Ubuntu
amavisd-milter package

init.d script fails to set socket ownership and permissions on slower systems

Bug #1915501 reported by Nick Tait
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
amavisd-milter (Ubuntu)
Fix Released
Undecided
Harald Jenny

Bug Description

I've just started using amavisd-milter on an 'older' (i.e. slow) server, and I encountered a problem with the init.d startup script (/etc/init.d/amavisd-milter): The script would successfully use "start-stop-daemon $START" to launch the /usr/sbin/amavisd-milter process, but would then attempt to set the ownership (chown) and permissions (chmod) on the unix socket before the /usr/sbin/amavisd-milter process had created the socket.

This meant that the ownership and permissions specified in /etc/default/amavisd-milter would fail to have any effect (or in some cases, setting the ownership would fail but setting the permissions would succeed).

The solution to this problem is to have the startup script wait until the socket is created, before attempting to set the ownership and permissions.

I've updated the script on my server to resolve the problem, and I'd like to submit this as a patch, but I'm having trouble finding out which project to check out (i.e. with bzr branch lp:PROJECT-NAME)? Perhaps it is because there is an upstream project that I should be using instead? Please point me in the right direction?

System information:

# lsb_release -rd
Description: Ubuntu 18.04.5 LTS
Release: 18.04

# apt-cache policy amavisd-milter
amavisd-milter:
  Installed: 1.5.0-5
  Candidate: 1.5.0-5
  Version table:
 *** 1.5.0-5 500
        500 http://nz.archive.ubuntu.com/ubuntu bionic/universe i386 Packages
        100 /var/lib/dpkg/status

Thanks,
Nick.

Revision history for this message
Nick Tait (nick.t) wrote :

Here is the fix that I'm using (complete updated file is also attached). The updated init.d script checks that the socket exists before executing the chown/chmod commands. If it doesn't exist, it sleeps for 1 second and rechecks, repeating if necessary up to 5 times, before logging a warning if the socket still doesn't exist.

$ diff amavisd-milter.old amavisd-milter
82d81
< log_end_msg 0
84,88c83,99
< if [ "$MILTERSOCKETOWNER" ]; then
< chown "$MILTERSOCKETOWNER" "$MILTERSOCKET"
< fi
< if [ "$MILTERSOCKETMODE" ]; then
< chmod "$MILTERSOCKETMODE" "$MILTERSOCKET"
---
> # Wait for up to 5 seconds for unix socket to be created
> for i in 1 2 3 4 5; do
> if [ -S "$MILTERSOCKET" ]; then
> break
> fi
> sleep 1
> done
> # Set ownership and permissions on unix socket as appropriate
> if [ -S "$MILTERSOCKET" ]; then
> if [ "$MILTERSOCKETOWNER" ]; then
> chown "$MILTERSOCKETOWNER" "$MILTERSOCKET"
> fi
> if [ "$MILTERSOCKETMODE" ]; then
> chmod "$MILTERSOCKETMODE" "$MILTERSOCKET"
> fi
> else
> log_warning_msg "timed out waiting for pipe to be created"
 90a102
> log_end_msg 0

Revision history for this message
Harald Jenny (harald-a-little-linux-box) wrote :

Dear Nick,

first thanks for your bug report the problem is already known (Debian bug #854180) and worked around in commit https://salsa.debian.org/haraldj-guest/amavisd-milter/-/commit/33e39f13387bc29e011ff1d55475c8ead3ca1dad.
The real fix was done by the upstream author to create the pipe before returning control to the init script but this fix is only available in version 1.7.0 of amavisd-milter. So my advice would be to either apply the fix from https://salsa.debian.org/haraldj-guest/amavisd-milter/-/commit/33e39f13387bc29e011ff1d55475c8ead3ca1dad which loops forever with a shorter delay time or to rebuild the source package from Ubuntu Hirsute Hippo which incorporates the fix.
For rebuilding the source package please look at https://bugs.launchpad.net/bionic-backports/+bug/1905541 where I already documented the requirements. You may also request a official backport by creating a bug report at https://launchpad.net/bionic-backports but mine wasn't considered until now.
Again thanks for your report and your work I'm currently unsure what to do with your bug report as I don't know how to best fix this issue in a LTS release.

Kind regards
Harald Jenny

Changed in amavisd-milter (Ubuntu):
status: New → In Progress
assignee: nobody → Harald Jenny (harald-a-little-linux-box)
Revision history for this message
Nick Tait (nick.t) wrote :

Hi Harald.

I'm happy for this bug to be closed.

(FYI I'm currently in the process of decommissioning this old server, and replacing it with a new machine which supports the latest Ubuntu distro.)

Nick.

Revision history for this message
Harald Jenny (harald-a-little-linux-box) wrote :

Hi Nick,

ok then I will close this bug and hope the new server works well.

Bye
Harald

Revision history for this message
Harald Jenny (harald-a-little-linux-box) wrote :

Fixed by newer version of amavisd-milter package.

Changed in amavisd-milter (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.