From owner-freebsd-ports@FreeBSD.ORG Thu Apr 3 15:35:49 2014 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 13160666 for ; Thu, 3 Apr 2014 15:35:49 +0000 (UTC) Received: from mail-wi0-x234.google.com (mail-wi0-x234.google.com [IPv6:2a00:1450:400c:c05::234]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9E0F2BB0 for ; Thu, 3 Apr 2014 15:35:48 +0000 (UTC) Received: by mail-wi0-f180.google.com with SMTP id q5so2793958wiv.1 for ; Thu, 03 Apr 2014 08:35:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=date:from:to:subject:message-id:in-reply-to:references:mime-version :content-type:content-transfer-encoding; bh=esyat83lxAFtRe3K7ZpXhOP73vnyFpUZ/Z35/MHyGY4=; b=oc+XjxOAgVvpLzAw+uuYHIVotNS5ESNfvs4Lsv6QtMP2Vzy8NEe3bltUg7LSnnmXGO AdFO95XhyShnqCT9XhX0VcJKbv1RDk7PAt6SN8ilpLoKM0Ny80ulmV4B5bEuDPBrvLcu LMOb2NMaHWMupk7cnU55iWd2YQ+8v96bV5vHEHnaQv9DJ7i1kfPFJp00Ny7P639G/2rc Z4dw+6kuT8EP+VkS+hP2Ar28tyT5EBK8VbR9FuQ5RDAQHsCNjESbA2s0A+a8sIhOl7a5 Jy7ZkM14h7dHJRNA+h3UPZmt1gB84o7baOkyWMKbxTc2agsBO7YfBcUieS/kr1lKCHeh DKUQ== X-Received: by 10.180.37.110 with SMTP id x14mr12279388wij.52.1396539346653; Thu, 03 Apr 2014 08:35:46 -0700 (PDT) Received: from gumby.homeunix.com (5ec2dcf1.skybroadband.com. [94.194.220.241]) by mx.google.com with ESMTPSA id eq8sm46888175wib.16.2014.04.03.08.35.45 for (version=SSLv3 cipher=RC4-SHA bits=128/128); Thu, 03 Apr 2014 08:35:46 -0700 (PDT) Date: Thu, 3 Apr 2014 16:35:44 +0100 From: RW To: ports@freebsd.org Subject: Re: Spamd Message-ID: <20140403163544.54a30abb@gumby.homeunix.com> In-Reply-To: <533D750B.2030209@infracaninophile.co.uk> References: <533D1366.7030607@webrz.net> <20140403110103.0b51d9fc@laptop.minsk.domain> <533D5AA9.4000904@webrz.net> <533D750B.2030209@infracaninophile.co.uk> X-Mailer: Claws Mail 3.9.3 (GTK+ 2.24.22; amd64-portbld-freebsd10.0) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Apr 2014 15:35:49 -0000 On Thu, 03 Apr 2014 15:49:47 +0100 Matthew Seaman wrote: > On 04/03/14 13:57, Jos Chrispijn wrote: > > Sergey V. Dyatko: > >> use `sockstat -l4 -p783` instead. It show you what user-command-pid > >> listen that port > > > > I killed process 1402 and started Spamd. That did the trick, thanks! > > > > I am very curious: > > > > a. why Perl occupied that port. > > Tried to retrieve this information from logfiles in /var/log but no > > success. May that be an inward traffic issue on port 783 that > > triggered Perl and kept it occupied for Spamd? > > > > b. Is it unsafe or possible to let spamd use another port if 783 is > > occupied. May that be a security risk? > > Assuming 'spamd' here is part of spamassassin then it is a daemon > written in perl, and the command name will show up as perl in sockstat > listings. > > In my experience, it is quite common for this daemon to end up running > under a different PID than the one recorded under /var/run -- so the > system initialization scripts 'sa-spamd' think it isn't running, and > then you get the fight over access to port 783 the OP saw. Killing > the processes using port 783 and restarting spamd should work. > > The situation is complicated by the /other/ spamd -- which is an > OpenBSD thing which works via pf to implement greylisting, teergrube > and various other anti-spam things. Meaning the SpamAssassin > 'sa-spamd' startup script can't simply kill anything called spamd. Support for pid files is built into rcng and used a combination of pid and name, sa-spamd uses this and correctly passes the expected pid file path to spamd. In my experience it does normally work, unless spamd is started as an unprivileged user via the spamd_user variable in rc.conf, rather dropping privileges - that's not happening here because the existing process used port 783.