From owner-freebsd-ports@FreeBSD.ORG Fri Jun 1 22:15:00 2007 Return-Path: X-Original-To: ports@freebsd.org Delivered-To: freebsd-ports@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6F0C216A41F for ; Fri, 1 Jun 2007 22:15:00 +0000 (UTC) (envelope-from bri@sonicboom.org) Received: from entwistle.sonicboom.org (entwistle.sonicboom.org [66.93.34.170]) by mx1.freebsd.org (Postfix) with ESMTP id 3009413C468 for ; Fri, 1 Jun 2007 22:15:00 +0000 (UTC) (envelope-from bri@sonicboom.org) Received: from [127.0.0.1] (entwistle.sonicboom.org [66.93.34.170]) by entwistle.sonicboom.org (8.14.1/8.14.1) with ESMTP id l51MExGG086922; Fri, 1 Jun 2007 15:15:00 -0700 (PDT) (envelope-from bri@sonicboom.org) Message-ID: <46609A61.2090705@sonicboom.org> Date: Fri, 01 Jun 2007 15:14:57 -0700 From: Brian User-Agent: Thunderbird 2.0.0.0 (Windows/20070326) MIME-Version: 1.0 To: Michael Scheidell , ports@freebsd.org References: <46608F31.9070703@sonicboom.org> <466090CD.2000904@secnap.net> In-Reply-To: <466090CD.2000904@secnap.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: Re: spamassassin install message X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Jun 2007 22:15:00 -0000 Michael Scheidell wrote: > Brian wrote: >> I'd like to request the addition of at least basic how to enable >> spamd on this. I installed the port, selected the spamd option in >> the menu when it appeared. The port installed, with not much info, >> other than referring to non freebsd specific help. I found what I >> needed based on Googling, but that really shouldn't be necessary. >> >> Brian >> > I'll look into it, but it would help if either: > A) You tell me if we need to add files, make links, or something that > was missing in the install. > B) suggest what you want in the message > (or, C: cd /usr/ports/security/amavisd-new. I like it better than > running raw spamd) > > (a unified diff patch would be better. make sure you patch against > current 3.20 p5-Mail-SpamAssassin. > > If you don't have it, update ports tree, if not there yet, see: > http://www.freebsd.org/cgi/query-pr.cgi?pr=113161 > > > _________________________________________________________________________ > This email has been scanned and certified safe by SpammerTrap(tm). For > Information please see http://www.spammertrap.com > _________________________________________________________________________ I've been doing SA thru procmail for yearsm and now have beefier hardware, so i wanted to retry the daemon. 2 things jump out right away. A In /usr/local/etc/rc.d/sa-spamd, even if I select to run spamd during the spamassassin config stage, I get these defaults. # Set defaults : ${spamd_enable:="NO"} : ${spamd_flags="-c "} The install doesn't say that you need to do spamd_enable="YES" in rc.conf. Adding that allows spamd to start, but in a state of security many wont be comfortable with. B Now after you get that far, you are left with a setup that works, but spamd is runnning as root. Here is the default ps with just the above arg. ps auxwww | grep spamd root 626 0.0 3.3 26456 25740 ?? Ss 2:53PM 0:03.93 /usr/local/bin/spamd -c -d -r /var/run/spamd/spamd.pid (perl5.8.8) root 717 0.0 3.3 26456 25740 ?? I 2:54PM 0:00.02 spamd child (perl5.8.8) root 718 0.0 3.3 26456 25740 ?? I 2:54PM 0:00.02 spamd child (perl5.8.8) The install goes through the trouble of creating a spamd user, shouldn't we run spamd with the -u spamd flags, or at the minimum warn the user that they now have another root owned service running on their box? Adding spamd_flags="-u spamd" and restarting leads to ps auxwww | grep spamd root 820 0.0 3.3 26464 25784 ?? Ss 3:07PM 0:03.71 /usr/local/bin/spamd -u spamd -d -r /var/run/spamd/spamd.pid (perl5.8.8) spamd 823 0.0 3.3 26464 25800 ?? I 3:08PM 0:00.02 spamd child (perl5.8.8) spamd 824 0.0 3.3 26464 25800 ?? I 3:08PM 0:00.02 spamd child (perl5.8.8) BTW, I saw your comments in the above pr, it doesn't seem like the ports tree is frozen anymore, portsnap has gotten me changes for at least the last few days. Brian