> On Feb 24, 2015, at 6:44 AM, RW <rwmailli...@googlemail.com> wrote: > > On Sun, 22 Feb 2015 07:49:49 -0700 > @lbutlr wrote: > >> plugin: eval failed: bayes: (in learn) locker: safe_lock: cannot >> create lockfile /home/kreme/.spamassassin/bayes.mutex: Permission >> denied >> >> (And yes, that is correct, the spamassassin files in user?s home are >> not world read/writ). > > Normally they shouldn't be because spamd would drop it's privileges to > run as kreme (or whatever user ran spamc). spamd need to start-up as > root, and not drop privileges to a single unprivileged user, for this > to work.
spamassasin’s main process runs as root, but the child processes run as spamd: $ psa spam spamd 17468 2.3 4.1 93932 83280 ?? S 5:38AM 0:56.98 spamd child (perl) root 22797 0.0 2.7 65260 55732 ?? Ss Sun08AM 0:31.80 /usr/local/bin/spamd -u spamd -H /var/spool/spamd -d -r /var/run/spamd/spamd.pid (perl) root 45927 0.0 0.8 33904 15680 ?? Is 15Feb15 1:01.33 /usr/local/sbin/spamass-milter -f -p /var/run/spamass-milter.sock -r 9 -u spamd -e covisp.net -- -s 5242880 spamd 93842 0.0 3.3 81644 66804 ?? S 5:03PM 1:32.51 spamd child (perl) Which is, I believe, the recommended configuration. -- Sam, I thought I told you never to play--
