Re[2]: [vps-mail] On the subject of permissions, mail & SA

[Abigail Marshall <abigail@xxxxxxxxxxxx>]

SW> The essence of the bug is that if you're going to do
SW> centralized logging (e.g., /var/log/procmail.log), you
SW> shouldn't DROPPRIVS. Doing what Abigail has done with
SW> spamc (adding "-u nobody" to the command-line) will work
SW> around this; it will run spamc with lower privileges
SW> while still letting you write to a centralized log file.

CLARIFICATION: sa automatically runs itself as "nobody" so
you don't have to change the command line.  What you DO have
to do is add "nobody" as a privileged group to the directory
where you store the common files (like Bayes):

i.e.:

% chgrp nobody /path/to/bayes/directory

It is important that the x bit be set on the directory
user/group privileges:

rwxrwx--- or 770

because this enables the creation of a new file within the
directory, as the bayes_journal is frequently deleted &
recreated. SA has a filter so that a 770 setting will result
in the files themselves being assigned the value of 660

-Abigail

======================================================================
This is <vps-mail@xxxxxxxxxxxx>       <http://www.perlcode.org/lists/>
Before posting a question, please search the archives (see above URL).