[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Really, really dumb question - startup sequence for sendmail/spamass
Re: Really, really dumb question - startup sequence for sendmail/spamassassin/spamass-milter
Fri, 07 Feb 2003 00:44:35 -0500 (EST)
> The milter wants to be running before the main daemon starts.
> Sendmail is paranoid about trust these days. You get THIS:
> > Feb 5 04:00:59 gate sm-mta: h1590mvx000522: Milter (spamassassin):
> > local socket name /var/run/spamass.sock unsafe
> Because something in that path is "untrusted". Check ownership and perms:
> ls -ld / /var /var/run /var/run/spamass.sock
> Something is group or world writable or owned by an untrusted user.
> (in fantasy land, the safefile() command would print the exact issue,
> but for now it makes us all better admins by making us check).
Well, that was what I initially thought, but nothing _seems_ amiss:
(0:179) gate:/var/run# ls -ld /
drwxr-xr-x 25 root wheel 1024 Dec 26 00:33 //
(0:180) gate:/var/run# ls -ld /var
drwxr-xr-x 31 root wheel 512 Sep 15 10:21 /var/
(0:181) gate:/var/run# ls -ld /var/run
drwxr-xr-x 2 root wheel 1024 Feb 6 02:02 /var/run/
(0:182) gate:/var/run# ls -ld /var/run/spamass.sock
srwxr-xr-x 1 root wheel 0 Feb 5 04:11 /var/run/spamass.sock=
But I rebooted again, without making any changes, and didn't get any com-
plaints other than sendmail's usual complaint that the milter socket didn't
exist yet. So I guess I'll stick with my old start sequence unless this pops
up again. Weird...
Terry Kennedy http://www.tmk.com
address@hidden New York, NY USA