X-Debbugs-CC: m...@renich.org, b...@debian.org, t...@zhadum.org.uk, t...@debian.org
Hello, How do folks feel about the attached patch (against https://salsa.debian.org/debian/milter-greylist)? It implements Matthias's proposal of allowing the use of a user (and/or group) other than 'greylist' for systemd users as well. I understand it may not be a 100% "solution" that everyone would be happy with (e.g. postinst configure still sets 'greylist' as the owner user and group for /var/lib/milter-greylist), but I think it's an improvement over the current situation, as it makes milter-greylist respect the corresponding setting in its configuration file, and also adds an example of more suitable 'socket' and 'user' settings values to the configuration file for use with a chrooted Postfix. I'd appreciate any comments/feedback on this, but if there aren't any, I'd ask Tobi to sponsor it to unstable for me. Thanks, -a
>From cbfdd5fb0dcc45639b313eea5cdf2f580be18f52 Mon Sep 17 00:00:00 2001 From: Amin Bandali <band...@gnu.org> Date: Fri, 13 Oct 2023 01:28:35 -0400 Subject: [PATCH] Set user greylist in greylist.conf instead of milter-greylist.service --- debian/changelog | 12 ++++++++++++ debian/milter-greylist.service | 2 +- debian/patches/greylist.conf | 19 ++++++++++++------- 3 files changed, 25 insertions(+), 8 deletions(-) diff --git a/debian/changelog b/debian/changelog index 3a05494..f36f77a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,15 @@ +milter-greylist (4.6.4-1.2) unstable; urgency=medium + + * QA upload. + * Non-maintainer upload. + * Set user greylist in the configuration file rather than as a + command-line option in the service file (which always takes + precedence) to allow easier customization. (Closes: #1002527) + - debian/milter-greylist.service + - debian/patches/greylist.conf + + -- Amin Bandali <band...@gnu.org> Fri, 13 Oct 2023 18:43:39 -0400 + milter-greylist (4.6.4-1.1) unstable; urgency=medium * QA upload. diff --git a/debian/milter-greylist.service b/debian/milter-greylist.service index b5a6e80..bcef86f 100644 --- a/debian/milter-greylist.service +++ b/debian/milter-greylist.service @@ -5,7 +5,7 @@ Before=postfix.service [Service] Type=forking -ExecStart=/usr/sbin/milter-greylist -u greylist +ExecStart=/usr/sbin/milter-greylist Restart=on-failure PrivateTmp=true diff --git a/debian/patches/greylist.conf b/debian/patches/greylist.conf index 6e1d33d..216aae9 100644 --- a/debian/patches/greylist.conf +++ b/debian/patches/greylist.conf @@ -8,23 +8,28 @@ Index: milter-greylist-4.5.11/greylist.conf =================================================================== --- milter-greylist-4.5.11.orig/greylist.conf 2014-07-30 09:29:48.543484591 +0100 +++ milter-greylist-4.5.11/greylist.conf 2014-07-30 09:29:48.539484522 +0100 -@@ -6,11 +6,17 @@ +@@ -6,11 +6,21 @@ # pidfile "/var/run/milter-greylist.pid" -socket "/var/milter-greylist/milter-greylist.sock" -dumpfile "/var/milter-greylist/greylist.db" 600 ++socket "/var/run/milter-greylist/milter-greylist.sock" +dumpfile "/var/lib/milter-greylist/greylist.db" 600 dumpfreq 1 -+ -+# For sendmail use the following two lines -+socket "/var/run/milter-greylist/milter-greylist.sock" - user "smmsp" +-user "smmsp" ++user "greylist" -+# For Postfix uncomment the following two lines and comment out the -+# sendmail ones above. ++# If using Postfix rather than Sendmail, uncomment the following ++# socket and user settings and comment out the socket and user above. +#socket "/var/run/milter-greylist/milter-greylist.sock" 660 +#user "postfix" ++ ++# If using a chrooted Postfix, you might want to use something like ++# the following instead (where "/var/spool/postfix" is the Postfix ++# chroot): ++#socket "/var/spool/postfix/milter-greylist/milter-greylist.sock" 660 ++#user "greylist:postfix" # Log milter-greylist activity to a file #stat ">>/var/milter-greylist/greylist.log" \ -- 2.39.2