Am 30.12.2015 um 03:11 schrieb Ian Zimmerman:
On 2015-12-29 20:41 -0500, Bill Cole wrote:Neither su nor sudo magically changes the permissions or ownership of files. If you pass filenames as arguments they must be readable by the user actually running sa-learn, which is the *unprivileged* user handling the system-wide BayesDB ("amavis" in the case originating this thread, but "spamd" and "defang" are other common ones...) In most reasonably well-secured systems using Maildir message stores, the Maildirs are all owned by individual users or by one user that handles delivery to "virtual users" understood by the MTA and IMAP or POP server by not by the OS. That is generally NOT the same user running spamd or content filters for a system-wide BayesDB. As a result, relearning has to be done as root, shuttling data from files owned by one user into a process running as another.You are right. The reason it works for me is that I don't use a systemwide DB. May I ask that you turn down the sarcasm a bit?
no idea where you found a piece of sarcasm in the quote above!"As a result, relearning has to be done as root" is anyways nonsense, under no condition learning has to be done as root
at least not in "reasonably well-secured systems" because they are no longer reasonable secured when you pass junk and possible malware with root permissions to sa-learn
there is a difference collect the files as root, fix permissions and invoke sa-learn as restricted user from that script
signature.asc
Description: OpenPGP digital signature