On Fri, 4 Sep 2015 11:37:09 -0700
Chris Cappuccio <ch...@nmedia.net> wrote:
> Adam Wolk [adam.w...@tintagel.pl] wrote:
> > > > -rw------- 1 _spampd _spampd 9.8M Sep 3 22:52 bayes_seen
> > > > -rw------- 1 _spampd _spampd 65.3G Sep 3 22:55 bayes_toks
> > > >
> > >
> > > What are your memory limits for the user/daemon class that runs
> > > spamassassin?
> >
> > Touche, not set. Though it was running like that since ~December
> > last year hence my question to misc@ if anyone noticed it behaving
> > differently since the last release. In no way I'm assuming that
> > something is wrong on the OS / software level - in fact I assumed
> > that my setup was performed incorrectly by me. So far I learned a
> > ton of useful info by asking on the list here, hope no one feels
> > offended :)
> >
> > $ cat /etc/login.conf | grep -i spam
> > $
> >
>
> Well it still runs with some class, perhaps as daemon ?
>
> I guess I'm really asking, is your login.conf modified? Post it and
> your rc.conf.local
>
Not modified by hand.
$ grep -i spam /etc/passwd
_spamd:*:62:62:Spam Daemon:/var/empty:/sbin/nologin
_spamdaemon:*:506:506:SpamAssassin:/var/db/spamassassin:/sbin/nologin
_spampd:*:746:746:spampd user:/var/spampd:/sbin/nologin
$ id _spamd
uid=62(_spamd) gid=62(_spamd) groups=62(_spamd)
$ id _spamdaemon
uid=506(_spamdaemon) gid=506(_spamdaemon) groups=506(_spamdaemon)
$ id _spampd
uid=746(_spampd) gid=746(_spampd) groups=746(_spampd)
$
$ cat /etc/login.conf
# $OpenBSD: login.conf,v 1.5 2015/07/20 18:53:18 sthen Exp $
#
# Sample login.conf file. See login.conf(5) for details.
#
#
# Standard authentication styles:
#
# passwd Use only the local password file
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#
# Default allowed authentication styles
auth-defaults:auth=passwd,skey:
# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:
#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin
/usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=512:\
:stacksize-cur=4M:\
:localcipher=blowfish,8:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:
#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=128:\
:stacksize-cur=8M:\
:localcipher=blowfish,9:\
:tc=default:
#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=1536M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=256:\
:ignorenologin:\
:requirehome@:\
:tc=default:
#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:
#
# Building ports with DPB uses raised limits
#
pbuild:\
:datasize-max=infinity:\
:datasize-cur=4096M:\
:maxproc-max=1024:\
:maxproc-cur=256:\
:tc=default:
#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=512:\
:tc=daemon:
unbound:\
:openfiles-cur=512:\
:tc=daemon:
dovecot:\
:openfiles-cur=512:\
:openfiles-max=2048:\
:tc=daemon:
