Milter-greylist

On Mon, 29 Jan 2007 18:40:39 +0000 Emmanuel Dreyfus <manu@...> wrote:

> > A (possibly related?) problem - milter-greylist is running as user smmsp,
> > and I added postfix user to group smmsp. I need to execute the following
> > command after starting milter-greylist:
> > chmod g+w /var/milter-greylist/milter-greylist.sock
> > so that postfix could write to the socket. Is it possible to use some config
> > file option or smth instead of running chmod?
> 
> Run with -u user:group

It sets group owner, but I still need group write permission as well.
From http://www.milter.org/milter_api/smfi_setconn.html :
Unix/local sockets should have their permissions set to 0600 (read/write permission only for the socket's owner) or 0660 (read/write permission for the socket's owner and group) which is useful if the sendmail RunAsUser option is used. The permissions for a unix/local domain socket are determined as usual by umask, which should be set to 007 or 077.

With the following patch I get group write permission on a socket file:

diff -u -r1.159 milter-greylist.c
--- milter-greylist.c	29 Jan 2007 04:57:18 -0000	1.159
+++ milter-greylist.c	31 Jan 2007 01:36:24 -0000
@@ -1267,6 +1267,7 @@
 		usage(argv[0]);
 	}
 	cleanup_sock(conf.c_socket);
+	umask(007);  /* set group write permission on a socket file */
 	(void)smfi_setconn(conf.c_socket);
 
 	/*

Is it possible to apply it or should an option for this be introduced?

Regards,
Nerijus