From owner-freebsd-ports-bugs@FreeBSD.ORG Wed Feb 26 22:50:00 2014 Return-Path: Delivered-To: freebsd-ports-bugs@smarthost.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D64C3159 for ; Wed, 26 Feb 2014 22:50:00 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 959BB15BF for ; Wed, 26 Feb 2014 22:50:00 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id s1QMo0jC019267 for ; Wed, 26 Feb 2014 22:50:00 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.8/8.14.8/Submit) id s1QMo05g019266; Wed, 26 Feb 2014 22:50:00 GMT (envelope-from gnats) Resent-Date: Wed, 26 Feb 2014 22:50:00 GMT Resent-Message-Id: <201402262250.s1QMo05g019266@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Xin LI Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id A5BC6E96 for ; Wed, 26 Feb 2014 22:44:18 +0000 (UTC) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8F794156A; Wed, 26 Feb 2014 22:44:18 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id s1QMiIPt018989; Wed, 26 Feb 2014 22:44:18 GMT (envelope-from delphij@freefall.freebsd.org) Received: (from delphij@localhost) by freefall.freebsd.org (8.14.8/8.14.8/Submit) id s1QMiI7M018988; Wed, 26 Feb 2014 22:44:18 GMT (envelope-from delphij) Message-Id: <201402262244.s1QMiI7M018988@freefall.freebsd.org> Date: Wed, 26 Feb 2014 22:44:18 GMT From: Xin LI To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.114 Subject: ports/187101: Feature request: security/amavisd-milter should use a different location for socket file Cc: prehor@gmail.com X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list Reply-To: Xin LI List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 26 Feb 2014 22:50:00 -0000 >Number: 187101 >Category: ports >Synopsis: Feature request: security/amavisd-milter should use a different location for socket file >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Wed Feb 26 22:50:00 UTC 2014 >Closed-Date: >Last-Modified: >Originator: Xin LI >Release: FreeBSD 11.0-CURRENT amd64 >Organization: The FreeBSD Project >Environment: System: FreeBSD freefall.freebsd.org 11.0-CURRENT FreeBSD 11.0-CURRENT #0 r259961: Fri Dec 27 21:56:39 UTC 2013 peter@freefall.freebsd.org:/usr/obj/usr/src/sys/FREEFALL amd64 >Description: The default installation of security/amavisd-milter would use AMAVISDIR as the place for its socket files. The problem with this is that security/amavisd-new would change the permission to vscan:vscan 0750, so an unprivileged MTA process would not be able to access the milter. >How-To-Repeat: Install security/amavisd-milter with stock options and try to set up milter without changing the directory permission, or re-install security/amavisd-new. >Fix: The problem is that socket files and PID files does not belong to /var/amavis but /var/run/amavis. A directory should be created owned by AMAVISUSER:AMAVISUSER and have permission 0755, and change the rc.d scripts to use /var/run/amavis instead. >Release-Note: >Audit-Trail: >Unformatted: