Mike Markley skrev, on 24-06-2007 02:14: > Is there a Good Way to force ownership (both user and group) on a milter > socket? I see that smfi_opensocket() honors umask, but that doesn't help > with the GID, and dkim-filter doesn't seem to be picking up the primary > GID of its -u argument: > > $ id -a dkim-filter > uid=128(dkim-filter) gid=128(dkim-filter) groups=128(dkim-filter) > $ ls -l /var/run/dkim-filter/dkim-filter.sock > srwxr-xr-x 1 dkim-filter root 0 2007-06-15 11:44 > /var/run/dkim-filter/dkim-filter.sock > > Why this matters: Postfix apparently (quite reasonably) will happily > drop all root privs after bind()ing to port 25 and before opening its > connection to its milters; at least one Debian user reports being unable > to connect to dkim-filter via UNIX socket as a result. Before I use > a setgid bit or a chgrp in the init script, I was curious if there's > a supported way to do this in libmilter (or if this is just an oversight > in dkim-filter, for that matter).
FWIW I run dkim-milter with Postfix 2.4 on FC6/RHEL5-related stuff on an INET socket, so here the question doesn't arise. However, I'm running the body-URI anti-spam milter milter-link (http://www.snert.com/) on my FC6 test rig, and that insists on a unix socket; Postfix has to read and write to the socket, so I included: chmod g+w /var/run/milter/$PACKAGE_NAME.socket chgrp postfix /var/run/milter/$PACKAGE_NAME.socket In my startup file. ls -l /var/run/milter: -rw-r--r-- 1 milter milter 5 Jun 24 09:01 milter-link.pid srw-rw-r-- 1 milter postfix 0 Jun 24 09:01 milter-link.socket It seems to work ... HTH, --Tonni -- Tony Earnshaw Email: tonni at hetnet dot nl ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
