Date: Tue, 20 Dec 2016 11:53:43 -0700 From: Mike Brown <mike@skew.org> To: freebsd-ports@freebsd.org Cc: adamw@freebsd.org Subject: mail/spamassassin config option AS_ROOT is confusing Message-ID: <20161220185343.GA12168@chilled.skew.org>
next in thread | raw e-mail | index | archive | help
The AS_ROOT option in the mail/spamassassin port is really confusing to me. Given that its description is "Run spamd as root (recommended)", what actually happens is somewhat bonkers: The main spamd process always runs as root. If AS_ROOT is enabled, then the child processes who do all the work will not run as root, but rather as unprivileged user spamd. If AS_ROOT is disabled, then the children *will* run as root, but as needed they will setuid to the user calling spamc. Which setting you want depends on where user prefs and Bayes data is stored. If it's in user-owned ~/.spamassassin directories, then you want AS_ROOT disabled or you'll get a plethora of error messages and lock file warnings relating to permissions, since user spamd can't write where it needs to. It took me a while to figure this out on a fresh installation. I enabled the option, thinking "yes, of course I want it to run as root, so that it can write to the users' home directories"... then I was confused when it ended up not running as root but rather as user spamd, and the behavior I wanted was only possible if I configured the port to *not* run spamd as root. I guess I am just griping, but I would like to think there is a better way to describe and name the configuration option. Maybe AS_SPAMD_USER with description "Run spamd as unprivileged user (recommended)"? Not sure this really would've helped me know which option to choose, but it would've spared me from part of the wild goose chase I've been on all day. Thanks for listening.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20161220185343.GA12168>