Bug#1002527: milter-greylist -u user does not correctly ensure user can update greylist.db
Control: severity -1 important
Control: tags -1 pending
X-Debbugs-CC: tobi@debian.org, mrvn@renich.org, bunk@debian.org, tron@zhadum.org.uk
Hi again folks,
Per suggestion from Tobi, I'm reducing the severity of this bug from
'critical' (RC) to 'important', since the default configuration works
fine out of the box on a Debian system (with systemd).
Thanks to Tobi adding me to the ACL for salsa:debian/milter-greylist,
I went ahead and pushed my proposed change to the repo, also attached
as a patch for your convenience.
https://salsa.debian.org/debian/milter-greylist/-/commit/d118c24c45674fe8ae75ae965555b318a4cb1320
Tobi, if there are still no objections in the coming days, I'd
appreciate it if you'd please sponsor this to unstable for me.
Thanks,
-a
>From d118c24c45674fe8ae75ae965555b318a4cb1320 Mon Sep 17 00:00:00 2001
From: Amin Bandali <bandali@gnu.org>
Date: Tue, 24 Oct 2023 19:54:36 -0400
Subject: [PATCH] Set user greylist in greylist.conf instead of
milter-greylist.service
---
debian/changelog | 11 +++++++++++
debian/milter-greylist.service | 2 +-
debian/patches/conf-dumpfreq | 6 +++---
debian/patches/greylist.conf | 19 ++++++++++++-------
4 files changed, 27 insertions(+), 11 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 32f3de6..8832c9a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,14 @@
+milter-greylist (4.6.4-3) UNRELEASED; urgency=medium
+
+ * QA upload.
+ * Set user greylist in the configuration file rather than as a
+ command-line option in the service file (which always takes
+ precedence) to allow easier customization. (Closes: #1002527)
+ - debian/milter-greylist.service
+ - debian/patches/greylist.conf
+
+ -- Amin Bandali <bandali@gnu.org> Tue, 24 Oct 2023 19:49:53 -0400
+
milter-greylist (4.6.4-2) unstable; urgency=medium
[ Ondřej Surý ]
diff --git a/debian/milter-greylist.service b/debian/milter-greylist.service
index b5a6e80..bcef86f 100644
--- a/debian/milter-greylist.service
+++ b/debian/milter-greylist.service
@@ -5,7 +5,7 @@ Before=postfix.service
[Service]
Type=forking
-ExecStart=/usr/sbin/milter-greylist -u greylist
+ExecStart=/usr/sbin/milter-greylist
Restart=on-failure
PrivateTmp=true
diff --git a/debian/patches/conf-dumpfreq b/debian/patches/conf-dumpfreq
index 5400f40..a0de3db 100644
--- a/debian/patches/conf-dumpfreq
+++ b/debian/patches/conf-dumpfreq
@@ -8,11 +8,11 @@ Index: milter-greylist-4.3.5/greylist.conf
--- milter-greylist-4.3.5.orig/greylist.conf 2010-03-15 14:48:16.000000000 +0000
+++ milter-greylist-4.3.5/greylist.conf 2010-03-15 14:48:48.732009554 +0000
@@ -7,7 +7,7 @@
-
pidfile "/var/run/milter-greylist.pid"
+ socket "/var/run/milter-greylist/milter-greylist.sock"
dumpfile "/var/lib/milter-greylist/greylist.db" 600
-dumpfreq 1
+dumpfreq 10m
+ user "greylist"
- # For sendmail use the following two lines
- socket "/var/run/milter-greylist/milter-greylist.sock"
+ # If using Postfix rather than Sendmail, uncomment the following
diff --git a/debian/patches/greylist.conf b/debian/patches/greylist.conf
index 6e1d33d..216aae9 100644
--- a/debian/patches/greylist.conf
+++ b/debian/patches/greylist.conf
@@ -8,23 +8,28 @@ Index: milter-greylist-4.5.11/greylist.conf
===================================================================
--- milter-greylist-4.5.11.orig/greylist.conf 2014-07-30 09:29:48.543484591 +0100
+++ milter-greylist-4.5.11/greylist.conf 2014-07-30 09:29:48.539484522 +0100
-@@ -6,11 +6,17 @@
+@@ -6,11 +6,21 @@
#
pidfile "/var/run/milter-greylist.pid"
-socket "/var/milter-greylist/milter-greylist.sock"
-dumpfile "/var/milter-greylist/greylist.db" 600
++socket "/var/run/milter-greylist/milter-greylist.sock"
+dumpfile "/var/lib/milter-greylist/greylist.db" 600
dumpfreq 1
-+
-+# For sendmail use the following two lines
-+socket "/var/run/milter-greylist/milter-greylist.sock"
- user "smmsp"
+-user "smmsp"
++user "greylist"
-+# For Postfix uncomment the following two lines and comment out the
-+# sendmail ones above.
++# If using Postfix rather than Sendmail, uncomment the following
++# socket and user settings and comment out the socket and user above.
+#socket "/var/run/milter-greylist/milter-greylist.sock" 660
+#user "postfix"
++
++# If using a chrooted Postfix, you might want to use something like
++# the following instead (where "/var/spool/postfix" is the Postfix
++# chroot):
++#socket "/var/spool/postfix/milter-greylist/milter-greylist.sock" 660
++#user "greylist:postfix"
# Log milter-greylist activity to a file
#stat ">>/var/milter-greylist/greylist.log" \
--
2.39.2
Reply to: