Milter-greylist

Hello,

As you can now use
rpmbuild --define "build_user smmsp" -tb milter-greylist-3.1.5a1.tgz,
there's probably no need for configure to alter line "%define user"
in milter-greylist.spec? Because it's much easier to use rpmbuild --define
instead of the old way - run ./configure --with-user and then use regenerated
milter-greylist.spec or repack the archive and then use rpmbuild.
If you agree, then please change
%define user @USER@
to
%define user root
in milter-greylist.spec.in (line 7).

Now a problem: --with-user=smmsp sets user="smmsp" in rc-redhat.sh,
and then "/etc/rc.d/milter-greylist start" does not start with an error in the log:
milter-greylist: /usr/bin/milter-greylist: cannot change supplementary groups: Operation not permitted

What does this error mean? Could it be related to "Add support for switching
to a given group"?
If I change to user="root" in rc-redhat.sh, it then works.
smmsp user's group is smmsp:
# groups smmsp
smmsp : smmsp

Regards,
Nerijus

Nerijus Baliunas <nerijus@...> wrote:

> Now a problem: --with-user=smmsp sets user="smmsp" in rc-redhat.sh, > and
then "/etc/rc.d/milter-greylist start" does not start with an error in
the log: > milter-greylist: /usr/bin/milter-greylist: cannot change
supplementary groups: Operation not permitted

I just committed a fix.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Nerijus Baliunas wrote on Tue, 6 Feb 2007 17:19:42 +0200:

> Now a problem: --with-user=smmsp sets user="smmsp" in rc-redhat.sh,
> and then "/etc/rc.d/milter-greylist start" does not start with an error in the log:
> milter-greylist: /usr/bin/milter-greylist: cannot change supplementary groups: Operation not permitted

I think the reason for this is that the command line in rc-redhat.sh actually 
tries to hand the user to the daemon command and not to milter-greylist:

OPTIONS="-P $pidfile -p $socket"
daemon --user=$user /usr/local/bin/milter-greylist $OPTIONS

change to:

OPTIONS="-u $user -P $pidfile -p $socket"
daemon /usr/local/bin/milter-greylist $OPTIONS

(that's how it works here since long on RH systems)

or just start without OPTIONS and set this in the config file.

Emmanuel, I don't have files from cvs. If you would accept corrected files from 
the latest release tarball (3.1.4) as a whole I could send you a
corrected rc-suse.sh.in and rc-redhat.sh.in

Kai

-- 
Kai Sch\ufffdtzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com

Kai Schaetzl <maillists@...> wrote:

> Emmanuel, I don't have files from cvs. If you would accept corrected files
> from the latest release tarball (3.1.4) as a whole I could send you a
> corrected rc-suse.sh.in and rc-redhat.sh.in

I made a broader fix today: milter-greylist does not try to change
uid/gid if not started as root. That should fix the issue.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

On Tue, 6 Feb 2007 20:50:25 +0100 manu@... wrote:

> I made a broader fix today: milter-greylist does not try to change
> uid/gid if not started as root. That should fix the issue.

Yes, this fixed it, thanks.

Regards,
Nerijus

On Tue, 06 Feb 2007 20:31:35 +0100 Kai Schaetzl <maillists@...> wrote:

> Emmanuel, I don't have files from cvs. If you would accept corrected files from 
> the latest release tarball (3.1.4) as a whole I could send you a
> corrected rc-suse.sh.in and rc-redhat.sh.in

Please send a diff here (i.e. diff -u rc-suse.sh.in.orig rc-suse.sh.in > rc-suse.sh.in.diff).

Regards,
Nerijus