Univention Bugzilla – Bug 48944
Diagnostic check for Amavis/Spamassassin rules/signatures
Last modified: 2022-01-28 18:25:17 CET
It should check if spamassassin rules/signatures are missing. Amavis does not even start any more, if the signatures are to missing/old. The diagnosis module should support to update the signatures.
Work in progress: Added script that checks the syntax of spamassassin rule set and configuration files (commit msg: Bug #48944: added diagnosis module) on added branch "troehmey/bug48944". Updating signatures will be implemented soon.
Fixed issue with the following commits: Bug #48944: added translations Bug #48944: update copyright Bug #48944: added button for updating signatures Bug #48944: added diagnosis module on branch "troehmey/bug48944_v2" For testing, an error can be provoked by forcing wrong results in source code "59_spamassasin_rules.py" or by installing UCS without connected network card (not tested).
Variables 'uid' and 'gid' in lines 51 and 52 are unused. (They are either set in lines 55 and 56 or an exception is raised.) The "return" in line 59 is unreachable and thus superfluous. subprocess.Popen() must not be called with "shell=True" (line 77). The option is 1. a security hazard, 2. not required and 3. leaves the interpreter hanging in an opened shell (try it out in an interactive Python interpreter). The option is only used when passing actual shell code (instead of an executable) to Popen. --- For the functional test I used a UCS VM without installed mail server on which I installed the updated univention-management-console-module-diagnostic package from the git branch. Then: $ apt-get -d install univention-mail-server $ ifdown ens3 ## UVMM on lavia → VNC open console of VM $ apt-get install univention-mail-server $ ifup ens3 $ univention-run-join-scripts I then opened the UMC diagnostics module and it correctly showed the problem, but it couldn't fix it (because of the shell=True).
The last commit () removed the try-except-KeyError resulting on systems without installed mail server in: ------------------------------------------------------------------------------ Traceback (most recent call last): File "/usr/lib/python2.7/dist-packages/univention/management/console/modules/diagnostic/__init__.py", line 280, in execute result = execute(umc_module, **kwargs) File "/usr/lib/python2.7/dist-packages/univention/management/console/modules/diagnostic/plugins/59_spamassasin_rules.py", line 50, in run pw = pwd.getpwnam('debian-spamd') KeyError: 'getpwnam(): name not found: debian-spamd' ------------------------------------------------------------------------------ The diagnostic package is installable on systems without mail server. Please readd the try-except, be instead of raising a Warning exception, just "return".
Fixed errors. Pushed on branch troehmey/bug48944_v2 with commits commit 038982ee5fa97a2c82cb686a4d8163a432834939 Bug #48944: fixed errors, faster updating commit e287708b25df73991c779e9996fb6549726fba0a Bug #48944: improved code and fixed test
I tested the diagnosis module with the process mentioned in comment #3 No problem now running the diagnosis module on systems without univention-mail-server installed The german translation for messages and buttons are missing If I run the update signature option in the module the signatures are updated, but I get the response that the signatures could not be fetched. After rerunning the test, the diagnosis module couldn't find any problems anymore -> signatures where downloaded, thus the return messages have to be adapted (and also translated)
Translations have been added with commit commit 835666ca66c5a6012c58b9db7652d1ab31b6617b Bug #48944: Added translations and a minor syntax fix with commit commit 11261244ee9e3f4cb2029a8a0d60eda45a99d252 Bug #48944: added whitespace on branch troehmey/bug48944_v2. I tested the behavior by directly removing all signatures with rm -rf /var/lib/spamassassin/3.004002/updates_spamassassin_org* Updating the signatures worked as expected. Version 4.4.3 erratalevel 499 Somehow, I could not reproduce the error with the method described in comment #3 (also tested on 4.4.4).
Translations are now good If I reproduce the error with the method mentioned in comment 3 I still get the problem that after fixing I get the message that the signatures could not be fixed, even if they were. If I reproduce it with the method described in comment #7 this problem does not occur and I get the expected 'Alle Spamassassin Regeln sind in Ordnung'
*** Bug 49274 has been marked as a duplicate of this bug. ***
(In reply to Florian Best from comment #9) > *** Bug 49274 has been marked as a duplicate of this bug. *** There is a merge request for this as well: https://github.com/univention/univention-corporate-server/pull/11/