[Bug 1373560] [NEW] /etc/cron.daily/spamassassin calls sa-update with potentially incorrect umask

Wed, 24 Sep 2014 11:51:37 -0700 

Public bug reported:

ubuntu 14.04.1 LTS 
Packages:
spamassassin (3.4.0-1ubuntu1)
amavisd-new (1:2.7.1-2ubuntu3)

This report has to do with a problem between the interaction of the
spamassassin and amavisd-new packages, but the problem is with
/etc/cron.daily/spamassassin.

/etc/cron.daily/spamassassin executes the following line:

su - debian-spamd -c "sa-update --gpghomedir /var/lib/spamassassin/sa-
update-keys"

Since su is invoked with the "-" option, sa-update executes with the
default umask of user debian-spamd.  In my case that is 007, causing the
updated rules , i.e.
/var/lib/spamassassin/3.004000/updates_spamassassin_org.cf and
/var/lib/spamassassin/3.004000/updates_spamassassin_org/*, to be created
with no read access for "other".  When amavis is restarted, it is unable
to read the spamassassin rules, and consequently spamassassin rule
checks are not performed on received mail.

It appears someone attempted to correct this by adding the line:

umask 022

immediately above the call to su mentioned above.  This in ineffectual
however due to su being called with "-".  A fix is to change the above
su call to this line:

su - debian-spamd -c "umask 022; sa-update --gpghomedir
/var/lib/spamassassin/sa-update-keys"

A file with the output of 'ubuntu-bug --save=/tmp/sa-bug spamassassin'
is attached.

** Affects: spamassassin (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amavis amavisd amavisd-new permissions read spamassassin ubuntu umask 
wrong

** Attachment added: "Output of 'ubuntu-bug spamassassin'"
   https://bugs.launchpad.net/bugs/1373560/+attachment/4213928/+files/sa-bug

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to spamassassin in Ubuntu.
https://bugs.launchpad.net/bugs/1373560

Title:
  /etc/cron.daily/spamassassin calls sa-update with potentially
  incorrect umask

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/spamassassin/+bug/1373560/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

Reply via email to