Mark Martinec wrote:
> Michael
>>> amavisd-release need not run as any specific user, all it needs
>>> is an access to an inet or unix socket offered by amavisd.
>>>
>> If run as root, it works fine. Run from the web script mailaction.php it
>> does not. I guess it is not a suexec issue as amavisd-release does
>> start, but then fails and logs
>> Can't connect to UNIX socket /var/spool/amavisd/amavisd.sock:
>> Permission denied at /usr/bin/amavisd-release line 206.
>>
>> I finally tried from a shell, su webadmin and then run the release
>> command, that also fails with the socket permission error.
>> srwxr-x--- 1 amavis amavis 0 Sep 17 17:19 /var/spool/amavisd/amavisd.sock
>>
>
> You've answered yourself, it's a permission problem.
>
> The easiest way out is to abandon Unix socket and use an inet socket
> on a TCP port dedicated to releasing, e.g.:
>
> $inet_socket_port = [10024,9998];
> $unix_socketname = undef;
>
> # used by amavisd-release utility of a new AM.PDP-based amavis-milter client
> $interface_policy{'9998'} = 'AM.PDP-INET';
>
> $policy_bank{'AM.PDP-INET'} = {
> protocol => 'AM.PDP', # Amavis policy delegation protocol
> inet_acl => [qw( 127.0.0.1 [::1])],
> };
>
>
> And in amavisd-release, change socket to:
>
> $socketname = '127.0.0.1:9998';
>
>
Yes! :) Joy at last, thanks a million.
Michael
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
