https://bz.apache.org/SpamAssassin/show_bug.cgi?id=8031
--- Comment #21 from Giovanni Bechis <giova...@paclan.it> ---
(In reply to Sidney Markowitz from comment #20)
> Giovanni, the error message you showed and what you said about running spamd
> as root and it then doing a setuid to a non-root uid implies to me that you
> start out as root in /root/rpmbuild/BUILD/Mail-SpamAssassin-4.0.0 which can
> only be accessed by root, and you run the make test as root. When you do
> that spamd is started as root, and it later does a setuid nobody.
>
Some relevant info about directories (created by rpmbuild):
# ls -ld /root/rpmbuild/BUILD/Mail-SpamAssassin-4.0.0
drwxr-xr-x. 14 centos centos 4096 Aug 29 07:28
/root/rpmbuild/BUILD/Mail-SpamAssassin-4.0.0
# ls -ld /usr/local/cpanel/
drwx--x--x. 39 root wheel 4096 Aug 29 05:27 /usr/local/cpanel/
# ls -l
/usr/local/cpanel/3rdparty/perl/532/lib/perl5/532/x86_64-linux-64int/Sys/Hostname.pm
-r--r--r--. 1 root root 3689 May 3 16:02
/usr/local/cpanel/3rdparty/perl/532/lib/perl5/532/x86_64-linux-64int/Sys/Hostname.pm
> However I added the following diagnostic line to Util.pm before the require
> that is failing
>
> dbg("util: DEBUG require hostname now running as: ruid=$< euid=$> rgid=$(
> egid=$)");
>
> When I use the same directories as above and su to a root shell, cd to the
> directory and run the make test, I don't get an error. If I edit the
> sa_check_spamd.t to change an ok pattern to force it to fail so the spamd
> error log file is not deleted, it shows that the dbg line I added says that
> it was still running as root when the require is run, and the setuid nobody
> shows up in the log later.
>
On my laptop as root I have:
Mon Aug 29 09:46:34 2022 [39733] warn: spamd: still running as root: user not
specified with -u, not found, or set to root, falling back to nobody
Mon Aug 29 09:46:34 2022 [39733] dbg: util: get_user_groups: uid is 65534
Mon Aug 29 09:46:34 2022 [39733] dbg: info: user has changed
[...]
Aug 29 09:36:47.224 [36136] dbg: util: DEBUG require hostname now running as:
ruid=0 euid=0 rgid=0 0egid=0 0
while on cPanel I have:
Mon Aug 29 07:28:29 2022 [25528] warn: spamd: still running as root: user not
specified with -u, not found, or set to root, falling back to nobo
dy
Mon Aug 29 07:28:29 2022 [25528] dbg: util: get_user_groups: uid is 99
Mon Aug 29 07:28:29 2022 [25528] dbg: util: get_user_groups: added 99 (nobody)
to group list which is now: 99 99
Mon Aug 29 07:28:29 2022 [25528] dbg: info: user has changed
[...]
Mon Aug 29 07:17:11 2022 [19184] dbg: util: DEBUG require hostname now running
as: ruid=0 euid=99 rgid=0 99egid=99 99
> Are you running the test differently? Could you add that dbg line and run
> the test and attach the spamd.err.0.timestamped file from the log directory?
--
You are receiving this mail because:
You are the assignee for the bug.
