Christopher J. PeBenito
cpebenito at tresys.com
Tue Apr 21 16:09:36 CDT 2009
On Tue, 2009-04-21 at 21:33 +0100, Paul Howarth wrote:
> On Tue, 21 Apr 2009 16:12:27 -0400
> "Christopher J. PeBenito" <cpebenito at tresys.com> wrote:
> > On Thu, 2009-04-02 at 16:22 +0100, Paul Howarth wrote:
> > > Paul Howarth wrote:
> > > > This is a patch to support a single system-wide spamassassin
> > > > configuration using spamass-milter. Current policy only supports
> > > > a spamassassin configuration that uses separate per-user config
> > > files,
> > > > which are stored either in ~/.spamassassin for real users or in
> > > some
> > > > system-specific directory probably labelled spamassassin_spool_t
> > > for
> > > > virtual users.
> > > >
> > > > The current Fedora spamass-milter package runs as user sa-milt,
> > > having a
> > > > home directory of /var/run/spamass-milter. This has proved to be
> > > > an unfortunate choice because all files (including the
> > > > system-wide spamassassin preferences and bayes databases) get
> > > > cleared out of
> > > that
> > > > directory on reboot (http://bugzilla.redhat.com/489995). I
> > > therefore
> > > > intend to change the home directory of this user to
> > > > /var/lib/spamass-milter.
> > > >
> > > > This patch provides for appropriate labelling and rules for this
> > > > directory to allow spamass-milter and spamassassin to work in
> > > > this configuration.
> > >
> > > Attached is an updated version of the patch that:
> > >
> > > * renames the spamass_milter_manage_state interface to
> > > milter_spamass_manage_state so as to fit the naming convention
> > > better
> > >
> > > * adds milter_spamass_manage_state(spamc_t), needed for razor,
> > > pyzor etc. called from spamassassin when installed and used with
> > > the milter
> > Sorry for the slow response. Two things.
> > * The interface should be milter_manage_spamass_state().
> OK: do you want me to resubmit the patch or can you do the rename
> whilst merging.
> > * Is this needed because of the way that Fedora configures it? (is
> > this a Fedora-specific change) If so, it should likely be in a
> > distro_redhat.
> No, it's not Fedora-specific. There's a bunch of different ways that
> the milter and spamassassin can be configured, and I'd missed this one
Tresys Technology, LLC
(410) 290-1411 x150
More information about the refpolicy