[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
Fix available upstream so this should be trivial to cherry-pick now. It might be worth taking a briefly deeper look from a security perspective because of the force untaint. In 3.5 years nobody else reported themselves as affected though. @Giuseppe would you still benefit from this fix? If so I can flag it for someone's attention. If not, then any volunteer can drive it, but otherwise it'll be fixed in a future Ubuntu release that incorporates the next upstream release. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
** Changed in: spamassassin Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
Still present in Jammy; also confirmed in Bionic and Focal. Unfortunately, there hasn't been any movement upstream regarding this bug. ** Also affects: spamassassin (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: spamassassin (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: spamassassin (Ubuntu Jammy) Importance: Medium Status: Triaged ** Also affects: spamassassin (Ubuntu Impish) Importance: Undecided Status: New ** Changed in: spamassassin (Ubuntu Bionic) Status: New => Triaged ** Changed in: spamassassin (Ubuntu Focal) Status: New => Triaged ** Changed in: spamassassin (Ubuntu Impish) Status: New => Triaged ** Changed in: spamassassin (Ubuntu Bionic) Importance: Undecided => Medium ** Changed in: spamassassin (Ubuntu Focal) Importance: Undecided => Medium ** Changed in: spamassassin (Ubuntu Impish) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
** Changed in: spamassassin (Debian) Status: Unknown => New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
This is the debian bug report: https://bugs.debian.org/cgi- bin/bugreport.cgi?bug=454595 ** Bug watch added: Debian Bug tracker #454595 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454595 ** Also affects: spamassassin (Debian) via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454595 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
This is the debian bug report: https://bugs.debian.org/cgi- bin/bugreport.cgi?bug=454595 ** Bug watch added: Debian Bug tracker #454595 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454595 ** Also affects: spamassassin (Debian) via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=454595 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
No activity upstream yet, in the bug or in the svn repo. -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
No activity upstream yet, in the bug or in the svn repo. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
Launchpad has imported 1 comments from the remote bug at https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7646. If you reply to an imported comment from within Launchpad, your comment will be sent to the remote bug automatically. Read more about Launchpad's inter-bugtracker facilities at https://help.launchpad.net/InterBugTracking. On 2018-10-22T09:50:38+00:00 Giuseppe Ravasio wrote: Hi, I'm installin our new relay and as before I'm running spamd with --virtual-config-dir option enabled: "spamd -d --pidfile=/var/run/spamd.pid -c -x --virtual-config-dir=/var/lib/spamassassin/vconfig/%u/ --allow-tell -u debian-spamd -g debian-spamd --max-children=5 --min-children=3 --max-spare=3" It works well but it cannot create the vconfig dir if it's not existing. I've put spamd in debug and the problem is with perl tainted: config: mkdir /var/lib/spamassassin/vconfig/giuseppe/ failed: Insecure dependency in mkdir while running with -T switch at /usr/share/perl/5.26/File/Path.pm line 177, line 2. I solved the problem running spamd without -T option (as arch linux is doing) but it could be great to fix this tainted variable. Thanks Giuseppe Reply at: https://bugs.launchpad.net/ubuntu/+source/spamassassin/+bug/1799185/comments/0 ** Changed in: spamassassin Status: Unknown => Confirmed ** Changed in: spamassassin Importance: Unknown => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
Confirmed. Steps to reproduce it, for others who, like me, are not familiar with spamassassin: Start the daemon as root, with the given options plus debug: spamd -d --pidfile=/var/run/spamd.pid -c -x --virtual-config-dir=/var/lib/spamassassin/vconfig/%u/ --allow-tell -u debian-spamd -g debian-spamd --max-children=5 --min-children=3 --max-spare=3 -D Get some spam message from your spam folder. The raw message (in gmail, select "show original"). Copy it into a file, say spam.txt. Run "tail -f /var/log/mail.log" in one terminal Run spamc on that file as a regular user in another terminal: spamc < spam.txt Watch the log file and look for the error: Oct 23 14:41:45 cosmic-spamassassin spamd[10067]: config: using "/var/lib/spamassassin/vconfig/ubuntu/" for user state dir Oct 23 14:41:45 cosmic-spamassassin spamd[10067]: config: mkdir /var/lib/spamassassin/vconfig/ubuntu/ failed: Insecure dependency in mkdir while running with -T switch at /usr/share/perl/5.26/File/Path.pm line 1 77, line 2. Also note that /var/lib/spamassassin/vconfig/ubuntu isn't created. Edit /usr/sbin/spamd and remove "-T" from the shebang. Repeat the above steps. No error, and the directory will be created this time. -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to spamassassin in Ubuntu. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
Confirmed. Steps to reproduce it, for others who, like me, are not familiar with spamassassin: Start the daemon as root, with the given options plus debug: spamd -d --pidfile=/var/run/spamd.pid -c -x --virtual-config-dir=/var/lib/spamassassin/vconfig/%u/ --allow-tell -u debian-spamd -g debian-spamd --max-children=5 --min-children=3 --max-spare=3 -D Get some spam message from your spam folder. The raw message (in gmail, select "show original"). Copy it into a file, say spam.txt. Run "tail -f /var/log/mail.log" in one terminal Run spamc on that file as a regular user in another terminal: spamc < spam.txt Watch the log file and look for the error: Oct 23 14:41:45 cosmic-spamassassin spamd[10067]: config: using "/var/lib/spamassassin/vconfig/ubuntu/" for user state dir Oct 23 14:41:45 cosmic-spamassassin spamd[10067]: config: mkdir /var/lib/spamassassin/vconfig/ubuntu/ failed: Insecure dependency in mkdir while running with -T switch at /usr/share/perl/5.26/File/Path.pm line 1 77, line 2. Also note that /var/lib/spamassassin/vconfig/ubuntu isn't created. Edit /usr/sbin/spamd and remove "-T" from the shebang. Repeat the above steps. No error, and the directory will be created this time. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
This is confirmed for cosmic, btw, and the upcoming DD one too. ** Changed in: spamassassin (Ubuntu) Status: New => Triaged ** Changed in: spamassassin (Ubuntu) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
This is confirmed for cosmic, btw, and the upcoming DD one too. ** Changed in: spamassassin (Ubuntu) Status: New => Triaged ** Changed in: spamassassin (Ubuntu) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to spamassassin in Ubuntu. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
** Bug watch added: bz.apache.org/SpamAssassin/ #7646 https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7646 ** Also affects: spamassassin via https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7646 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Server, which is subscribed to spamassassin in Ubuntu. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1799185] Re: spamd running with virtual-config-dir mkdir error
** Bug watch added: bz.apache.org/SpamAssassin/ #7646 https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7646 ** Also affects: spamassassin via https://bz.apache.org/SpamAssassin/show_bug.cgi?id=7646 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1799185 Title: spamd running with virtual-config-dir mkdir error To manage notifications about this bug go to: https://bugs.launchpad.net/spamassassin/+bug/1799185/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
