[milters] Archive

Lists Index Date Thread Search

Article: 619
From: Anthony Howe
Date: 2005-06-16 03:35:28 -0400
Subject: Re: Milter ahead erroring out every 5 minutes Socket

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

Ryan Moore wrote:
> Aaron Berg wrote:
> 
>>When installing libsnert 1.44 and milter-ahead .9 I am having
>>difficulties getting milter-ahead to create a socket at /var/run/. It
>>appears that it is creating the .pid just fine. I was able to work
>>around this by using the milter-ahead .8 socket that didn't die which
>>was in a different directory and changing the sendmail.mc file to point
>>to the old socket.
>>
>>My question is: What can I try or check for if milter-ahead isn't
>>creating a socket file. Permissions on the directories are standard
>>root:root and 755. As a side note I am having difficulties with another
>>machine that is being setup with libsnert+milter-ahead for the first
>>time. That machine also refuses to create a socket file.
>>
> 
> 
> If the milter is running as user 'smmsp', it probably won't be able to 
> create a socket in that directory. Perhaps make a subdirectory and give 
> user smmsp write priviledges (assuming the milter is running as smmsp) 
> and update pointers to that socket accordingly.

First. Are you using the latest version of libmilter from the sendmail 
8.13 distribution, one that has the smfi_opensocket()? Check 
com/snert/include/com/snert/lib/version.h for HAVE_SMFI_OPENSOCKET, or 
use nm /grep on libmilter.a.  If you do, then start the milter as root, 
it will create the socket in /var/run then change process owner. If you 
start it as another user first, then it cannot create the pid, socket, 
and cache in /var/run and /var/db (or /var/cache for linux).

If your libmilter does not have smfi_opensocket() its most likely you 
are using an old distribution of libmilter that is missing some of the 
milter API enhancements (and bug fixes). With the older libmilter, the 
socket would not be created until smfi_main() was called after process 
ownership had changed.

When my milters start, they start as root, open or create the necessary 
files, change file ownership on cache and pid files to the desired 
process owner, then change process owner to something safe, like user 
milter (or user smmsp from older distributions).

-- 
Anthony C Howe                                 +33 6 11 89 73 78
http://www.snert.com/       ICQ:
7116561         AIM: Sir Wumpus

"Understanding is a three edged sword." - Kosh, Babylon 5

Lists Index Date Thread Search