Kopano spamd error - PermissionError: [Errno 1] Operation not permitted
ckruijntjens last edited by ckruijntjens
itis working now.
@ckruijntjens and what was now the solution? My problem is on the kopano-spamd process and you mixed your problems with inotify also in this topic why i lost a little the overview here.
On my Debian 9 Server:
If i choose a mail in mail inbox to sort it in the junk mail folder i get this messages in
2019-01-12 08:17:57,330 - spamd - INFO - Learning message as SPAM, entryid: 00000000A497753E7B1B4CE3894BB06ABB7C1F450100000005000000D451EC976A324DCAA23AF88AB788EAD800000000 2019-01-12 08:17:57,356 - spamd - ERROR - Traceback (most recent call last): File "/usr/lib/python3/dist-packages/kopano/log.py", line 103, in log_exc try: yield File "/usr/lib/python3/dist-packages/kopano_spamd/__init__.py", line 83, in update self.learn(item, searchkey, True) File "/usr/lib/python3/dist-packages/kopano_spamd/__init__.py", line 106, in learn os.chown(emlfilename, uid, gid) PermissionError: [Errno 1] Operation not permitted: '/var/lib/kopano/spamd/spam/9DFD4A4E633343C081465B7B8EDBCBE4.eml'
i installed the python 3 deamon via
apt-get install python3-daemon.
I have spamassassin, clamav and amavis running that’s why i assigned kopano to the amavis group via
gpasswd -a kopano amavis.
i can execute this command
sudo -H -u kopano chown kopano:amavis /var/lib/kopano/spamd/spam/9DFD4A4E633343C081465B7B8EDBCBE4.eml
so the rights should be correct, or?
So, what could it be?
What @BMWfan describes is exactly the origin problem.
Wat i did was adding kopano to my rspamd group and rspamd to kopano group.
The sa_group is kopano
Now its working for me
Hi, the hint of @ckruijntjens was the last piece of the puzzle to the solution. After changing sa_group to kopano, kopano-spamd runs without errors.
@ckruijntjens thank you, this works for me now also after i changed the sa_group to kopano in the configuration
etc/kopano/spamd.cfgbut now is my inotify-spamlearn not more functioning as here described define-ham-and-spam-for-spamassassin, or what could i do that i could use amavis as the sa_group?
Glad it worked👍👍👍
ashceryth last edited by ashceryth
Guys, I think what you did is a workaround. Since you set the
kopanothere is no change when executing
chown(https://github.com/Kopano-dev/kopano-core/blob/master/ECtools/spamd/kopano_spamd/__init__.py#L104 line 104 onwards) on the files as they’re already owned by
kopano:kopano. So, this way the original problem discussed in this thread isn’t triggered (that’s just what I think). Of course it works the other way round if you add amavis to the kopano group and then run inotify-spamlearn as user amavis. This way the user amavis has read and write permissions on the files as the user is member of the kopano group. Just my two cents.
And please don’t mix up spamd and inotify-spamlearn. These are two different things.
@ashceryth thanks for your opinion. You are right i think. I added kopano as described in my post before in the amavis group but the problem exists still if i configure this
sa_group = amavis.
I can execute this manually
sudo -H -u kopano chown kopano:amavis /var/lib/kopano/spamd/spam/9DFD4A4E633343C081465B7B8EDBCBE4.emlbut the script gives us the following error if it has to execute it triggerd by the mail displacements in Kopano Webapp.
PermissionError: [Errno 1] Operation not permitted: '/var/lib/kopano/spamd/spam/9DFD4A4E633343C081465B7B8EDBCBE4.eml'
BMWfan last edited by
@mark-dufour do you need more informations to reproduce this issue?
This ultimately seems to be an issue with/experienced through systemd. The permission denied when chown’ing comes from systemd denying it.
We will still need to think about alternative approaches for this.
BMWfan last edited by
@fbartels thanks for your answer. Should i open a request anywhere or what are the next steps?
Could you try the following (assuming you need your eml files to be kopano:amavis in the end):
-> set run_as_group to amavis
-> sa_group should then be amavis as well
make sure kopano is member of the amavis group (writing this out i am not 100% this is really a requirement)
make sure that
/var/lib/kopano/spamd(recursively) is owned by kopano:amavis
If this works for you as well, then we will remove the sa_group option and its related mechanism from kopano-spamd and adopt documentation accordingly.
@fbartels : I will try it tomorrow
@fbartels: Sorry, that I am reporting so late. Your solution works perfect for me. Thank you
for me this is also working. Except i am using rspamd so for me the group is _rspamd
This works as expected!
weini last edited by
Works for me too!
Many thanks for your support!