From: Stoiko Ivanov <s.ivanov@proxmox.com>
To: pmg-devel@lists.proxmox.com
Subject: [pmg-devel] [PATCH pmg-api v3 5/6] api: spamassassin: update local channels
Date: Tue, 19 Jan 2021 11:38:14 +0100 [thread overview]
Message-ID: <20210119103815.15934-6-s.ivanov@proxmox.com> (raw)
In-Reply-To: <20210119103815.15934-1-s.ivanov@proxmox.com>
This patch adds a helper to loop over all present Spamassassin
channels files in /etc/mail/spamassassin/channel.d and:
* import the included gpg key into sa-update's keyring
* run sa-update for each channel separately
the verbose argument of the helper is for reusing the code in
pmg-daily (where we only want to log errors and be less informative)
the $SA_UPDATE variable hardcoding the path of /usr/bin/sa-update was
dropped in favor of using 'sa-update' without path since we do have a
sensible setting of PATH everywhere, and hardcoding paths is
problematic (especially in usr-merged systems).
The choice of invoking sa-update for each channel separately, instead
of providing multiple '--channel' and '--gpgkey' options to a single
command was made to prevent downloading signatures, which were signed
by a key not configured for the channel.
Importing gpg-keys is also done with individual sa-update invocations,
because sa-update only imports the last present --import argument
(wrong use of Getopt::Long)
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
---
src/PMG/API2/SpamAssassin.pm | 8 ++++----
src/PMG/Utils.pm | 28 ++++++++++++++++++++++++++++
2 files changed, 32 insertions(+), 4 deletions(-)
diff --git a/src/PMG/API2/SpamAssassin.pm b/src/PMG/API2/SpamAssassin.pm
index 6b9f8f9..441fd7e 100644
--- a/src/PMG/API2/SpamAssassin.pm
+++ b/src/PMG/API2/SpamAssassin.pm
@@ -18,8 +18,6 @@ use Mail::SpamAssassin;
use base qw(PVE::RESTHandler);
-my $SAUPDATE = '/usr/bin/sa-update';
-
__PACKAGE__->register_method ({
name => 'index',
path => '',
@@ -108,7 +106,7 @@ __PACKAGE__->register_method({
}
# call sa-update to see if updates are available
- my $cmd = "$SAUPDATE -v --checkonly --channel $channel";
+ my $cmd = "sa-update -v --checkonly --channel $channel";
PVE::Tools::run_command($cmd, noerr => 1, logfunc => sub {
my ($line) = @_;
@@ -171,9 +169,11 @@ __PACKAGE__->register_method({
$ENV{http_proxy} = $http_proxy;
}
- my $cmd = "$SAUPDATE -v";
+ my $cmd = "sa-update -v";
PVE::Tools::run_command($cmd, noerr => 1);
+
+ PMG::Utils::update_local_spamassassin_channels(1);
};
return $rpcenv->fork_worker('saupdate', undef, $authuser, $realcmd);
diff --git a/src/PMG/Utils.pm b/src/PMG/Utils.pm
index e3863b0..149bcdc 100644
--- a/src/PMG/Utils.pm
+++ b/src/PMG/Utils.pm
@@ -1475,4 +1475,32 @@ sub local_spamassassin_channels {
return $res;
}
+sub update_local_spamassassin_channels {
+ my ($verbose) = @_;
+ # import all configured channel's gpg-keys to sa-update's keyring
+ my $localchannels = PMG::Utils::local_spamassassin_channels();
+ for my $channel (@$localchannels) {
+ my $importcmd = ['sa-update', '--import', $channel->{filename}];
+ push @$importcmd, '-v' if $verbose;
+
+ print "Importing gpg key from $channel->{filename}\n" if $verbose;
+ PVE::Tools::run_command($importcmd);
+ }
+
+ my $fresh_updates = 0;
+
+ for my $channel (@$localchannels) {
+ my $cmd = ['sa-update', '--channel', $channel->{channelurl}, '--gpgkey', $channel->{keyid}];
+ push @$cmd, '-v' if $verbose;
+
+ print "Updating $channel->{channelurl}\n" if $verbose;
+ my $ret = PVE::Tools::run_command($cmd, noerr => 1);
+ die "updating $channel->{channelurl} failed - sa-update exited with $ret\n" if $ret >= 2;
+
+ $fresh_updates = 1 if $ret == 0;
+ }
+
+ return $fresh_updates
+}
+
1;
--
2.20.1
next prev parent reply other threads:[~2021-01-19 10:39 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-19 10:38 [pmg-devel] [PATCH pmg-api v3 0/6] add support for locally configured SA channels Stoiko Ivanov
2021-01-19 10:38 ` [pmg-devel] [PATCH pmg-api v3 1/6] buildsys: fix check target in main Makefile Stoiko Ivanov
2021-01-19 10:38 ` [pmg-devel] [PATCH pmg-api v3 2/6] buildsys: fix PERLLIB setting in tests/Makefile Stoiko Ivanov
2021-01-19 10:38 ` [pmg-devel] [PATCH pmg-api v3 3/6] add helper for parsing SA channel.d files Stoiko Ivanov
2021-01-19 10:38 ` [pmg-devel] [PATCH pmg-api v3 4/6] api: spamassassin: read local channels Stoiko Ivanov
2021-01-19 10:38 ` Stoiko Ivanov [this message]
2021-01-19 10:38 ` [pmg-devel] [PATCH pmg-api v3 6/6] pmg-daily: run sa-update for " Stoiko Ivanov
2021-01-20 10:31 ` [pmg-devel] applied-series: [PATCH pmg-api v3 0/6] add support for locally configured SA channels Thomas Lamprecht
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210119103815.15934-6-s.ivanov@proxmox.com \
--to=s.ivanov@proxmox.com \
--cc=pmg-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.