>Synopsis: rc_pre() not properly checking spamd rc variables >Category: system >Environment: System : OpenBSD 7.0 Details : OpenBSD 7.0 (GENERIC.MP) #5: Mon Jan 31 09:09:02 MST 2022 r...@syspatch-70-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
Architecture: OpenBSD.amd64 Machine : amd64 >Description: In revision 1.1 of /etc/rc.d/spamlogd, the rc_pre() function ensures that spamd is enabled and not operating in blacklist-only mode. Perfect. However, revision 1.2 introduced a bug when the code to create the pflog0 interface was added. Checking whether spamd is enabled or not is essentially ignored. >Fix: The creation of the pflog0 interface should not be done in rc.d/spamlogd because the interface is already created in rc.d/pflogd (it's the exact same in fact). This seems reasonable because pflogd is enabled by default and starts before spamlogd. Instead, rc.d/spamlogd should just check the pflogd flag along with the spamd flags. --- spamlogd,v 1.4 +++ /tmp/spamlogd Thu Mar 24 04:26:16 2022 @@ -9,17 +9,7 @@ rc_reload=NO rc_pre() { - [[ ${spamd_flags} != NO && ${spamd_black} == NO ]] - if pfctl -si | grep -q Enabled; then - ifconfig pflog0 create - if ifconfig pflog0; then - ifconfig pflog0 up - else - return 1 - fi - else - return 1 - fi + [[ ${spamd_flags} != NO && ${spamd_black} == NO && ${pflogd_flags} != NO ]] } rc_cmd $1