Mark Martinec wrote: > Michael >>> amavisd-release need not run as any specific user, all it needs >>> is an access to an inet or unix socket offered by amavisd. >>> >> If run as root, it works fine. Run from the web script mailaction.php it >> does not. I guess it is not a suexec issue as amavisd-release does >> start, but then fails and logs >> Can't connect to UNIX socket /var/spool/amavisd/amavisd.sock: >> Permission denied at /usr/bin/amavisd-release line 206. >> >> I finally tried from a shell, su webadmin and then run the release >> command, that also fails with the socket permission error. >> srwxr-x--- 1 amavis amavis 0 Sep 17 17:19 /var/spool/amavisd/amavisd.sock >> > > You've answered yourself, it's a permission problem. > > The easiest way out is to abandon Unix socket and use an inet socket > on a TCP port dedicated to releasing, e.g.: > > $inet_socket_port = [10024,9998]; > $unix_socketname = undef; > > # used by amavisd-release utility of a new AM.PDP-based amavis-milter client > $interface_policy{'9998'} = 'AM.PDP-INET'; > > $policy_bank{'AM.PDP-INET'} = { > protocol => 'AM.PDP', # Amavis policy delegation protocol > inet_acl => [qw( 127.0.0.1 [::1])], > }; > > > And in amavisd-release, change socket to: > > $socketname = '127.0.0.1:9998'; > > Yes! :) Joy at last, thanks a million.
Michael ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3 AMaViS-HowTos:http://www.amavis.org/howto/