system/4982: stock spamd.conf's relaydb snippets vs. $PATH in crontab

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

system/4982: stock spamd.conf's relaydb snippets vs. $PATH in crontab

jared rr spiegel
>Number:         4982
>Category:       system
>Synopsis:       stock spamd.conf's relaydb snippets vs. $PATH in crontab
>Confidential:   yes
>Severity:       non-critical
>Priority:       low
>Responsible:    bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Jan 20 14:20:01 GMT 2006
>Originator:     jared rr spiegel
>Release:        -current
        System      : OpenBSD 3.8
        Architecture: OpenBSD.i386
        Machine     : i386
        the 'relaydb' snippets in stock spamd.conf won't, by default, work
        in cron ( /usr/libexec/spamd-setup ) because default crontab sets $PATH
        to not include /usr/local/bin, thus if the relaydb snippets are uncommented
        and used, when spamd-setup is run via cron, it will not be able to find
        'relaydb' in $PATH and no effect will be made to the pftables.
        install relaydb from ports, populate its database, verify it has
        items in said database; uncomment the -white and -black relaydb sections
        from the default spamd.conf and set the config to only use relaydb in "all:",
        uncomment /usr/libexec/spamd-setup from default root crontab; setup pf
        <spamd> and <spamd-white> tables; let it run.
        the tables won't be populated by /usr/libexec/spamd-setup.  verify
        spamd-setup is not populating tables by putting '-d' in crontab; cron email
        will say '0 addresses' for white and black.

        alternatively, run "spamd-setup -dn" and see it have a nonzero number of addresses,
        then redefine your path to be /bin:/sbin:/usr/bin:/usr/sbin, repeat the spamd-setup,
        and it will say 0 addresses.

        *NOTE* this doesn't have anything to do with a user not having it dawn on them
          that root's cron runs as root and therefore when relaydb runs it is looking
          for the "$HOME/.relaydb" file in root's home instead of their own homedir...
        either of these would work:
        1) put '/usr/local/bin' in $PATH in the default root crontab (/usr/src/etc/crontab),
           as that is where relaydb installs to
        2) put full literal pathname of relaydb binary into default spamd.conf, instead
           of just the binary name who is currently there.

diff representing #2:
--- spamd.conf.orig Fri Jan 20 06:44:05 2006
+++ spamd.conf Fri Jan 20 06:44:28 2006
@@ -70,12 +70,12 @@
 # :black:\
 # :msg="SPAM. Your address %A is in my relaydb list.":\
 # :method=exec:\
-# :file=relaydb -4lb:
+# :file=/usr/local/bin/relaydb -4lb:
 # :white:\
 # :method=exec:\
-# :file=relaydb -4lw:
+# :file=/usr/local/bin/relaydb -4lw:
 # Whitelists are done like this, and must be added to "all" after each
 # blacklist from which you want the addresses in the whitelist removed.