Date: Wed, 26 Feb 2014 22:44:18 GMT From: Xin LI <delphij@FreeBSD.org> To: FreeBSD-gnats-submit@freebsd.org Cc: prehor@gmail.com Subject: ports/187101: Feature request: security/amavisd-milter should use a different location for socket file Message-ID: <201402262244.s1QMiI7M018988@freefall.freebsd.org> Resent-Message-ID: <201402262250.s1QMo05g019266@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 187101 >Category: ports >Synopsis: Feature request: security/amavisd-milter should use a different location for socket file >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Wed Feb 26 22:50:00 UTC 2014 >Closed-Date: >Last-Modified: >Originator: Xin LI >Release: FreeBSD 11.0-CURRENT amd64 >Organization: The FreeBSD Project >Environment: System: FreeBSD freefall.freebsd.org 11.0-CURRENT FreeBSD 11.0-CURRENT #0 r259961: Fri Dec 27 21:56:39 UTC 2013 peter@freefall.freebsd.org:/usr/obj/usr/src/sys/FREEFALL amd64 >Description: The default installation of security/amavisd-milter would use AMAVISDIR as the place for its socket files. The problem with this is that security/amavisd-new would change the permission to vscan:vscan 0750, so an unprivileged MTA process would not be able to access the milter. >How-To-Repeat: Install security/amavisd-milter with stock options and try to set up milter without changing the directory permission, or re-install security/amavisd-new. >Fix: The problem is that socket files and PID files does not belong to /var/amavis but /var/run/amavis. A directory should be created owned by AMAVISUSER:AMAVISUSER and have permission 0755, and change the rc.d scripts to use /var/run/amavis instead. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201402262244.s1QMiI7M018988>