Re: 2.8.0 and newly strict checking

From: Murray S. Kucherawy <>
Date: Tue, 5 Mar 2013 23:32:05 -0800 (PST)

On Tue, 5 Mar 2013, Doug Barton wrote:
>> No error was produced. Further, no error was produced when I added
>> other users to that group as a test. It did fail if I turned on the
>> group read bit, since there are other users in /etc/passwd with the same
>> group.
> :-/
>> Apart from the differing uid, did I miss a step in reproducing your
>> configuration here? Your report didn't include your configuration file,
>> so that part was improvised, but the rest is the same as what, as you
>> pointed out, you already told me.
> It's pretty plain-vanilla, at least I think so:
> LogWhy yes
> Syslog yes
> SyslogSuccess yes
> Canonicalization relaxed/simple
> Domain
> Selector
> KeyFile /var/db/opendkim/
> Socket inet:8891_at_localhost
> ReportAddress
> SendReports yes
> hth,

The only one of those that matters is KeyFile, which tells it what file to
open. The rest of those don't affect permissions checking. I presume
you're starting it with "su opendkim ...", since UserId is missing.

The patch I sent earlier will show what values are being queried from the
filesystem, and from /etc/passwd and /etc/group, via syslog. Running that
while things are back in your failing state might shed some light on
what's going on that the code didn't anticipate.

Received on Wed Mar 06 2013 - 07:32:21 PST

This archive was generated by hypermail 2.3.0 : Wed Mar 06 2013 - 07:36:01 PST