bayes_journal - Bad permissions

Martin martin.lyberg at gmail.com
Wed Nov 29 10:04:19 GMT 2006 

Glenn Steen wrote:

> We'll have to be careful with using Swedish here... Otherwise the
> "bork-bork-bork" fanatics will start up...:-)

:)

> Hm, let me demonstrate why setgid is a good idea for directories (and
> not much else:-):
> [root at mail ~]# mkdir a
> [root at mail ~]# chown glenn.glenn a
> [root at mail ~]# touch a/a
> [root at mail ~]# ls -la a
> totalt 12
> drwxr-xr-x   2 glenn glenn 4096 nov 29 10:18 ./
> drwx------  69 root  root  8192 nov 29 10:18 ../
> -rw-r--r--   1 root  root     0 nov 29 10:18 a
> [root at mail ~]# chmod 2755 a
> [root at mail ~]# touch a/b
> [root at mail ~]# ls -la a
> totalt 12
> drwxr-sr-x   2 glenn glenn 4096 nov 29 10:19 ./
> drwx------  69 root  root  8192 nov 29 10:18 ../
> -rw-r--r--   1 root  root     0 nov 29 10:18 a
> -rw-r--r--   1 root  glenn    0 nov 29 10:19 b
> [root at mail ~]#
> ... as you can see, after setting the setgid bit on the directory,
> files put into that directory is "forced" to be owned by the
> directorys group. This piece of "magic" isn't present in all *nix
> systems, so do try it before setting it. Setting the setgid bit has no
> real effect on regular files (hence "ls -l" showing it as capital S).
> So not really a problem, but not beneficial either.
> No such "magic" exist for directories and the setuid bit, so that
> shouldn't be set either.

Ok, thanks for the clarification

> I hope you ment that you set the _files_ in
> /var/spool/MailScanner/spamassassin/ to 0660, not the directory...
> That should be mode 2770, in your case;-).

Yes, i meant on the files, not the directory itself :)

> Yes, that seems rather likely.

Unfortunately it didn't help. It still looks the same. I've restarted 
both postfix and mailscanner:

/var/spool/MailScanner/spamassassin# ls -al
total 6272
drwxrws--- 2 postfix www-data   12288 2006-11-29 11:01 .
drwxr-xr-x 6 postfix postfix     4096 2006-04-24 17:07 ..
-rw-rw---- 1 postfix www-data 1331200 2006-11-29 11:01 auto-whitelist
-rw------- 1 postfix www-data   38376 2006-11-29 11:01 bayes_journal
-rw-rw---- 1 postfix www-data      36 2006-11-29 08:36 bayes.mutex
-rw-rw---- 1 postfix www-data 1318912 2006-11-29 11:01 bayes_seen
-rw-rw---- 1 postfix www-data 5156864 2006-11-29 11:01 bayes_toks

/var/spool/MailScanner# ls -al
total 32
drwxr-xr-x  6 postfix postfix   4096 2006-04-24 17:07 .
drwxr-xr-x  6 root    root      4096 2006-04-24 16:27 ..
drwxr-x---  2 postfix postfix   4096 2006-03-06 02:29 archive
drwxr-x--- 21 postfix postfix   4096 2006-11-29 11:02 incoming
drwxrwx---  4 postfix www-data  4096 2006-11-29 01:03 quarantine
drwxrws---  2 postfix www-data 12288 2006-11-29 11:02 spamassassin

Got any more ideas?

/ Martin

More information about the MailScanner mailing list