Gene Heskett wrote: [snip] > But after yet another spamd restart, htop says it is still > running as root, but the messages log argues with that: > > Dec 14 21:03:28 coyote su(pam_unix)[28992]: session opened for user > spamd by root(uid=0) > Dec 14 21:05:50 coyote su(pam_unix)[28992]: session closed for user > spamd
These look like login records from your "su spamd" commands; I've never seen these with spamd startup or shutdown. > Dec 14 21:06:22 coyote spamd: spamd shutdown succeeded > Dec 14 21:06:24 coyote spamd: spamd startup succeeded This looks normal, but it doesn't indicate anything about which user spamd actually started up as. The first "spamd:" on each line is just the process name, and the rest of the line is the message from that process. It's a bit odd that it doesn't show the PID there though, but IMO irrelevant to your problem. (I may also be talking through my hat here; I've never seen spamd messages like that anywhere in my logs.) > Htop is lieing to me? Sure looks like it. Now go see what the tail > on the maillog says: > > It shows none of those errors on the last 3 mail fetches. And then > its back again: > > Dec 14 21:12:02 coyote spamd[29107]: spamd: connection from > localhost.localdomain [127.0.0.1] at port 46775 > Dec 14 21:12:02 coyote spamd[29107]: spamd: creating > default_prefs: /root/.spamassassin/user_prefs > Dec 14 21:12:02 coyote spamd[29107]: config: cannot write > to /root/.spamassassin/user_prefs: Permission denied Classic indication that spamd is still running as root. Or possibly trying to scan mail *for* root, in a configuration that allows for per-user preferences. I don't recall seeing exactly which OS (BSD? Linux? Which distro?) you're running and how you installed SA; but *most* packaged versions include a separate file to set spamd options. For instance, on any RedHat or Redhat-derived system (any Fedora Core release, RHEL and clones, legacy RHL, and probably most other RPM-based distros), the "standard" SA packages will usually include a file /etc/sysconfig/spamassassin. This file includes *usually) a single shell variable that's used by the init script to set spamd options. Debian typically uses /etc/default/spamassassin. Modifying the init script will probably get the option in place, but when you upgrade your package (if that's how you installed SA), your changes will be wiped out. -kgd -- Get your mouse off of there! You don't know where that email has been!
