[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: -u option on CVS
|
From: |
Dan Nelson |
|
Subject: |
Re: -u option on CVS |
|
Date: |
Sun, 6 Feb 2005 14:42:06 -0600 |
|
User-agent: |
Mutt/1.5.6i |
In the last episode (Feb 06), Daniel A. Deitch said:
> Correct ... the Info user doesn't exist, but then it doesn't revert
> to the SHAREDSPAM user, it reverts to root ... I'll add the flag and
> repost ...
[...]
> Feb 6 18:45:32 spamass-milter[63385]: calling /usr/sbin/sendmail -bv
> "<address@hidden>" 2>&1
> Feb 6 18:45:32 spamass-milter[63385]: sendmail output: <address@hidden>...
> deliverable: mailer esmtp, host divots.dnsalias.org., user address@hidden
> Feb 6 18:45:32 spamass-milter[63385]: user: address@hidden
> Feb 6 18:45:32 spamass-milter[63385]: Total of 1 actual recipients
> Feb 6 18:45:32 spamass-milter[63385]: remembering address@hidden for spamc
> Feb 6 18:45:32 spamass-milter[63385]: remembering recipient <address@hidden>
> Feb 6 18:45:33 spamass-milter[64083]: spamc gets jgarrison
> Feb 6 18:45:33 spamd[63373]: connection from localhost [127.0.0.1] at port
> 1471
> Feb 6 18:45:33 spamd[63373]: handle_user: unable to find user 'jgarrison'!
> Feb 6 18:45:33 spamd[63373]: Still running as root: user not specified with
> -u, not found, or set to root. Fall back to nobody.
> Feb 6 18:45:33 spamd[63373]: processing message <address@hidden> for
> jgarrison:65534.
> Feb 6 18:45:35 spamd[63373]: identified spam (20.6/5.0) for jgarrison:65534
> in 1.8 seconds, 21313 bytes.
> Feb 6 18:45:35 spamd[63373]: result: Y 20 -
> FORGED_RCVD_HELO,HTML_50_60,HTML_MESSAGE,HTML_NONELEMENT_30_40,MIME_HTML_MOSTLY,NO_REAL_NAME,divots_woodenhangers
> scantime=1.8,size=21313,mid=<address@hidden>,autolearn=failed
Hre's what's happenning for this email:
Spamass-milter gets the recipient address as <address@hidden>. It
then asks sendmail to expand that, which produces
<address@hidden>. Spamass-milter strips off the domain
part and passes the username "jgarrison" to SpamAssassin. SpamAssassin
looks up the username and fails, reverting to the root user.
This is actually how it's supposed to work. Spamass-milter doesn't
know what user database SpamAssassin is using; all it can do is try and
rewrite aliases/virtualhosts and hope the resulting address is one
SpamAssassin knows about. If you were using SpamAssassin's SQL
backend, for example, the userlist doesn't have to correspond to local
userids at all.
What might work for you is editing SpamAssassin's spamd script to
setuid itself to "sharedspam" instead of "nobody" around line 1043:
my ( $uid, $gid ) = ( getpwnam('nobody') )[ 2, 3 ];
--
Dan Nelson
address@hidden
- -u option on CVS, Daniel A. Deitch, 2005/02/05
- RE: -u option on CVS, Daniel A. Deitch, 2005/02/06
- Re: -u option on CVS,
Dan Nelson <=
- RE: -u option on CVS, Daniel A. Deitch, 2005/02/06
- RE: -u option on CVS, Daniel A. Deitch, 2005/02/06
- RE: -u option on CVS, Daniel A. Deitch, 2005/02/07
- RE: -u option on CVS, Daniel A. Deitch, 2005/02/07
- RE: -u option on CVS, Daniel A. Deitch, 2005/02/07
- RE: -u option on CVS, Daniel A. Deitch, 2005/02/07
- RE: -u option on CVS, Daniel A. Deitch, 2005/02/08