On Thursday 15 December 2005 10:37, Matt Kettler wrote: >Gene Heskett wrote: >> [EMAIL PROTECTED] .spamassassin]# su spamd >> [EMAIL PROTECTED] .spamassassin]$ ls >> ls: .: Permission denied >> [EMAIL PROTECTED] .spamassassin]$ pwd >> /home/spamd/.spamassassin >> >>>Fortunately unix is protecting you from yourself here. Your effort >>>to give spamd rights to /root/.spammassassin is foolish and >>> outright dangerous. >> >> No doubt, but I'm just trying to figure out two things. >> 1. Why won't spamd run as the user spamd >> 2. Why can't the user spamd see, read or write to his own home dir? > >well, who owns /home/spamd? What are it's rights? spamd:spamd & rwxr-xr-x
>who owns /home/spamd/.spamassassin? what are it's rights? [EMAIL PROTECTED] home]# pwd /home [EMAIL PROTECTED] home]# ls -la total 912 drwxr-xr-x 9 root root 4096 Dec 14 20:57 . drwxr-xr-x 31 root root 4096 Dec 8 16:29 .. drwxr-xr-x 23 amanda disk 4096 Dec 1 23:41 amanda -rwxr-xr-x 1 root root 891514 Jan 16 2005 current-tar drwx------ 3 jhines jhines 4096 Nov 9 2004 elladene drwx------ 14 elmer elmer 4096 Nov 12 2002 elmer drwx------ 33 gene gene 4096 Dec 15 10:36 gene drwx------ 2 root root 4096 Oct 22 2002 lost+found drwx------ 3 503 roadrunner 4096 Nov 21 2002 roadrunner drwxr-xr-x 6 spamd spamd 4096 Dec 14 20:59 spamd >Since you can't ls the directory, for some reason spamd doesn't have > the X right to the .spamassassin directory. That's bad. Directories > should be rwx to their owners. I've switched my fetchmail deposit file to /var/spool/mail/gene by changing the polling line 'as root' to 'as gene', added an local rx account named gene to kmail, then reset spamd to run as -u gene and gave it that path in the #SPAMDOPTIONS. The bayes stuff in ~/gene/.spamassassin is now being properly updated. And mail is still coming in as usual. So thats progress. But its still trying to access the /root/.spamassassin dir for the auto-whitelist stuffs as shown in the maillog output just 30 seconds ago: Dec 15 11:13:29 coyote spamd[17419]: locker: safe_lock: cannot create lockfile /root/.spamassassin/auto-whitelist.mutex: Permission denied Dec 15 11:13:29 coyote spamd[17419]: auto-whitelist: open of auto-whitelist file failed: locker: safe_lock: cannot create lockfile /root/.spamassassin/auto-whitelist.mutex: Permission denied And this error still persists AFTER the .cf stuffs in everyplace but /etc/mail/spamassassin have been nuked. >>>Since spamd has no rights to /root, it can't read >>>/root/.spamassassin. But stop trying to give spamd any rights to >>>root's homedir. It's a dangerous game. You really don't want it to >>>have any rights to these files. >>> >>>Make sure the spamd user has it's OWN homedir in /home/spamd, or >>> some such thing. It is now useing /home/gene for the bayes stuffs, and ITS (bayes_*) WORKING! As in they are being updated on every mail run now. >> It does, and its contents are now a copy of /etc/mail/spamassassin, >> as follows: > >*Why* is it a copy of /etc/mail/spamassassin??!!! > >There should be NO .cf files in a .spamassassin dir. Only user_prefs, > bayes files and autowhitelist files. Nothing else will be used by SA > in this directory, so anything else that's here is mis-placed. Oh? ALL Gone, I was wondering how to keep all that in synch. But where then does it get the local.cf data? -- Cheers, Gene People having trouble with vz bouncing email to me should use this address: <[EMAIL PROTECTED]> which bypasses vz's stupid bounce rules. I do use spamassassin too. :-) Yahoo.com and AOL/TW attorneys please note, additions to the above message by Gene Heskett are: Copyright 2005 by Maurice Eugene Heskett, all rights reserved.
