Bug 230685 - mail/opendkim fails to start when socket directory /var/run/milteropendkim has group write acl
Summary: mail/opendkim fails to start when socket directory /var/run/milteropendkim ha...
Status: New
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-ports-bugs mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-08-17 06:39 UTC by dewayne
Modified: 2018-08-17 06:39 UTC (History)
1 user (show)

See Also:
bugzilla: maintainer-feedback? (freebsd-ports)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description dewayne 2018-08-17 06:39:06 UTC
The /usr/local/etc/rc.d/milter-opendkim is really very good, thankyou.  However I experience startup failures which sendmail advises via its maillog:
Aug 17 13:47:11 b3 sm-mta[4193]: w7H3lB78004193: Milter (dkim): local socket name /var/run/milteropendkim/sock unsafe

Gasp!

sendmail doesn't like group write permissions on /var/run/milteropendkim/.

FIX
Modifying all instances of "_piddir_perms=" in the startup rc file, to
_piddir_perms="0750"
fixes the issue.  

And for package builds, the same step needs to be applied to 
/usr/ports/mail/opendkim/files/milter-opendkim.in

BACKGROUND
My env is FreeBSD11.2, the rc.conf entries are
milteropendkim_enable="YES"
milteropendkim_uid="dkim"
milteropendkim_cfgfile="/usr/local/etc/opendkim.conf"
milteropendkim_socket="/var/run/milteropendkim/sock"