Professional Software Engineering wrote:
Be sure you know who the recipe is running as (in a global procmailrc
before DROPPRIVS, it's not the user).
At this point it's running as root:mail because of the setuid/setgid
bits. It *is* in a global rc file, and I drop privileges before
delivery/forwarding. I wonder if I should drop even before the spam
check part?
:0 fw * $ < ${SpamCheckMaxSize} * $? test -x
${SpamCheckProg} | ${SpamCheckProg}
Uhm, what sort of problem are you having trying to accomplish it the
way you're showing above? What's your VERBOSE logfile have to say
about it, and what are the perms of the file (and user)?
-rwxr-xr-x 1 root root 35184 2008-03-03 14:27 /usr/bin/spamc
procmail: Executing " test -x /usr/sbin/spamc"
procmail: Non-zero exitcode (1) from " test -x /usr/sbin/spamc"
procmail: No match on " test -x /usr/sbin/spamc"
procmail: Assigning "DROPPRIVS=YES"
Note that if the spamcheckprogram doesn't read the entire source
message (say, it bails after reading just the headers), procmail will
assume the program failed in some way and will treat the message as
UNFILTERED, which might be the problem you're having (but since
you're not saying what leads you to believe the above code doesn't
work, this is just a guess).
As far as I can tell (reading the logs), the 'test' command is failing
to find an executable file at that location, but because the permissions
on spamc 755, I think procmail isn't parsing the line as I expected:
* $? test -x ${SpamCheckProg}
How does procmail know that in that condition line, I want it to pass
the entire condition to the shell, and just evaluate the result?
Is SpamCheckProg a full and CORRECT path? Is this running on a local
mail system, or an NFS mount?
Local path.
Cheers,
Steve
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)de
http://mailman.rwth-aachen.de/mailman/listinfo/procmail