Bayes databases losing file ownership
spamd runs as mail and that's what the bayes_ files are owned as. A few days ago we started seeing an increase in spam and looking into the problem today, I found that the bayes_toks file (but not bayes_seen) was owned as root. Anyone have any ideas what could cause this? We do run a script that runs as root that calls sa-learn occasionally. Could that interaction somehow cause the file ownership to be changed? If so, any recommendations for the proper locking between spamd and sa-learn? Thanks, Chris
Re: Bayes databases losing file ownership
Chris Blaise wrote: spamd runs as mail and that's what the bayes_ files are owned as. A few days ago we started seeing an increase in spam and looking into the problem today, I found that the bayes_toks file (but not bayes_seen) was owned as root. Anyone have any ideas what could cause this? Running spamd as 'root' instead of 'mail', most likely. When it writes the files they will be owned by the current user. If they are owned by root then the current user at that moment was the root user. Since the superuser has permissions to take over any file but the reverse is not allowed this is a one-way street. That is, a mistake can latch into this mode and running as the 'mail' user can't fix it. We do run a script that runs as root that calls sa-learn occasionally. Could that interaction somehow cause the file ownership to be changed? If so, any recommendations for the proper locking between spamd and sa-learn? That is probably your problem. Run that script as the 'mail' user. The root user can do this easily enough. su mail -c sa-learn --options-here Bob
Re: Bayes databases losing file ownership
On Thu, Dec 02, 2004 at 09:32:13AM -0700, Chris Blaise wrote: spamd runs as mail and that's what the bayes_ files are owned as. A few days ago we started seeing an increase in spam and looking into the problem today, I found that the bayes_toks file (but not bayes_seen) was owned as root. Anyone have any ideas what could cause this? Running sa-learn/spamassassin as any other user besides mail can cause this. Bayes will occasionally run expire or a journal sync that will recreate the files. We do run a script that runs as root that calls sa-learn occasionally. Could that interaction somehow cause the file ownership to be changed? If so, any recommendations for the proper locking between spamd and sa-learn? Look at bayes_file_mode, then it won't matter if the owner changes. Michael pgpItzkvy2si3.pgp Description: PGP signature
RE: Bayes databases losing file ownership
Thanks. I'll modify the script to run as mail. Can you think of why it wouldn't always happen? I'd expect running the script would always change the ownership, but it's been well over a month (the script is run every couple of days) and this is the first time its happened. And any not both files? Chris -Original Message- From: Bob Proulx [mailto:[EMAIL PROTECTED] Sent: Thursday, December 02, 2004 9:37 AM To: [EMAIL PROTECTED] Subject: Re: Bayes databases losing file ownership Chris Blaise wrote: spamd runs as mail and that's what the bayes_ files are owned as. A few days ago we started seeing an increase in spam and looking into the problem today, I found that the bayes_toks file (but not bayes_seen) was owned as root. Anyone have any ideas what could cause this? Running spamd as 'root' instead of 'mail', most likely. When it writes the files they will be owned by the current user. If they are owned by root then the current user at that moment was the root user. Since the superuser has permissions to take over any file but the reverse is not allowed this is a one-way street. That is, a mistake can latch into this mode and running as the 'mail' user can't fix it. We do run a script that runs as root that calls sa-learn occasionally. Could that interaction somehow cause the file ownership to be changed? If so, any recommendations for the proper locking between spamd and sa-learn? That is probably your problem. Run that script as the 'mail' user. The root user can do this easily enough. su mail -c sa-learn --options-here Bob
Re: Bayes databases losing file ownership
Chris Blaise wrote: spamd runs as mail and that's what the bayes_ files are owned as. A few days ago we started seeing an increase in spam and looking into the problem today, I found that the bayes_toks file (but not bayes_seen) was owned as root. Anyone have any ideas what could cause this? Yeah, when you run sa-learn your script changes the file permisons. Just put a chmod at the end of your script to change them back...
Re: Bayes databases losing file ownership
On Thu, Dec 02, 2004 at 12:35:53PM -0600, Martin McWhorter wrote: Chris Blaise wrote: spamd runs as mail and that's what the bayes_ files are owned as. A few days ago we started seeing an increase in spam and looking into the problem today, I found that the bayes_toks file (but not bayes_seen) was owned as root. Anyone have any ideas what could cause this? Yeah, when you run sa-learn your script changes the file permisons. Just put a chmod at the end of your script to change them back... You should just let SA handle this for you. Look at the bayes_file_mode config option, this will tell SA what permissions to keep the bayes files. Michael pgpDrl8chKXgY.pgp Description: PGP signature
