Anyone using sa-update from cron for SpamAssassin?


#1

/usr/local/bin/setlock -n /tmp/cronlock.4051759.53932 sh -c $’/home/skipmorrow/bin/sa-update --gpgkey 6C6191E3 --channel sought.rules.yerp.org

gpg: WARNING: unsafe ownership on homedir /home/skipmorrow/etc/mail/spamassassin/sa-update-keys' gpg: failed to create temporary file/home/skipmorrow/etc/mail/spamassassin/sa-update-keys/.#lk0x5d7320.ps11651.23686’: Permission denied
gpg: keyblock resource/home/skipmorrow/etc/mail/spamassassin/sa-update-keys/secring.gpg': general error gpg: failed to create temporary file/home/skipmorrow/etc/mail/spamassassin/sa-update-keys/.#lk0x5d7320.ps11651.23686’: Permission denied
gpg: keyblock resource /home/skipmorrow/etc/mail/spamassassin/sa-update-keys/pubring.gpg': general error gpg: no writable keyring found: eof gpg: error reading/home/skipmorrow/share/spamassassin/sa-update-pubkey.txt’: general error
gpg: import from `/home/skipmorrow/share/spamassassin/sa-update-pubkey.txt’ failed: general error

But when I run it from a login shell, it doesn’t show those errors. So I wrote a script to verify that the cron job is running as the correct user by putting in whoami, and indeed it is running as skipmorrow

skipmorrow@ps11651:~$ ls etc/mail/spamassassin/sa-update-keys/ -la
total 28
drwx------ 2 skipmorrow pg2222652 4096 Jul 20 00:00 .
drwxr-xr-x 3 skipmorrow pg2222652 4096 Jul 17 13:29 …
-rw------- 1 skipmorrow pg2222652 5123 Jul 17 14:29 pubring.gpg
-rw------- 1 skipmorrow pg2222652 4505 Jul 17 13:32 pubring.gpg~
-rw------- 1 skipmorrow pg2222652 0 Jul 17 13:29 secring.gpg
-rw------- 1 skipmorrow pg2222652 1200 Jul 17 13:29 trustdb.gpg

skipmorrow@ps11651:~$ id
uid=15203(skipmorrow) gid=588771(pg2222652) groups=588771(pg2222652)

skipmorrow@ps11651:~$ whoami
skipmorrow

skipmorrow@ps11651:~$ crontab -l
###— BEGIN DREAMHOST BLOCK
###— Changes made to this part of the file WILL be destroyed!

sa-update JM_SOUGHT

MAILTO="skip@pelorus.org"
@hourly /usr/local/bin/setlock -n /tmp/cronlock.4061564.53932 sh -c $’/home/skipmorrow/update_sa_rules.sh’
###— You can make changes below the next line and they will be preserved!
###— END DREAMHOST BLOCK

skipmorrow@ps11651:~$ cat update_sa_rules.sh
#!/bin/bash
echo date>>/home/skipmorrow/sa_update.log
echo "Who Am I: whoami">>/home/skipmorrow/sa_update.log
echo "id: id">>/home/skipmorrow/sa_update.log
echo “”>>/home/skipmorrow/sa_update.log
/home/skipmorrow/bin/sa-update -D --gpgkey 6C6191E3 --channel sought.rules.yerp.org --gpghomedir /home/skipmorrow/etc/mail/spamassassin/sa-update-keys

skipmorrow@ps11651:~$ tail sa_update.log
Mon Jul 20 07:00:04 PDT 2009
Who Am I: skipmorrow
id: uid=15203(skipmorrow) gid=588771(pg2222652) groups=588771(pg2222652)

I just recently added the --gpghomedir option, but that didn’t make a difference at all to the error messages, and I wouldn’t have expected it to make a difference, since sa-update is finding that directory on its own anyway.