[pmg-devel] [PATCH pmg-api v5 01/11] pmgpolicy: move pid file into /run/pmgpolicy

[pmg-devel] [PATCH pmg-api v5 01/11] pmgpolicy: move pid file into /run/pmgpolicy

[Maximiliano Sandoval]

We use systemd's RuntimeDirectory to ensure the directory exists when needed.

We also set $opt_pidfile using PIDFILE, see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#%24PIDFILE.

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---

Differences from v4:
 - Run pmg-smtp-filter migration if coming from a version older than 9.0.0.
 - Instead of adding the pmgpolicy user to the pmg group, pmgproxy.service is
   started with SupplementaryGroups=systemd-journal
 - Use $ENV{'PIDFILE'} instead of hardcoding PID path on binaries backed up
   with a systemd service

Differences from v3:
 - Override rrdcached's systemd unit to add SOCKGROUP=pmg instead of
   modifying /etc/default/rrdcached.conf

Differences from v2:
 - Use systemd-sysusers for creating users

 debian/pmgpolicy.service | 3 ++-
 src/bin/pmgpolicy        | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/debian/pmgpolicy.service b/debian/pmgpolicy.service
index 517a5d61..21a403f0 100644
--- a/debian/pmgpolicy.service
+++ b/debian/pmgpolicy.service
@@ -10,8 +10,9 @@ ExecStart=/usr/bin/pmgpolicy
 KillMode=mixed
 TimeoutStopSec=40
 ExecReload=/bin/kill -HUP $MAINPID
-PIDFile=/run/pmgpolicy.pid
+PIDFile=/run/pmgpolicy/pmgpolicy.pid
 Type=forking
+RuntimeDirectory=pmgpolicy
 
 [Install]
 WantedBy=multi-user.target
diff --git a/src/bin/pmgpolicy b/src/bin/pmgpolicy
index df2e66f4..3f976ff7 100755
--- a/src/bin/pmgpolicy
+++ b/src/bin/pmgpolicy
@@ -56,7 +56,7 @@ if (!GetOptions(%_opts)) {
     exit (-1);
 }
 
-$opt_pidfile = "/run/pmgpolicy.pid" if !$opt_pidfile;
+$opt_pidfile = $ENV{'PIDFILE'} if !$opt_pidfile;
 $opt_max_dequeue = 0 if $opt_testmode;
 
 initlog('pmgpolicy', 'mail');
-- 
2.39.5



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

[pmg-devel] [PATCH pmg-api v5 02/11] pmg-smtp-filter: move pid file into /run/pmg-smtp-filter

[Maximiliano Sandoval]

We use systemd's RuntimeDirectory to ensure the directory exists when needed.

We also set $opt_pidfile using PIDFILE, see
https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#%24PIDFILE.

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
 debian/pmg-smtp-filter.service | 3 ++-
 src/PMG/Utils.pm               | 2 +-
 src/bin/pmg-smtp-filter        | 2 +-
 3 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/debian/pmg-smtp-filter.service b/debian/pmg-smtp-filter.service
index cbf2d6f3..c887dc2d 100644
--- a/debian/pmg-smtp-filter.service
+++ b/debian/pmg-smtp-filter.service
@@ -11,10 +11,11 @@ ExecStart=/usr/bin/pmg-smtp-filter
 KillMode=mixed
 TimeoutStopSec=40
 ExecReload=/bin/kill -HUP $MAINPID
-PIDFile=/run/pmg-smtp-filter.pid
+PIDFile=/run/pmg-smtp-filter/pmg-smtp-filter.pid
 Type=forking
 Restart=on-abort
 RestartSec=10
+RuntimeDirectory=pmg-smtp-filter
 
 [Install]
 WantedBy=multi-user.target
diff --git a/src/PMG/Utils.pm b/src/PMG/Utils.pm
index 3e7adbb6..07a6c9be 100644
--- a/src/PMG/Utils.pm
+++ b/src/PMG/Utils.pm
@@ -1515,7 +1515,7 @@ sub get_pg_server_version {
 
 sub reload_smtp_filter {
 
-    my $pid_file = '/run/pmg-smtp-filter.pid';
+    my $pid_file = '/run/pmg-smtp-filter/pmg-smtp-filter.pid';
     my $pid = PVE::Tools::file_read_firstline($pid_file);
 
     return 0 if !$pid;
diff --git a/src/bin/pmg-smtp-filter b/src/bin/pmg-smtp-filter
index 32bad7b8..fcaaffc5 100755
--- a/src/bin/pmg-smtp-filter
+++ b/src/bin/pmg-smtp-filter
@@ -80,7 +80,7 @@ if (!GetOptions(
     exit (-1);
 }
 
-$opt_pidfile = "/run/${prog_name}.pid" if !$opt_pidfile;
+$opt_pidfile = $ENV{'PIDFILE'} if !$opt_pidfile;
 
 my $max_servers = 1;
 my $min_servers = 1;
-- 
2.39.5



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

[pmg-devel] [PATCH pmg-api v5 03/11] config: store config lock in smtp-filter runtime dir

[Maximiliano Sandoval]

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
 src/PMG/Config.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/PMG/Config.pm b/src/PMG/Config.pm
index 82bd42ec..754cc791 100644
--- a/src/PMG/Config.pm
+++ b/src/PMG/Config.pm
@@ -1827,8 +1827,8 @@ my $pmg_service_params = {
     },
 };
 
-my $smtp_filter_cfg = '/run/pmg-smtp-filter.cfg';
-my $smtp_filter_cfg_lock = '/run/pmg-smtp-filter.cfg.lck';
+my $smtp_filter_cfg = '/run/pmg-smtp-filter/pmg-smtp-filter.cfg';
+my $smtp_filter_cfg_lock = '/run/pmg-smtp-filter/pmg-smtp-filter.cfg.lck';
 
 sub dump_smtp_filter_config {
     my ($self) = @_;
-- 
2.39.5



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

[pmg-devel] [PATCH pmg-api v5 04/11] create new users for the rule db

[Maximiliano Sandoval]

These users will be used by the pmg-smtp-filter and pmgpolicy. We add a
helper function to open the rule_db as a given user.

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
 debian/postinst         |  8 ++++++++
 src/PMG/DBTools.pm      | 26 ++++++++++++++++++++++++--
 src/bin/pmg-smtp-filter |  4 ++--
 src/bin/pmgpolicy       |  6 +++---
 4 files changed, 37 insertions(+), 7 deletions(-)

diff --git a/debian/postinst b/debian/postinst
index 98444d22..708350ec 100644
--- a/debian/postinst
+++ b/debian/postinst
@@ -48,6 +48,10 @@ migrate_apt_auth_conf() {
     fi
 }
 
+migrate_pmg_smtp_filter() {
+    pmgdb update >/dev/null 2>&1 &
+}
+
 case "$1" in
     triggered)
 
@@ -67,6 +71,10 @@ case "$1" in
 
         if test ! -e /proxmox_install_mode ; then
 
+            if test -n "$2" && dpkg --compare-versions "$2" 'lt' '9.0.0'; then
+                migrate_pmg_smtp_filter
+            fi
+
             pmgconf="/etc/pmg/pmg.conf"
             if test -n "$2" && dpkg --compare-versions "$2" 'lt' '8.0.2'; then
                 # on upgrade add pre 8.0 default values for advfilter, use_awl and use_bayes
diff --git a/src/PMG/DBTools.pm b/src/PMG/DBTools.pm
index 1acc0cb6..7b5181ab 100644
--- a/src/PMG/DBTools.pm
+++ b/src/PMG/DBTools.pm
@@ -38,7 +38,7 @@ sub cgreylist_merge_sql {
 }
 
 sub open_ruledb {
-    my ($database, $host, $port) = @_;
+    my ($database, $host, $port, $user) = @_;
 
     $port //= 5432;
 
@@ -74,13 +74,19 @@ sub open_ruledb {
 	return $rdb;
     } else {
 	my $dsn = "DBI:Pg:dbname=$database;host=/var/run/postgresql;port=$port";
-	my $user = $> == 0 ? 'root' : 'www-data';
+	$user //= $> == 0 ? 'root' : 'www-data';
 	my $dbh = DBI->connect($dsn, $user, undef, { PrintError => 0, RaiseError => 1 });
 
 	return $dbh;
     }
 }
 
+sub open_ruledb_as {
+    my ($database, $user) = @_;
+
+    open_ruledb($database, undef, undef, $user);
+}
+
 sub delete_ruledb {
     my ($dbname) = @_;
 
@@ -609,6 +615,22 @@ sub upgradedb {
 	}
     }
 
+    foreach my $user ('pmgpolicy', 'pmg-smtp-filter') {
+	eval {
+	    my $silent_opts = { outfunc => sub {}, errfunc => sub {} };
+	    postgres_admin_cmd('createuser',  $silent_opts, '-D', $user);
+
+	    $dbh->begin_work;
+	    $dbh->do("GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO \"$user\"");
+	    $dbh->do("GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO \"$user\"");
+	    $dbh->commit;
+
+	};
+	if (my $err = $@) {
+	    $dbh->rollback;
+	}
+    }
+
     foreach my $table (keys %$tables) {
 	eval { $dbh->do("ANALYZE $table"); };
 	warn $@ if $@;
diff --git a/src/bin/pmg-smtp-filter b/src/bin/pmg-smtp-filter
index fcaaffc5..e95e6458 100755
--- a/src/bin/pmg-smtp-filter
+++ b/src/bin/pmg-smtp-filter
@@ -387,7 +387,7 @@ sub load_config {
     PMG::MailQueue::create_spooldirs($self->{cinfo}->{local}->{cid});
 
     eval {
-	my $dbh = PMG::DBTools::open_ruledb ($database);
+	my $dbh = PMG::DBTools::open_ruledb_as($database, 'pmg-smtp-filter');
 	$self->{ruledb} = PMG::RuleDB->new ($dbh);
 
 	# load rulecache
@@ -538,7 +538,7 @@ sub run_dequeue {
 
     my $cinfo = PVE::INotify::read_file("cluster.conf");
 
-    my $dbh = eval { PMG::DBTools::open_ruledb($database) };
+    my $dbh = eval { PMG::DBTools::open_ruledb_as($database, 'pmg-smtp-filter') };
     if ($err = $@) {
 	$self->log (0, "ERROR: $err");
 	return;
diff --git a/src/bin/pmgpolicy b/src/bin/pmgpolicy
index 3f976ff7..92fb6f89 100755
--- a/src/bin/pmgpolicy
+++ b/src/bin/pmgpolicy
@@ -142,7 +142,7 @@ sub run_dequeue {
     my $dbh;
 
     eval {
-	$dbh = PMG::DBTools::open_ruledb($database);
+	$dbh = PMG::DBTools::open_ruledb_as($database, 'pmgpolicy');
     };
     my $err = $@;
 
@@ -343,7 +343,7 @@ sub load_config {
     my $dbh;
 
     eval {
-	$dbh = PMG::DBTools::open_ruledb($database);
+	$dbh = PMG::DBTools::open_ruledb_as($database, 'pmgpolicy');
 	$self->{ruledb} = PMG::RuleDB->new($dbh);
 	$self->{rulecache} = PMG::RuleCache->new($self->{ruledb});
     };
@@ -523,7 +523,7 @@ sub greylist_value {
 	$self->log(0, 'Database connection broken - trying to reconnect');
 	my $dbh;
 	eval {
-	    $dbh = PMG::DBTools::open_ruledb($database);
+	    $dbh = PMG::DBTools::open_ruledb_as($database, 'pmgpolicy');
 	};
 	my $err = $@;
 	if ($err) {
-- 
2.39.5



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

[pmg-devel] [PATCH pmg-api v5 05/11] postinstall: add new group for shared functionality

[Maximiliano Sandoval]

A shared group named 'pmg' is introduced for processes that need to be
accessible from multiple processes like spamassassin, rrdcached or the
mail queue at /var/spool/pmg.

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
 debian/pmg-api.sysusers | 1 +
 debian/postinst         | 4 ++++
 debian/rules            | 2 +-
 3 files changed, 6 insertions(+), 1 deletion(-)
 create mode 100644 debian/pmg-api.sysusers

diff --git a/debian/pmg-api.sysusers b/debian/pmg-api.sysusers
new file mode 100644
index 00000000..a546c45f
--- /dev/null
+++ b/debian/pmg-api.sysusers
@@ -0,0 +1 @@
+g pmg             -               -
diff --git a/debian/postinst b/debian/postinst
index 708350ec..9af65ebf 100644
--- a/debian/postinst
+++ b/debian/postinst
@@ -49,6 +49,10 @@ migrate_apt_auth_conf() {
 }
 
 migrate_pmg_smtp_filter() {
+    systemd-sysusers
+
+    chown :pmg /var/lib/pmg
+
     pmgdb update >/dev/null 2>&1 &
 }
 
diff --git a/debian/rules b/debian/rules
index 3e150795..ea8f110c 100755
--- a/debian/rules
+++ b/debian/rules
@@ -13,7 +13,7 @@ include debian/rules.env
 export REPOID=${REPOID_GENERATED}
 
 %:
-	dh $@
+	dh $@ --with installsysusers
 
 override_dh_installsystemd:
 	dh_installsystemd --no-start --no-stop-on-upgrade \
-- 
2.39.5



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

[pmg-devel] [PATCH pmg-api v5 06/11] postinstall: make rrdcached be readable by the pmg group

[Maximiliano Sandoval]

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
 debian/install                  | 1 +
 debian/postinst                 | 5 +++++
 debian/rrdcached-sockgroup.conf | 2 ++
 3 files changed, 8 insertions(+)
 create mode 100644 debian/rrdcached-sockgroup.conf

diff --git a/debian/install b/debian/install
index 35882f85..491dfdfd 100644
--- a/debian/install
+++ b/debian/install
@@ -11,3 +11,4 @@ debian/pmgreport.service /lib/systemd/system/
 debian/pmgspamreport.service /lib/systemd/system/
 debian/pmgsync.service /lib/systemd/system/
 debian/pmgtunnel.service /lib/systemd/system/
+debian/rrdcached-sockgroup.conf /lib/systemd/system/rrdcached.service.d/
diff --git a/debian/postinst b/debian/postinst
index 9af65ebf..c12870fa 100644
--- a/debian/postinst
+++ b/debian/postinst
@@ -53,6 +53,11 @@ migrate_pmg_smtp_filter() {
 
     chown :pmg /var/lib/pmg
 
+    if systemctl --quiet is-active rrdcached.service ; then
+        systemctl daemon-reload
+        deb-systemd-invoke reload-or-try-restart rrdcached.service >/dev/null || true
+    fi
+
     pmgdb update >/dev/null 2>&1 &
 }
 
diff --git a/debian/rrdcached-sockgroup.conf b/debian/rrdcached-sockgroup.conf
new file mode 100644
index 00000000..bee76ac2
--- /dev/null
+++ b/debian/rrdcached-sockgroup.conf
@@ -0,0 +1,2 @@
+[Service]
+Environment=SOCKGROUP=pmg
-- 
2.39.5



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

[pmg-devel] [PATCH pmg-api v5 07/11] spamasassin: store files in dir managed by pmg

[Maximiliano Sandoval]

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
 src/PMG/Config.pm       | 8 ++++----
 src/PMG/Report.pm       | 2 +-
 src/bin/pmg-smtp-filter | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/PMG/Config.pm b/src/PMG/Config.pm
index 754cc791..89873f56 100644
--- a/src/PMG/Config.pm
+++ b/src/PMG/Config.pm
@@ -1601,13 +1601,13 @@ sub rewrite_config_spam {
 
     # delete AW and bayes databases if those features are disabled
     if (!$use_awl) {
-	$changes = 1 if unlink '/root/.spamassassin/auto-whitelist';
+	$changes = 1 if unlink '/var/lib/pmg/spamassassin/auto-whitelist';
     }
 
     if (!$use_bayes) {
-	$changes = 1 if unlink '/root/.spamassassin/bayes_journal';
-	$changes = 1 if unlink '/root/.spamassassin/bayes_seen';
-	$changes = 1 if unlink '/root/.spamassassin/bayes_toks';
+	$changes = 1 if unlink '/var/lib/pmg/spamassassin/bayes_journal';
+	$changes = 1 if unlink '/var/lib/pmg/spamassassin/bayes_seen';
+	$changes = 1 if unlink '/var/lib/pmg/spamassassin/bayes_toks';
     }
 
     # make sure we have the custom SA files (else cluster sync fails)
diff --git a/src/PMG/Report.pm b/src/PMG/Report.pm
index 79060a08..a93f00f2 100644
--- a/src/PMG/Report.pm
+++ b/src/PMG/Report.pm
@@ -125,7 +125,7 @@ sub check_dns_resolution {
 	debug => 0,
 	local_tests_only => 0,
 	home_dir_for_helpers => '/root',
-	userstate_dir => '/root/.spamassassin',
+	userstate_dir => '/var/lib/pmg/spamassassin',
 	dont_copy_prefs   => 1,
 	stop_at_threshold => 0,
     });
diff --git a/src/bin/pmg-smtp-filter b/src/bin/pmg-smtp-filter
index e95e6458..f46d4ccf 100755
--- a/src/bin/pmg-smtp-filter
+++ b/src/bin/pmg-smtp-filter
@@ -460,7 +460,7 @@ sub pre_loop_hook {
 	debug => 0,
 	local_tests_only => $opt_testmode || !$rbl_checks,
 	home_dir_for_helpers => '/root',
-	userstate_dir => '/root/.spamassassin',
+	userstate_dir => '/var/lib/pmg/spamassassin',
 	dont_copy_prefs   => 1,
 	stop_at_threshold => 0,
     });
-- 
2.39.5



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

[pmg-devel] [PATCH pmg-api v5 08/11] mailqueue: make mail queue writable by pmg group

[Maximiliano Sandoval]

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
 debian/postinst      | 9 +++++++++
 src/PMG/MailQueue.pm | 7 ++++---
 2 files changed, 13 insertions(+), 3 deletions(-)

diff --git a/debian/postinst b/debian/postinst
index c12870fa..ba6497a0 100644
--- a/debian/postinst
+++ b/debian/postinst
@@ -53,6 +53,15 @@ migrate_pmg_smtp_filter() {
 
     chown :pmg /var/lib/pmg
 
+    chown :pmg /var/spool/pmg/active
+    chown :pmg /var/spool/pmg/virus
+    chown :pmg /var/spool/pmg/spam
+    chown :pmg /var/spool/pmg/attachment
+    chmod g+w /var/spool/pmg/active
+    chmod g+w /var/spool/pmg/virus
+    chmod g+w /var/spool/pmg/spam
+    chmod g+w /var/spool/pmg/attachment
+
     if systemctl --quiet is-active rrdcached.service ; then
         systemctl daemon-reload
         deb-systemd-invoke reload-or-try-restart rrdcached.service >/dev/null || true
diff --git a/src/PMG/MailQueue.pm b/src/PMG/MailQueue.pm
index 4e37cb98..adbf28c1 100644
--- a/src/PMG/MailQueue.pm
+++ b/src/PMG/MailQueue.pm
@@ -33,12 +33,13 @@ sub create_spooldirs {
 	"$spooldir/attachment",
     ]) if $cleanup;
 
-    mkpath([
+    mkpath(
 	"$spooldir/active",
 	"$spooldir/spam",
 	"$spooldir/virus",
 	"$spooldir/attachment",
-    ]);
+	{ group=>'pmg', chmod=>0775 },
+    );
 
     if ($lcid) {
 	mkpath "$spooldir/cluster/$lcid/virus";
@@ -68,7 +69,7 @@ sub new_fileid {
     my $uid;
     my $subsubdir = '';
 
-    if (!($fh = IO::File->new ($path, 'w+', 0600))) {
+    if (!($fh = IO::File->new ($path, 'w+', 0660))) {
 	die "unable to create file '$path': $! : ERROR";
     }
 
-- 
2.39.5



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

[pmg-devel] [PATCH pmg-api v5 09/11] d/sysusers: add users for pmgpolicy and smtp-filter

[Maximiliano Sandoval]

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
 debian/pmg-api.sysusers | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/debian/pmg-api.sysusers b/debian/pmg-api.sysusers
index a546c45f..cf536230 100644
--- a/debian/pmg-api.sysusers
+++ b/debian/pmg-api.sysusers
@@ -1 +1,5 @@
 g pmg             -               -
+u pmg-smtp-filter -               "SMTP filter user"
+u pmgpolicy       -               "Mail policy user"
+m pmg-smtp-filter pmg             -
+m pmgpolicy       pmg             -
-- 
2.39.5



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

[pmg-devel] [PATCH pmg-api v5 10/11] pmgpolicy: set SumplementaryGroups=systemd-journal

[Maximiliano Sandoval]

We need access to the system journal.

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
 debian/pmgpolicy.service | 1 +
 1 file changed, 1 insertion(+)

diff --git a/debian/pmgpolicy.service b/debian/pmgpolicy.service
index 21a403f0..200ade5f 100644
--- a/debian/pmgpolicy.service
+++ b/debian/pmgpolicy.service
@@ -13,6 +13,7 @@ ExecReload=/bin/kill -HUP $MAINPID
 PIDFile=/run/pmgpolicy/pmgpolicy.pid
 Type=forking
 RuntimeDirectory=pmgpolicy
+SupplementaryGroups=systemd-journal
 
 [Install]
 WantedBy=multi-user.target
-- 
2.39.5



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

[pmg-devel] [PATCH pmg-api v5 11/11] fix #4926: run pmg-smtp-filter and pmgpolicy without root rights

[Maximiliano Sandoval]

New users 'pmg-smpt-filter' and 'pmgpolicy' are created for their
respective processes and we set their systemd units to use them.

Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
---
 debian/pmg-smtp-filter.service | 2 ++
 debian/pmgpolicy.service       | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/debian/pmg-smtp-filter.service b/debian/pmg-smtp-filter.service
index c887dc2d..c4d5e385 100644
--- a/debian/pmg-smtp-filter.service
+++ b/debian/pmg-smtp-filter.service
@@ -16,6 +16,8 @@ Type=forking
 Restart=on-abort
 RestartSec=10
 RuntimeDirectory=pmg-smtp-filter
+User=pmg-smtp-filter
+Group=pmg-smtp-filter
 
 [Install]
 WantedBy=multi-user.target
diff --git a/debian/pmgpolicy.service b/debian/pmgpolicy.service
index 200ade5f..275f6631 100644
--- a/debian/pmgpolicy.service
+++ b/debian/pmgpolicy.service
@@ -13,6 +13,8 @@ ExecReload=/bin/kill -HUP $MAINPID
 PIDFile=/run/pmgpolicy/pmgpolicy.pid
 Type=forking
 RuntimeDirectory=pmgpolicy
+User=pmgpolicy
+Group=pmgpolicy
 SupplementaryGroups=systemd-journal
 
 [Install]
-- 
2.39.5



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

Re: [pmg-devel] [PATCH pmg-api v5 01/11] pmgpolicy: move pid file into /run/pmgpolicy

[Stoiko Ivanov]

Hi,

writing the general feedback for the series here - as there's no
cover-letter - hope that's ok!

Thanks big time for tackling this and sending updates so often!

The series looks quite nice already in general!
A few nits (I'll send replies to the individual patches for those)
Most of them are related to the commit-messages being a bit to terse, and
lacking a few explanation, which might help reviewers - or people looking
for bugs in the future.

else - I rebased it (after the tree-wide run of proxmox-perltidy on
pmg-api) - so if you want to spare yourself the hassle - it's on my staff
repo

comments inline:
On Fri,  4 Apr 2025 15:14:28 +0200
Maximiliano Sandoval <m.sandoval@proxmox.com> wrote:

> We use systemd's RuntimeDirectory to ensure the directory exists when needed.
> 
> We also set $opt_pidfile using PIDFILE, see
> https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#%24PIDFILE.
> 
> Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
> ---
> 
> Differences from v4:
>  - Run pmg-smtp-filter migration if coming from a version older than 9.0.0.
>  - Instead of adding the pmgpolicy user to the pmg group, pmgproxy.service is
>    started with SupplementaryGroups=systemd-journal
is that a typo? (pmgpolicy is not added to the pmg-group therefore
pmgproxy is started with an another group?)
(in both cases - a short line as to why would help)

>  - Use $ENV{'PIDFILE'} instead of hardcoding PID path on binaries backed up
>    with a systemd service
Not 100% sure - is using the PIDFILE env-var here to address Fiona's
feedback from
https://lore.proxmox.com/all/38c4a43b-5f49-41a0-98ca-3911676a0232@proxmox.com/
? - If so - I'm not sure that this would be enough - as the pid-file is
read by other services (pmgdaemon upon config-changes) - so I still see a
theoretical potential for a race (but would assume that all services
should be restarted one after the other while pmg-api (which ships
all of the services) is upgraded - so I think it should be ok.


> 
> Differences from v3:
>  - Override rrdcached's systemd unit to add SOCKGROUP=pmg instead of
>    modifying /etc/default/rrdcached.conf
> 
> Differences from v2:
>  - Use systemd-sysusers for creating users
> 
>  debian/pmgpolicy.service | 3 ++-
>  src/bin/pmgpolicy        | 2 +-
>  2 files changed, 3 insertions(+), 2 deletions(-)
> 
> diff --git a/debian/pmgpolicy.service b/debian/pmgpolicy.service
> index 517a5d61..21a403f0 100644
> --- a/debian/pmgpolicy.service
> +++ b/debian/pmgpolicy.service
> @@ -10,8 +10,9 @@ ExecStart=/usr/bin/pmgpolicy
>  KillMode=mixed
>  TimeoutStopSec=40
>  ExecReload=/bin/kill -HUP $MAINPID
> -PIDFile=/run/pmgpolicy.pid
> +PIDFile=/run/pmgpolicy/pmgpolicy.pid
>  Type=forking
> +RuntimeDirectory=pmgpolicy
>  
>  [Install]
>  WantedBy=multi-user.target
> diff --git a/src/bin/pmgpolicy b/src/bin/pmgpolicy
> index df2e66f4..3f976ff7 100755
> --- a/src/bin/pmgpolicy
> +++ b/src/bin/pmgpolicy
> @@ -56,7 +56,7 @@ if (!GetOptions(%_opts)) {
>      exit (-1);
>  }
>  
> -$opt_pidfile = "/run/pmgpolicy.pid" if !$opt_pidfile;
> +$opt_pidfile = $ENV{'PIDFILE'} if !$opt_pidfile;
>  $opt_max_dequeue = 0 if $opt_testmode;
>  
>  initlog('pmgpolicy', 'mail');



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

Re: [pmg-devel] [PATCH pmg-api v5 02/11] pmg-smtp-filter: move pid file into /run/pmg-smtp-filter

[Stoiko Ivanov]

the pmg-smtp-filter is started by a few of our internal tests - which
seems to break due to this change (looks like systemd removes the
RuntimeDirectory when the service stops...)
If in doubt - just create it when starting?


On Fri,  4 Apr 2025 15:14:29 +0200
Maximiliano Sandoval <m.sandoval@proxmox.com> wrote:

> We use systemd's RuntimeDirectory to ensure the directory exists when needed.
> 
> We also set $opt_pidfile using PIDFILE, see
> https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#%24PIDFILE.
> 
> Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
> ---
>  debian/pmg-smtp-filter.service | 3 ++-
>  src/PMG/Utils.pm               | 2 +-
>  src/bin/pmg-smtp-filter        | 2 +-
>  3 files changed, 4 insertions(+), 3 deletions(-)
> 
> diff --git a/debian/pmg-smtp-filter.service b/debian/pmg-smtp-filter.service
> index cbf2d6f3..c887dc2d 100644
> --- a/debian/pmg-smtp-filter.service
> +++ b/debian/pmg-smtp-filter.service
> @@ -11,10 +11,11 @@ ExecStart=/usr/bin/pmg-smtp-filter
>  KillMode=mixed
>  TimeoutStopSec=40
>  ExecReload=/bin/kill -HUP $MAINPID
> -PIDFile=/run/pmg-smtp-filter.pid
> +PIDFile=/run/pmg-smtp-filter/pmg-smtp-filter.pid
>  Type=forking
>  Restart=on-abort
>  RestartSec=10
> +RuntimeDirectory=pmg-smtp-filter
>  
>  [Install]
>  WantedBy=multi-user.target
> diff --git a/src/PMG/Utils.pm b/src/PMG/Utils.pm
> index 3e7adbb6..07a6c9be 100644
> --- a/src/PMG/Utils.pm
> +++ b/src/PMG/Utils.pm
> @@ -1515,7 +1515,7 @@ sub get_pg_server_version {
>  
>  sub reload_smtp_filter {
>  
> -    my $pid_file = '/run/pmg-smtp-filter.pid';
> +    my $pid_file = '/run/pmg-smtp-filter/pmg-smtp-filter.pid';
>      my $pid = PVE::Tools::file_read_firstline($pid_file);
>  
>      return 0 if !$pid;
> diff --git a/src/bin/pmg-smtp-filter b/src/bin/pmg-smtp-filter
> index 32bad7b8..fcaaffc5 100755
> --- a/src/bin/pmg-smtp-filter
> +++ b/src/bin/pmg-smtp-filter
> @@ -80,7 +80,7 @@ if (!GetOptions(
>      exit (-1);
>  }
>  
> -$opt_pidfile = "/run/${prog_name}.pid" if !$opt_pidfile;
> +$opt_pidfile = $ENV{'PIDFILE'} if !$opt_pidfile;
>  
>  my $max_servers = 1;
>  my $min_servers = 1;



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

Re: [pmg-devel] [PATCH pmg-api v5 03/11] config: store config lock in smtp-filter runtime dir

[Stoiko Ivanov]

This seems to make  pmgsync.service fail upon rebooting
(it calls, among other things, `pmgconfig sync`, which seems to try to access
the not-yet existing directory):
``
Aug 14 00:41:16 pmg-on-trixietest pmgconfig[257]: reloading pmg-smtp-filter: can't open '/run/pmg-smtp-filter/pmg-smtp-filter.cfg' - No such file or directory Aug 14 00:41:16 pmg-on-trixietest pmgconfig[257]: can't lock file '/run/pmg-smtp-filter/pmg-smtp-filter.cfg.lck' - can't open file - No such file or directory
Aug 14 00:41:16 pmg-on-trixietest systemd[1]: pmgsync.service: Main process exited, code=exited, status=255/EXCEPTION
Aug 14 00:41:16 pmg-on-trixietest systemd[1]: pmgsync.service: Failed with result 'exit-code'.
Aug 14 00:41:16 pmg-on-trixietest systemd[1]: Failed to start pmgsync.service - Sync Proxmox Configuration.
```

On Fri,  4 Apr 2025 15:14:30 +0200
Maximiliano Sandoval <m.sandoval@proxmox.com> wrote:

> Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
> ---
>  src/PMG/Config.pm | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/src/PMG/Config.pm b/src/PMG/Config.pm
> index 82bd42ec..754cc791 100644
> --- a/src/PMG/Config.pm
> +++ b/src/PMG/Config.pm
> @@ -1827,8 +1827,8 @@ my $pmg_service_params = {
>      },
>  };
>  
> -my $smtp_filter_cfg = '/run/pmg-smtp-filter.cfg';
> -my $smtp_filter_cfg_lock = '/run/pmg-smtp-filter.cfg.lck';
> +my $smtp_filter_cfg = '/run/pmg-smtp-filter/pmg-smtp-filter.cfg';
> +my $smtp_filter_cfg_lock = '/run/pmg-smtp-filter/pmg-smtp-filter.cfg.lck';
>  
>  sub dump_smtp_filter_config {
>      my ($self) = @_;



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

Re: [pmg-devel] [PATCH pmg-api v5 04/11] create new users for the rule db

[Stoiko Ivanov]

On Fri,  4 Apr 2025 15:14:31 +0200
Maximiliano Sandoval <m.sandoval@proxmox.com> wrote:

> These users will be used by the pmg-smtp-filter and pmgpolicy. We add a
> helper function to open the rule_db as a given user.
> 
> Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
> ---
>  debian/postinst         |  8 ++++++++
>  src/PMG/DBTools.pm      | 26 ++++++++++++++++++++++++--
>  src/bin/pmg-smtp-filter |  4 ++--
>  src/bin/pmgpolicy       |  6 +++---
>  4 files changed, 37 insertions(+), 7 deletions(-)
> 
> diff --git a/debian/postinst b/debian/postinst
> index 98444d22..708350ec 100644
> --- a/debian/postinst
> +++ b/debian/postinst
> @@ -48,6 +48,10 @@ migrate_apt_auth_conf() {
>      fi
>  }
>  
> +migrate_pmg_smtp_filter() {
> +    pmgdb update >/dev/null 2>&1 &
> +}
> +
a) `pmgdb update` gets called below upon upgrade anyways
b) the creation of the users happens in upgradedb, which gets called on
`pmgdb init` (which also gets called upon upgrade below) - but I see that
the naming does invite misunderstandings!


>  case "$1" in
>      triggered)
>  
> @@ -67,6 +71,10 @@ case "$1" in
>  
>          if test ! -e /proxmox_install_mode ; then
>  
> +            if test -n "$2" && dpkg --compare-versions "$2" 'lt' '9.0.0'; then
> +                migrate_pmg_smtp_filter
> +            fi
> +
>              pmgconf="/etc/pmg/pmg.conf"
>              if test -n "$2" && dpkg --compare-versions "$2" 'lt' '8.0.2'; then
>                  # on upgrade add pre 8.0 default values for advfilter, use_awl and use_bayes
> diff --git a/src/PMG/DBTools.pm b/src/PMG/DBTools.pm
> index 1acc0cb6..7b5181ab 100644
> --- a/src/PMG/DBTools.pm
> +++ b/src/PMG/DBTools.pm
> @@ -38,7 +38,7 @@ sub cgreylist_merge_sql {
>  }
>  
>  sub open_ruledb {
> -    my ($database, $host, $port) = @_;
> +    my ($database, $host, $port, $user) = @_;
>  
>      $port //= 5432;
>  
> @@ -74,13 +74,19 @@ sub open_ruledb {
>  	return $rdb;
>      } else {
>  	my $dsn = "DBI:Pg:dbname=$database;host=/var/run/postgresql;port=$port";
> -	my $user = $> == 0 ? 'root' : 'www-data';
> +	$user //= $> == 0 ? 'root' : 'www-data';
>  	my $dbh = DBI->connect($dsn, $user, undef, { PrintError => 0, RaiseError => 1 });
>  
>  	return $dbh;
>      }
>  }
>  
> +sub open_ruledb_as {
> +    my ($database, $user) = @_;
> +
> +    open_ruledb($database, undef, undef, $user);
could we infer the user from `$</$UID` (see `man perlvar` and
https://perldoc.perl.org/functions/getpwuid)?


> +}
> +
>  sub delete_ruledb {
>      my ($dbname) = @_;
>  
> @@ -609,6 +615,22 @@ sub upgradedb {
>  	}
>      }
>  
> +    foreach my $user ('pmgpolicy', 'pmg-smtp-filter') {
> +	eval {
> +	    my $silent_opts = { outfunc => sub {}, errfunc => sub {} };
> +	    postgres_admin_cmd('createuser',  $silent_opts, '-D', $user);
> +
> +	    $dbh->begin_work;
> +	    $dbh->do("GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO \"$user\"");
> +	    $dbh->do("GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA public TO \"$user\"");
this grants quite many rights to the users - which is probably ok (as the
services currently have them as well and both need to write in some tables
(statistics for both, greylisting for pmgpolicy at least (from memory))
but please do mention why you think it's ok in the commit-message/a
comment - else it's hard to reason why this was ok a few years from now.

> +	    $dbh->commit;
this line here - or the use of `do`, or the `createuser` call failing after
the user is created once  and this line causes the following
warning in the journal upon booting:
```
Aug 14 00:41:15 pmg-on-trixietest systemd[1]: Starting pmgsync.service - Sync Proxmox Configuration...
Aug 14 00:41:15 pmg-on-trixietest pmgdb[246]: Analyzing/Upgrading existing Databases...rollback ineffective with AutoCommit enabled at /usr/share/perl5/PMG/DBTools.pm line 666.
Aug 14 00:41:15 pmg-on-trixietest pmgdb[246]: rollback ineffective with AutoCommit enabled at /usr/share/perl5/PMG/DBTools.pm line 666.
Aug 14 00:41:15 pmg-on-trixietest pmgdb[246]: done
```



> +
> +	};
> +	if (my $err = $@) {
> +	    $dbh->rollback;
> +	}
> +    }
> +
>      foreach my $table (keys %$tables) {
>  	eval { $dbh->do("ANALYZE $table"); };
>  	warn $@ if $@;
> diff --git a/src/bin/pmg-smtp-filter b/src/bin/pmg-smtp-filter
> index fcaaffc5..e95e6458 100755
> --- a/src/bin/pmg-smtp-filter
> +++ b/src/bin/pmg-smtp-filter
> @@ -387,7 +387,7 @@ sub load_config {
>      PMG::MailQueue::create_spooldirs($self->{cinfo}->{local}->{cid});
>  
>      eval {
> -	my $dbh = PMG::DBTools::open_ruledb ($database);
> +	my $dbh = PMG::DBTools::open_ruledb_as($database, 'pmg-smtp-filter');
>  	$self->{ruledb} = PMG::RuleDB->new ($dbh);
>  
>  	# load rulecache
> @@ -538,7 +538,7 @@ sub run_dequeue {
>  
>      my $cinfo = PVE::INotify::read_file("cluster.conf");
>  
> -    my $dbh = eval { PMG::DBTools::open_ruledb($database) };
> +    my $dbh = eval { PMG::DBTools::open_ruledb_as($database, 'pmg-smtp-filter') };
>      if ($err = $@) {
>  	$self->log (0, "ERROR: $err");
>  	return;
> diff --git a/src/bin/pmgpolicy b/src/bin/pmgpolicy
> index 3f976ff7..92fb6f89 100755
> --- a/src/bin/pmgpolicy
> +++ b/src/bin/pmgpolicy
> @@ -142,7 +142,7 @@ sub run_dequeue {
>      my $dbh;
>  
>      eval {
> -	$dbh = PMG::DBTools::open_ruledb($database);
> +	$dbh = PMG::DBTools::open_ruledb_as($database, 'pmgpolicy');
>      };
>      my $err = $@;
>  
> @@ -343,7 +343,7 @@ sub load_config {
>      my $dbh;
>  
>      eval {
> -	$dbh = PMG::DBTools::open_ruledb($database);
> +	$dbh = PMG::DBTools::open_ruledb_as($database, 'pmgpolicy');
>  	$self->{ruledb} = PMG::RuleDB->new($dbh);
>  	$self->{rulecache} = PMG::RuleCache->new($self->{ruledb});
>      };
> @@ -523,7 +523,7 @@ sub greylist_value {
>  	$self->log(0, 'Database connection broken - trying to reconnect');
>  	my $dbh;
>  	eval {
> -	    $dbh = PMG::DBTools::open_ruledb($database);
> +	    $dbh = PMG::DBTools::open_ruledb_as($database, 'pmgpolicy');
>  	};
>  	my $err = $@;
>  	if ($err) {



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

Re: [pmg-devel] [PATCH pmg-api v5 05/11] postinstall: add new group for shared functionality

[Stoiko Ivanov]

TIL: `systemd-sysusers` - thanks!
looks fine - a short comment/link to why the flag to `dh` is (still?)
needed would help me here

On Fri,  4 Apr 2025 15:14:32 +0200
Maximiliano Sandoval <m.sandoval@proxmox.com> wrote:

> A shared group named 'pmg' is introduced for processes that need to be
> accessible from multiple processes like spamassassin, rrdcached or the
> mail queue at /var/spool/pmg.
> 
> Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
> ---
>  debian/pmg-api.sysusers | 1 +
>  debian/postinst         | 4 ++++
>  debian/rules            | 2 +-
>  3 files changed, 6 insertions(+), 1 deletion(-)
>  create mode 100644 debian/pmg-api.sysusers
> 
> diff --git a/debian/pmg-api.sysusers b/debian/pmg-api.sysusers
> new file mode 100644
> index 00000000..a546c45f
> --- /dev/null
> +++ b/debian/pmg-api.sysusers
> @@ -0,0 +1 @@
> +g pmg             -               -
> diff --git a/debian/postinst b/debian/postinst
> index 708350ec..9af65ebf 100644
> --- a/debian/postinst
> +++ b/debian/postinst
> @@ -49,6 +49,10 @@ migrate_apt_auth_conf() {
>  }
>  
>  migrate_pmg_smtp_filter() {
> +    systemd-sysusers
> +
> +    chown :pmg /var/lib/pmg
> +
>      pmgdb update >/dev/null 2>&1 &
>  }
>  
> diff --git a/debian/rules b/debian/rules
> index 3e150795..ea8f110c 100755
> --- a/debian/rules
> +++ b/debian/rules
> @@ -13,7 +13,7 @@ include debian/rules.env
>  export REPOID=${REPOID_GENERATED}
>  
>  %:
> -	dh $@
> +	dh $@ --with installsysusers
>  
>  override_dh_installsystemd:
>  	dh_installsystemd --no-start --no-stop-on-upgrade \



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

Re: [pmg-devel] [PATCH pmg-api v5 08/11] mailqueue: make mail queue writable by pmg group

[Stoiko Ivanov]

On Fri,  4 Apr 2025 15:14:35 +0200
Maximiliano Sandoval <m.sandoval@proxmox.com> wrote:

> Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
> ---
>  debian/postinst      | 9 +++++++++
>  src/PMG/MailQueue.pm | 7 ++++---
>  2 files changed, 13 insertions(+), 3 deletions(-)
> 
> diff --git a/debian/postinst b/debian/postinst
> index c12870fa..ba6497a0 100644
> --- a/debian/postinst
> +++ b/debian/postinst
> @@ -53,6 +53,15 @@ migrate_pmg_smtp_filter() {
>  
>      chown :pmg /var/lib/pmg
>  
> +    chown :pmg /var/spool/pmg/active
> +    chown :pmg /var/spool/pmg/virus
> +    chown :pmg /var/spool/pmg/spam
> +    chown :pmg /var/spool/pmg/attachment
> +    chmod g+w /var/spool/pmg/active
> +    chmod g+w /var/spool/pmg/virus
> +    chmod g+w /var/spool/pmg/spam
> +    chmod g+w /var/spool/pmg/attachment
> +

I think this would be a bit more readable as a loop over `active virus spam
attachment`.


>      if systemctl --quiet is-active rrdcached.service ; then
>          systemctl daemon-reload
>          deb-systemd-invoke reload-or-try-restart rrdcached.service >/dev/null || true
> diff --git a/src/PMG/MailQueue.pm b/src/PMG/MailQueue.pm
> index 4e37cb98..adbf28c1 100644
> --- a/src/PMG/MailQueue.pm
> +++ b/src/PMG/MailQueue.pm
> @@ -33,12 +33,13 @@ sub create_spooldirs {
>  	"$spooldir/attachment",
>      ]) if $cleanup;
>  
> -    mkpath([
> +    mkpath(
>  	"$spooldir/active",
>  	"$spooldir/spam",
>  	"$spooldir/virus",
>  	"$spooldir/attachment",
> -    ]);
> +	{ group=>'pmg', chmod=>0775 },
> +    );
>  
>      if ($lcid) {
>  	mkpath "$spooldir/cluster/$lcid/virus";
> @@ -68,7 +69,7 @@ sub new_fileid {
>      my $uid;
>      my $subsubdir = '';
>  
> -    if (!($fh = IO::File->new ($path, 'w+', 0600))) {
> +    if (!($fh = IO::File->new ($path, 'w+', 0660))) {
>  	die "unable to create file '$path': $! : ERROR";
>      }
>  



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

Re: [pmg-devel] [PATCH pmg-api v5 07/11] spamasassin: store files in dir managed by pmg

[Stoiko Ivanov]

we probably should migrate the files upon upgrading (all new installations
don't have thos settings enabled by default, but everything installed
<=7.3 should have it enabled by default - so it probably will change the
behavior for users) 

On Fri,  4 Apr 2025 15:14:34 +0200
Maximiliano Sandoval <m.sandoval@proxmox.com> wrote:

> Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
> ---
>  src/PMG/Config.pm       | 8 ++++----
>  src/PMG/Report.pm       | 2 +-
>  src/bin/pmg-smtp-filter | 2 +-
>  3 files changed, 6 insertions(+), 6 deletions(-)
> 
> diff --git a/src/PMG/Config.pm b/src/PMG/Config.pm
> index 754cc791..89873f56 100644
> --- a/src/PMG/Config.pm
> +++ b/src/PMG/Config.pm
> @@ -1601,13 +1601,13 @@ sub rewrite_config_spam {
>  
>      # delete AW and bayes databases if those features are disabled
>      if (!$use_awl) {
> -	$changes = 1 if unlink '/root/.spamassassin/auto-whitelist';
> +	$changes = 1 if unlink '/var/lib/pmg/spamassassin/auto-whitelist';
>      }
>  
>      if (!$use_bayes) {
> -	$changes = 1 if unlink '/root/.spamassassin/bayes_journal';
> -	$changes = 1 if unlink '/root/.spamassassin/bayes_seen';
> -	$changes = 1 if unlink '/root/.spamassassin/bayes_toks';
> +	$changes = 1 if unlink '/var/lib/pmg/spamassassin/bayes_journal';
> +	$changes = 1 if unlink '/var/lib/pmg/spamassassin/bayes_seen';
> +	$changes = 1 if unlink '/var/lib/pmg/spamassassin/bayes_toks';
>      }
>  
>      # make sure we have the custom SA files (else cluster sync fails)
> diff --git a/src/PMG/Report.pm b/src/PMG/Report.pm
> index 79060a08..a93f00f2 100644
> --- a/src/PMG/Report.pm
> +++ b/src/PMG/Report.pm
> @@ -125,7 +125,7 @@ sub check_dns_resolution {
>  	debug => 0,
>  	local_tests_only => 0,
>  	home_dir_for_helpers => '/root',
> -	userstate_dir => '/root/.spamassassin',
> +	userstate_dir => '/var/lib/pmg/spamassassin',
>  	dont_copy_prefs   => 1,
>  	stop_at_threshold => 0,
>      });
> diff --git a/src/bin/pmg-smtp-filter b/src/bin/pmg-smtp-filter
> index e95e6458..f46d4ccf 100755
> --- a/src/bin/pmg-smtp-filter
> +++ b/src/bin/pmg-smtp-filter
> @@ -460,7 +460,7 @@ sub pre_loop_hook {
>  	debug => 0,
>  	local_tests_only => $opt_testmode || !$rbl_checks,
>  	home_dir_for_helpers => '/root',
> -	userstate_dir => '/root/.spamassassin',
> +	userstate_dir => '/var/lib/pmg/spamassassin',
>  	dont_copy_prefs   => 1,
>  	stop_at_threshold => 0,
>      });



_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

Re: [pmg-devel] [PATCH pmg-api v5 01/11] pmgpolicy: move pid file into /run/pmgpolicy

[Maximiliano Sandoval]

Stoiko Ivanov <s.ivanov@proxmox.com> writes:

> Hi,
>
> writing the general feedback for the series here - as there's no
> cover-letter - hope that's ok!
>
> Thanks big time for tackling this and sending updates so often!
>
> The series looks quite nice already in general!
> A few nits (I'll send replies to the individual patches for those)
> Most of them are related to the commit-messages being a bit to terse, and
> lacking a few explanation, which might help reviewers - or people looking
> for bugs in the future.
>
> else - I rebased it (after the tree-wide run of proxmox-perltidy on
> pmg-api) - so if you want to spare yourself the hassle - it's on my staff
> repo
>
> comments inline:
> On Fri,  4 Apr 2025 15:14:28 +0200
> Maximiliano Sandoval <m.sandoval@proxmox.com> wrote:
>
>> We use systemd's RuntimeDirectory to ensure the directory exists when needed.
>> 
>> We also set $opt_pidfile using PIDFILE, see
>> https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#%24PIDFILE.
>> 
>> Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
>> ---
>> 
>> Differences from v4:
>>  - Run pmg-smtp-filter migration if coming from a version older than 9.0.0.
>>  - Instead of adding the pmgpolicy user to the pmg group, pmgproxy.service is
>>    started with SupplementaryGroups=systemd-journal
> is that a typo? (pmgpolicy is not added to the pmg-group therefore
> pmgproxy is started with an another group?)
> (in both cases - a short line as to why would help)

The pmgpolicy user is added to the pmg group later on however this
should read "Instead of adding the pmgpolicy user to the systemd-journal
group, pmgproxy.service is started with
SupplementaryGroups=systemd-journal"

>
>>  - Use $ENV{'PIDFILE'} instead of hardcoding PID path on binaries backed up
>>    with a systemd service
> Not 100% sure - is using the PIDFILE env-var here to address Fiona's
> feedback from
> https://lore.proxmox.com/all/38c4a43b-5f49-41a0-98ca-3911676a0232@proxmox.com/
> ? - If so - I'm not sure that this would be enough - as the pid-file is
> read by other services (pmgdaemon upon config-changes) - so I still see a
> theoretical potential for a race (but would assume that all services
> should be restarted one after the other while pmg-api (which ships
> all of the services) is upgraded - so I think it should be ok.
>

This is only done so that the pid file is hardcoded in only 2 (one for
the shared uses) places instead of 3.

>> 
>> Differences from v3:
>>  - Override rrdcached's systemd unit to add SOCKGROUP=pmg instead of
>>    modifying /etc/default/rrdcached.conf
>> 
>> Differences from v2:
>>  - Use systemd-sysusers for creating users
>> 
>>  debian/pmgpolicy.service | 3 ++-
>>  src/bin/pmgpolicy        | 2 +-
>>  2 files changed, 3 insertions(+), 2 deletions(-)
>> 
>> diff --git a/debian/pmgpolicy.service b/debian/pmgpolicy.service
>> index 517a5d61..21a403f0 100644
>> --- a/debian/pmgpolicy.service
>> +++ b/debian/pmgpolicy.service
>> @@ -10,8 +10,9 @@ ExecStart=/usr/bin/pmgpolicy
>>  KillMode=mixed
>>  TimeoutStopSec=40
>>  ExecReload=/bin/kill -HUP $MAINPID
>> -PIDFile=/run/pmgpolicy.pid
>> +PIDFile=/run/pmgpolicy/pmgpolicy.pid
>>  Type=forking
>> +RuntimeDirectory=pmgpolicy
>>  
>>  [Install]
>>  WantedBy=multi-user.target
>> diff --git a/src/bin/pmgpolicy b/src/bin/pmgpolicy
>> index df2e66f4..3f976ff7 100755
>> --- a/src/bin/pmgpolicy
>> +++ b/src/bin/pmgpolicy
>> @@ -56,7 +56,7 @@ if (!GetOptions(%_opts)) {
>>      exit (-1);
>>  }
>>  
>> -$opt_pidfile = "/run/pmgpolicy.pid" if !$opt_pidfile;
>> +$opt_pidfile = $ENV{'PIDFILE'} if !$opt_pidfile;
>>  $opt_max_dequeue = 0 if $opt_testmode;
>>  
>>  initlog('pmgpolicy', 'mail');

-- 
Maximiliano


_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

Re: [pmg-devel] [PATCH pmg-api v5 08/11] mailqueue: make mail queue writable by pmg group

[Maximiliano Sandoval]

Stoiko Ivanov <s.ivanov@proxmox.com> writes:

> On Fri,  4 Apr 2025 15:14:35 +0200
> Maximiliano Sandoval <m.sandoval@proxmox.com> wrote:
>
>> Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
>> ---
>>  debian/postinst      | 9 +++++++++
>>  src/PMG/MailQueue.pm | 7 ++++---
>>  2 files changed, 13 insertions(+), 3 deletions(-)
>> 
>> diff --git a/debian/postinst b/debian/postinst
>> index c12870fa..ba6497a0 100644
>> --- a/debian/postinst
>> +++ b/debian/postinst
>> @@ -53,6 +53,15 @@ migrate_pmg_smtp_filter() {
>>  
>>      chown :pmg /var/lib/pmg
>>  
>> +    chown :pmg /var/spool/pmg/active
>> +    chown :pmg /var/spool/pmg/virus
>> +    chown :pmg /var/spool/pmg/spam
>> +    chown :pmg /var/spool/pmg/attachment
>> +    chmod g+w /var/spool/pmg/active
>> +    chmod g+w /var/spool/pmg/virus
>> +    chmod g+w /var/spool/pmg/spam
>> +    chmod g+w /var/spool/pmg/attachment
>> +
>
> I think this would be a bit more readable as a loop over `active virus spam
> attachment`.

Will do for version n+1.

>>      if systemctl --quiet is-active rrdcached.service ; then
>>          systemctl daemon-reload
>>          deb-systemd-invoke reload-or-try-restart rrdcached.service >/dev/null || true
>> diff --git a/src/PMG/MailQueue.pm b/src/PMG/MailQueue.pm
>> index 4e37cb98..adbf28c1 100644
>> --- a/src/PMG/MailQueue.pm
>> +++ b/src/PMG/MailQueue.pm
>> @@ -33,12 +33,13 @@ sub create_spooldirs {
>>  	"$spooldir/attachment",
>>      ]) if $cleanup;
>>  
>> -    mkpath([
>> +    mkpath(
>>  	"$spooldir/active",
>>  	"$spooldir/spam",
>>  	"$spooldir/virus",
>>  	"$spooldir/attachment",
>> -    ]);
>> +	{ group=>'pmg', chmod=>0775 },
>> +    );
>>  
>>      if ($lcid) {
>>  	mkpath "$spooldir/cluster/$lcid/virus";
>> @@ -68,7 +69,7 @@ sub new_fileid {
>>      my $uid;
>>      my $subsubdir = '';
>>  
>> -    if (!($fh = IO::File->new ($path, 'w+', 0600))) {
>> +    if (!($fh = IO::File->new ($path, 'w+', 0660))) {
>>  	die "unable to create file '$path': $! : ERROR";
>>      }
>>  

-- 
Maximiliano


_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel

Re: [pmg-devel] [PATCH pmg-api v5 05/11] postinstall: add new group for shared functionality

[Maximiliano Sandoval]

Stoiko Ivanov <s.ivanov@proxmox.com> writes:

> TIL: `systemd-sysusers` - thanks!
> looks fine - a short comment/link to why the flag to `dh` is (still?)
> needed would help me here

The `dh` flag was added in the compatibility level v14 which if I am not
wrong is still open for development, this means it has the feature has
to be enabled explicitly. See [1, 2] for more details.

[1] https://manpages.debian.org/trixie/debhelper/debhelper.7.en.html#COMPATIBILITY_LEVELS
[2] https://manpages.debian.org/trixie/debhelper/debhelper-compat-upgrade-checklist.7.en.html

>
> On Fri,  4 Apr 2025 15:14:32 +0200
> Maximiliano Sandoval <m.sandoval@proxmox.com> wrote:
>
>> A shared group named 'pmg' is introduced for processes that need to be
>> accessible from multiple processes like spamassassin, rrdcached or the
>> mail queue at /var/spool/pmg.
>> 
>> Signed-off-by: Maximiliano Sandoval <m.sandoval@proxmox.com>
>> ---
>>  debian/pmg-api.sysusers | 1 +
>>  debian/postinst         | 4 ++++
>>  debian/rules            | 2 +-
>>  3 files changed, 6 insertions(+), 1 deletion(-)
>>  create mode 100644 debian/pmg-api.sysusers
>> 
>> diff --git a/debian/pmg-api.sysusers b/debian/pmg-api.sysusers
>> new file mode 100644
>> index 00000000..a546c45f
>> --- /dev/null
>> +++ b/debian/pmg-api.sysusers
>> @@ -0,0 +1 @@
>> +g pmg             -               -
>> diff --git a/debian/postinst b/debian/postinst
>> index 708350ec..9af65ebf 100644
>> --- a/debian/postinst
>> +++ b/debian/postinst
>> @@ -49,6 +49,10 @@ migrate_apt_auth_conf() {
>>  }
>>  
>>  migrate_pmg_smtp_filter() {
>> +    systemd-sysusers
>> +
>> +    chown :pmg /var/lib/pmg
>> +
>>      pmgdb update >/dev/null 2>&1 &
>>  }
>>  
>> diff --git a/debian/rules b/debian/rules
>> index 3e150795..ea8f110c 100755
>> --- a/debian/rules
>> +++ b/debian/rules
>> @@ -13,7 +13,7 @@ include debian/rules.env
>>  export REPOID=${REPOID_GENERATED}
>>  
>>  %:
>> -	dh $@
>> +	dh $@ --with installsysusers
>>  
>>  override_dh_installsystemd:
>>  	dh_installsystemd --no-start --no-stop-on-upgrade \

-- 
Maximiliano


_______________________________________________
pmg-devel mailing list
pmg-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pmg-devel