevant plug-in I've discovered that spamd changes uid and gid to that
> of my user (from root) but it only contains my primary group in the list
> of groups and therefore not the required group.
This is done by Mail::SpamAssassin::Util::setuid_to_euid(), which is
very tricky to keep working because there are Perl bugs on various
platforms which break uid changing in various different ways.
This function does not even attempt to set the supplementary group
list. Maybe it should.
> Does anyone have any experience of spamassassin or any tips on what I
> could do to get this to work properly with spamd?
The only sane way to fix this is to fix the plugin to use the logging
facilities from Mail::SpamAssassin::Logger, which will use the syslog
properly. Writing to files is fraught with trickinesses due to the
manifold ways SA can be invoked (look at the various file-based
BayesStore methods for more nasty warts than you can easily imagine...)
(Thankfully Mail::SpamAssassin::Logger is really easy to use, and if
your only problem is a logfile then you won't need to bother with those
warts.)
(Which plugin is this, btw? I might fix it myself...)
--
`In the future, company names will be a 32-character hex string.'
--- Bruce Schneier on the shortage of company names
-------------- next part --------------
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list