Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Ensure correct ownership for the Rspamd DKIM directory #3813

Merged
merged 1 commit into from Jan 23, 2024
Merged

fix: Ensure correct ownership for the Rspamd DKIM directory #3813

merged 1 commit into from Jan 23, 2024

Conversation

polarathene
Copy link
Member

@polarathene polarathene commented Jan 23, 2024
edited

Description

Applies the suggested fix from reporter: #3800 (comment)

Fixes #3800

OpenDKIM recently had a contribution for ownership adjustment, although that was for the user benefit with config volume files, not an issue with DMS support.

Ownership issues in /tmp/docker-mailserver shouldn't matter or need to be fixed for DMS, but the present rspamd DKIM support has a rather relaxed / flexible location where it's associated config points to the files instead of a local internal copy made at runtime.

NOTE: There is already related script for rspamd during startup that attempts to get DKIM keys to inspect by parsing path settings in dkim_signing.conf, logging warnings when the ownership is not _rspamd.

Type of change

  • Bug fix (non-breaking change which fixes an issue)

Checklist:

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • New and existing unit tests pass locally with my changes
  • I have added information about changes made in this PR to CHANGELOG.md

@polarathene
fix: Ensure correct ownership for the Rspamd DKIM directory
61546e2 
The UID / GID shifted during a new release. Until DKIM handling is refactored in a new major release, this fix ensures the content maintains the expected `_rspamd` ownership.
@polarathene polarathene added this to the v13.3.1 milestone Jan 23, 2024
@polarathene polarathene self-assigned this Jan 23, 2024
@georglauterbach georglauterbach merged commit d40a17f into master Jan 23, 2024
7 checks passed
@georglauterbach georglauterbach deleted the fix/ensure-correct-ownership-for-rspamd-dkim-dir branch January 23, 2024 10:51
@georglauterbach
Copy link
Member

I will adjust the changelog with the v13.3.1 PR to account for this.

@polarathene polarathene mentioned this pull request Jan 25, 2024
Merged
12 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@georglauterbach georglauterbach georglauterbach approved these changes

@casperklein casperklein Awaiting requested review from casperklein

Assignees

@polarathene polarathene

Labels
area/scripts kind/bug/fix A fix (PR) for a confirmed bug service/security/dkim-dmarc-spf service/security/rspamd
Projects
None yet
Milestone
v13.3.1
Development

Successfully merging this pull request may close these issues.

bug report: existing rspamd DKIM private key files are owned by dovenull instead of _rspamd user
2 participants
@polarathene @georglauterbach