On Mon, October 3, 2005 8:13, Tony Earnshaw said:
> må den 03.10.2005 Klokka 06:15 (-0400) skreiv Lloyd Zusman:
>>
>> [...]
>>
>> This parallels how "spamc" interacts with "spamd" in SpamAssassin.
>> In my other message here to Odhiambo Washington, I show how I am
>> using "dspamc" in this exact manner.
>
> Fine, nicely put together ...
Thank you.
Actually, it turns out that I don't need the wrapper program.
I guess my understanding of the set-GID bit has been incorrect for
all these years. All I had to do is this in order to get dspamc
to work:
# chown root:mail /usr/local/bin/dspamc
# chmod 711 /usr/local/bin/dspamc
# chmod g+s /usr/local/bin/dspamc
# ls -l /usr/local/bin/dspamc
-rwx--s--x 1 root mail 225276 Oct 2 01:00 /usr/local/bin/dspamc
Apparently, I don't need to invoke "setgid(setegid())" within the
executable in order for the set-GID bit to do its thing.
I never realized that the mere setting of the set-GID bit on a file
would cause this to happen automatically. I'm sure that's not true
for the set-UID bit, and I incorrectly assumed that this behavior
also carried over to the gid processing.
So now that a wrapper isn't needed, I would think that a small change
to the build scripts is in order: to make the --with-dspam-mode,
--with-dspam-owner, and --with-dspam-group processing to apply
also to the "dspamc" executable.
I'll look into this change over the next few days (in my not-so-ample
spare time), and once I get it done, I'll post a patch both to here and
to the devel group.
-- Lloyd Zusman ljz@asfast.com God bless you.Received on Mon Oct 3 18:53:53 2005
This archive was generated by hypermail 2.1.8 : Tue Oct 04 2005 - 00:00:01 EDT