On 5/9/2013 1:29 PM, starlight.201...@binnacle.cx wrote:
Figured it out--silly problem.
Overlooked setting 'umask 022' before running
'sa-update' and so the permission were
all set to 750 instead of 755. SA runs
in a restricted UID and so could not read
the files. Scored my test-to-self message
0 since none of the rules were working.
Seems odd to me that SA running under MimeDefang
did not complain about being unable to read the
files in /var/lib/spamassassin. Absolutely nothing
in the logs about it. Nada. Zilch.
Since this is the sort of mistake that can
easily be made, suggest a warning be logged
to avoid future confusion.
Or perhaps just add a
umask 022
to 'sa-update'.
I'm not a fan of a program enforcing LESS strict restrictions but if the
spamassassin program (or spamc/d) sees a /var/lib/spamassassin dir that
exists but can't be accessed, perhaps that should be a warning outside
of DEBUG.
For MD and programs using the SA interface, though, that checks multiple
dirs for configuration files, this becomes a question of whether the
administrator simply has to be careful.
Perhaps bring this to the MD list for discussion?
Regards,
KAM
