Am 17.06.2016 um 14:29 schrieb Sebastian Arcus:
On 17/06/16 00:03, Reindl Harald wrote:Am 16.06.2016 um 19:46 schrieb Sebastian Arcus:I have a particular server running spamd which uses bayes every time I test it by hand, but apparently never when it goes through exim/spamdthen you need to run it as the correct user or train it as the correctThank you for the suggestion. There is no training involved, and auto-learn is switched off in local.cf
how do you imagine bayes working then?
Site-wide bayes files are owned by spamd. Regarding the daemon, it is started with --socketowner=spamd and socketpath=spamd. Is this enough, or should it be actually started with "su" as "spamd" user?
"socketpath=spamd" sounds idiotic, hpwever for a site-wide setup there is no point in start it as root instead directly as the correct user, see below, can#t say anything about "su" in service files since i don't touch sysvinit for 5 years now
[root@mail-gw:~]$ cat /etc/systemd/system/spamassassin.service [Unit] Description=Spamassassin Daemon After=network.service systemd-networkd.service network-online.target Wants=sa-update.timer [Service] Environment="TMPDIR=/tmp" PermissionsStartOnly=true ExecStartPre=/usr/bin/chown -R sa-cleanup:root /var/lib/spamassassin/ExecStartPre=/usr/bin/find /var/lib/spamassassin/ -type d -exec /bin/chmod 0755 "{}" \; ExecStartPre=/usr/bin/find /var/lib/spamassassin/ -type f -exec /bin/chmod 0644 "{}" \; ExecStart=/usr/bin/spamd --max-children=15 --min-children=2 --min-spare=2 --max-spare=3 --max-conn-per-child=100 --socketpath=/run/spamassassin/spamassassin.sock --socketmode=0666
ExecReload=/usr/bin/kill -HUP $MAINPID Environment="LANG=en_GB.UTF-8" User=sa-milt Group=sa-milt RuntimeDirectory=spamassassin RuntimeDirectoryMode=0775 StandardOutput=null StandardError=null SyslogFacility=mail Restart=always RestartSec=1 PrivateTmp=yes PrivateDevices=yes NoNewPrivileges=yes CapabilityBoundingSet=CAP_KILL CAP_SYS_CHROOT RestrictAddressFamilies=~AF_APPLETALK AF_ATMPVC AF_AX25 AF_PACKET AF_X25 ReadOnlyDirectories=/etc ReadOnlyDirectories=/usr ReadOnlyDirectories=/var ReadOnlyDirectories=/var/lib/spamass-milter/.spamassassin ReadWriteDirectories=/var/lib/spamassassin InaccessibleDirectories=-/var/lib/spamass-milter/training InaccessibleDirectories=-/boot InaccessibleDirectories=-/home InaccessibleDirectories=-/media InaccessibleDirectories=-/root InaccessibleDirectories=-/etc/dbus-1 InaccessibleDirectories=-/etc/modprobe.d InaccessibleDirectories=-/etc/modules-load.d InaccessibleDirectories=-/etc/postfix InaccessibleDirectories=-/etc/ssh InaccessibleDirectories=-/etc/sysctl.d InaccessibleDirectories=-/run/console InaccessibleDirectories=-/run/dbus InaccessibleDirectories=-/run/lock InaccessibleDirectories=-/run/mount InaccessibleDirectories=-/run/systemd/generator InaccessibleDirectories=-/run/systemd/system InaccessibleDirectories=-/run/systemd/users InaccessibleDirectories=-/run/udev InaccessibleDirectories=-/run/user InaccessibleDirectories=-/usr/lib64/dbus-1 InaccessibleDirectories=-/usr/lib64/xtables InaccessibleDirectories=-/usr/lib/dracut InaccessibleDirectories=-/usr/libexec/iptables InaccessibleDirectories=-/usr/libexec/openssh InaccessibleDirectories=-/usr/libexec/postfix InaccessibleDirectories=-/usr/lib/grub InaccessibleDirectories=-/usr/lib/kernel InaccessibleDirectories=-/usr/lib/modprobe.d InaccessibleDirectories=-/usr/lib/modules InaccessibleDirectories=-/usr/lib/modules-load.d InaccessibleDirectories=-/usr/lib/rpm InaccessibleDirectories=-/usr/lib/sysctl.d InaccessibleDirectories=-/usr/lib/udev InaccessibleDirectories=-/usr/local/scripts InaccessibleDirectories=-/var/db InaccessibleDirectories=-/var/lib/bayes-persistent InaccessibleDirectories=-/var/lib/clamav InaccessibleDirectories=-/var/lib/clamav-spam InaccessibleDirectories=-/var/lib/dbmail InaccessibleDirectories=-/var/lib/dbus InaccessibleDirectories=-/var/lib/dhcpd InaccessibleDirectories=-/var/lib/dnf InaccessibleDirectories=-/var/lib/imapproxy InaccessibleDirectories=-/var/lib/initramfs InaccessibleDirectories=-/var/lib/mailgraph InaccessibleDirectories=-/var/lib/mlocate InaccessibleDirectories=-/var/lib/mysql InaccessibleDirectories=-/var/lib/ntp InaccessibleDirectories=-/var/lib/postfix InaccessibleDirectories=-/var/lib/rkhunter InaccessibleDirectories=-/var/lib/rpm InaccessibleDirectories=-/var/lib/systemd InaccessibleDirectories=-/var/lib/unbound InaccessibleDirectories=-/var/lib/vnstat InaccessibleDirectories=-/var/lib/yum InaccessibleDirectories=-/var/named InaccessibleDirectories=-/var/spool InaccessibleDirectories=-/var/www InaccessibleDirectories=-/Volumes/dune/mysql_data InaccessibleDirectories=-/Volumes/dune/mysql_tmp InaccessibleDirectories=-/Volumes/dune/updateservice InaccessibleDirectories=-/Volumes/dune/www-servers [Install] WantedBy=multi-user.target
signature.asc
Description: OpenPGP digital signature
