Milter-greylist

Hello,

I see in 3.1.4 ChangeLog:
Add support for switching to a given group

What does it mean?

A (possibly related?) problem - milter-greylist is running as user smmsp,
and I added postfix user to group smmsp. I need to execute the following
command after starting milter-greylist:
chmod g+w /var/milter-greylist/milter-greylist.sock
so that postfix could write to the socket. Is it possible to use some config
file option or smth instead of running chmod?

Regards,
Nerijus

On Mon, Jan 29, 2007 at 07:17:22PM +0200, Nerijus Baliunas wrote:
> What does it mean?
> 
> A (possibly related?) problem - milter-greylist is running as user smmsp,
> and I added postfix user to group smmsp. I need to execute the following
> command after starting milter-greylist:
> chmod g+w /var/milter-greylist/milter-greylist.sock
> so that postfix could write to the socket. Is it possible to use some config
> file option or smth instead of running chmod?

Run with -u user:group

-- 
Emmanuel Dreyfus
manu@...

On Mon, 29 Jan 2007 18:40:39 +0000 Emmanuel Dreyfus <manu@...> wrote:

> Run with -u user:group

Is is possible to achieve the same by only changing greylist.conf?

Regards,
Nerijus

Nerijus Baliunas <nerijus@...> wrote:
 
> > Run with -u user:group 
> Is is possible to achieve the same by only changing greylist.conf?

If I recall correctly, yes.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

On Mon, 29 Jan 2007 22:05:35 +0100 manu@... wrote:

> > > Run with -u user:group 
> > Is is possible to achieve the same by only changing greylist.conf?
> 
> If I recall correctly, yes.

Yes, both are working, but only -u username[:groupname] is described in a man page.

Here is a patch for greylist.conf.5:

diff -u -r1.57 greylist.conf.5
--- greylist.conf.5	29 Jan 2007 04:57:18 -0000	1.57
+++ greylist.conf.5	29 Jan 2007 21:40:04 -0000
@@ -766,11 +766,12 @@
   socket "/var/milter-greylist/milter-greylist.sock"
 .TP
 .I user
-This keyword should be followed by a quoted user login. Like the 
+This keyword should be followed by a quoted user login and optionally :groupname.
+Like the 
 .B -u
 option, this is used to run
 .B milter-greylist(8)
-as a non root user.  Here is an example:
+as a non root user. Here is an example:
 .IP
   user "smmsp"
 .SH MISCELLANEOUS

But the problem still remains - although it sets group owner, I still need
group write permission as well.

Regards,
Nerijus

On Mon, 29 Jan 2007 18:40:39 +0000 Emmanuel Dreyfus <manu@...> wrote:

> > A (possibly related?) problem - milter-greylist is running as user smmsp,
> > and I added postfix user to group smmsp. I need to execute the following
> > command after starting milter-greylist:
> > chmod g+w /var/milter-greylist/milter-greylist.sock
> > so that postfix could write to the socket. Is it possible to use some config
> > file option or smth instead of running chmod?
> 
> Run with -u user:group

It sets group owner, but I still need group write permission as well.
From http://www.milter.org/milter_api/smfi_setconn.html :
Unix/local sockets should have their permissions set to 0600 (read/write permission only for the socket's owner) or 0660 (read/write permission for the socket's owner and group) which is useful if the sendmail RunAsUser option is used. The permissions for a unix/local domain socket are determined as usual by umask, which should be set to 007 or 077.

With the following patch I get group write permission on a socket file:

diff -u -r1.159 milter-greylist.c
--- milter-greylist.c	29 Jan 2007 04:57:18 -0000	1.159
+++ milter-greylist.c	31 Jan 2007 01:36:24 -0000
@@ -1267,6 +1267,7 @@
 		usage(argv[0]);
 	}
 	cleanup_sock(conf.c_socket);
+	umask(007);  /* set group write permission on a socket file */
 	(void)smfi_setconn(conf.c_socket);
 
 	/*

Is it possible to apply it or should an option for this be introduced?

Regards,
Nerijus

On Wed, Jan 31, 2007 at 03:44:45AM +0200, Nerijus Baliunas wrote:
> Is it possible to apply it or should an option for this be introduced?

It would not be hard to add the mode after the socket specification:
socket "/foo/bar/sock" 660

And I beleive it will satisfy everyone.
-- 
Emmanuel Dreyfus
manu@...

On Wed, 31 Jan 2007 07:39:13 +0000 Emmanuel Dreyfus <manu@...> wrote:

> It would not be hard to add the mode after the socket specification:
> socket "/foo/bar/sock" 660
> 
> And I beleive it will satisfy everyone.

I am trying the following patch:

diff -u -r1.162 milter-greylist.c
--- milter-greylist.c	2 Feb 2007 07:01:48 -0000	1.162
+++ milter-greylist.c	3 Feb 2007 23:48:24 -0000
@@ -1276,6 +1276,10 @@
 	cleanup_sock(conf.c_socket);
 	(void)smfi_setconn(conf.c_socket);
 
+	if (chmod(conf.c_socket, S_IWGRP) < 0) {
+		mg_log(LOG_ERR, "Error defining access to %s: %s", conf.c_socket, strerror(errno));
+	}
+
 	/*
 	 * Reload a saved greylist
 	 * No lock needed here either.

And I'm getting this message in the logs:
milter-greylist: Error defining access to /var/milter-greylist/milter-greylist.sock: No such file or directory

It seems socket is not created in smfi_setconn()? I tried to move chmod()
after "exitval = smfi_main()" line, but it didn't work neither. It seems the best
option would be to use umask(), but then it's impossible to use syntax like
socket "/foo/bar/sock" 660, isn't it?

Regards,
Nerijus

Nerijus Baliunas <nerijus@...> wrote:

> And I'm getting this message in the logs: milter-greylist: Error defining
> access to /var/milter-greylist/milter-greylist.sock: No such file or
> directory

Yes, it seems to be created from smfi_main() 

> It seems socket is not created in smfi_setconn()? I tried to move chmod()
> after "exitval = smfi_main()" line, but it didn't work neither.

Sure: this is never reached in normal condition.

>  It seems the best
> option would be to use umask(), but then it's impossible to use syntax like
> socket "/foo/bar/sock" 660, isn't it?

I have two concerns:
- can we screw things in smfi_main() by tempering with umask()?
- doesn't smfi_main() set umask() to avoid such problems?

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

On Sun, 4 Feb 2007 08:29:43 +0100 manu@... wrote:

> >  It seems the best
> > option would be to use umask(), but then it's impossible to use syntax like
> > socket "/foo/bar/sock" 660, isn't it?
> 
> I have two concerns:
> - can we screw things in smfi_main() by tempering with umask()?
> - doesn't smfi_main() set umask() to avoid such problems?

According to http://www.milter.org/milter_api/smfi_setconn.html ,
using umask it the official way:

The permissions for a unix/local domain socket are determined as usual
by umask, which should be set to 007 or 077.

Regards,
Nerijus

Nerijus Baliunas <nerijus@...> wrote:

> The permissions for a unix/local domain socket are determined as usual
> by umask, which should be set to 007 or 077.

Ok, so let's add an additionnal argument for the mode
socket "/var/run/milter-greylist.sock" 660

Possible values: 666, 660 or 600, which turn into umask 000, 007 or 077.
Other values cause an error.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

On Sun, 4 Feb 2007 21:19:49 +0100 manu@... wrote:

> Ok, so let's add an additionnal argument for the mode
> socket "/var/run/milter-greylist.sock" 660
> 
> Possible values: 666, 660 or 600, which turn into umask 000, 007 or 077.
> Other values cause an error.

How do I deal with config file parsing?  I tried the following:

diff -u -r1.45 conf.c
--- conf.c	26 Dec 2006 21:21:52 -0000	1.45
+++ conf.c	4 Feb 2007 23:06:01 -0000
@@ -425,6 +425,7 @@
 	c->c_syncsrcaddr = NULL;
 	c->c_syncsrcport = NULL;
 	c->c_socket = NULL;
+	c->c_socket_mode = 0;
 	c->c_user = NULL;
 	c->c_nodetach = 0;
 	c->c_report = C_ALL;
diff -u -r1.39 conf.h
--- conf.h	26 Dec 2006 21:21:52 -0000	1.39
+++ conf.h	4 Feb 2007 23:06:01 -0000
@@ -79,6 +79,7 @@
 	struct in6_addr c_match_mask6;
 #endif
 	char *c_socket;
+	int c_socket_mode;
 	char *c_user;
 	char *c_syncaddr;
 	char *c_syncport;
diff -u -r1.73 conf_yacc.y
--- conf_yacc.y	2 Feb 2007 07:00:06 -0000	1.73
+++ conf_yacc.y	4 Feb 2007 23:06:02 -0000
@@ -312,9 +312,11 @@
 #endif
 				}
 	;
-socket:		SOCKET QSTRING	{ if (C_NOTFORCED(C_SOCKET)) 
+socket:		SOCKET QSTRING	{ if (C_NOTFORCED(C_SOCKET)) {
 					conf.c_socket = 
 					    quotepath(conf.c_socket_storage, $2, QSTRLEN);
+					strncpy(conf.c_socket_mode, $3, NUMLEN);
+				}
 				}
 	;
 user:		USER QSTRING	{ if (C_NOTFORCED(C_USER))

but it fails when making:
bison -y -p`echo conf_yacc.c|sed 's/^\([^_]\{1,\}_\).*$/\1/'` conf_yacc.y
conf_yacc.y:318.69-70: integer out of range: `$3'
make: *** [conf_yacc.c] Error 1

Regards,
Nerijus

Nerijus Baliunas <nerijus@...> wrote:

> How do I deal with config file parsing?  I tried the following:

Hint:

socket: SOCKET QSTRING { 
                ... 
        }
    |   SOCKET QSTRING TNUMBER {
                ...
                switch($2) {
                case 666:
                case 660:
                case 600:
                default:
                        /* error */
                }
        }
    ;

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

... Thanks, it s clear now :). Patch attached. Regards, Nerijus

Nerijus Baliunas <nerijus@...> wrote:

> Thanks, it's clear now :). Patch attached.

I had to refactor it a bit. Please check it works as expected.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

On Tue, 6 Feb 2007 07:45:46 +0100 manu@... wrote:

> > Thanks, it's clear now :). Patch attached.
> 
> I had to refactor it a bit. Please check it works as expected.

Yes, it does, thanks,

Nerijus