Open rkfg opened 2 months ago
You are able to change such files via mailcow interface, but when you change the owner you won't able to do that anymore I guess
But I can't edit them in the rspamd UI. I think it'd be better to set ACL for rspamd as well so that both users can edit them. Or run rspamd as the same user. Or set the owner/mod only for the files that can be changed in mailcow UI, not all of them.
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
Contribution guidelines
I've found a bug and checked that ...
Description
In https://github.com/mailcow/mailcow-dockerized/blob/36b5cccd186090d726de62b6b00d1e842e67aacd/data/Dockerfiles/rspamd/docker-entrypoint.sh#L116 the owner of custom rspamd configs is set to 82:82. However, this causes these files to be read-only in the UI: If I chown them to 101:101 (the user that rspamd runs as) the files become available for editing and save normally. However, since this 82:82 chown is in the entrypoint script, restarting rspamd causes the files to become read only again. I'm not sure if it's some design decision I don't understand or a bug but it's pretty inconvenient because it becomes impossible to change the white/blacklists from the UI without changing the access rights via ssh first. The behavior is exactly the same on two separate instances I maintain (work and personal servers).
Logs:
Steps to reproduce:
Which branch are you using?
master
Which architecture are you using?
x86
Operating System:
Debian 12.5
Server/VM specifications:
VDS, 8 GB RAM, 4 CPUs
Is Apparmor, SELinux or similar active?
Apparmor is active
Virtualization technology:
KVM
Docker version:
20.10.24+dfsg1
docker-compose version or docker compose version:
v2.26.1
mailcow version:
2024-04
Reverse proxy:
Caddy
Logs of git diff:
Logs of iptables -L -vn:
Logs of ip6tables -L -vn:
Logs of iptables -L -vn -t nat:
Logs of ip6tables -L -vn -t nat:
DNS check: