Debian Bug report logs - #708945
amavisd-new: amavis unfriendly against process list tools

Reply or subscribe to this bug.

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: schorsch <schorsch@schorsch.de>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: amavisd-new: amavis unfriendly against process list tools

Date: Sun, 19 May 2013 17:08:55 +0200

Package: amavisd-new
Version: 1:2.7.1-2
Severity: minor

Dear Maintainer,
after upgrading from squeeze to wheezy, any tools which refer to the process
details of amavisd-new, refer the process name not by the name of the
invoked binary (amavisd-new), but by the fully qualified path of this binary
(/usr/sbin/amavi). This reference is limited to 15 characters
(as in /proc/<pid>/stat), so the process name is  severly crippled.

Of course, I could blame ps or pgrep or pkill for this behaviour - but I
think, they are the wrong addressees. This tools refer on /proc/<pid>/stat,
and if they find wrong data there, it's not their fault.

On the other hand, one could wonder, what amavis has to do with
/proc/<pid>/stat? But on a number of very different servers and client
computers, with very different purposes, different installation details and
hundreds or thousands of different installed packages, I found only two
processes, which show this strange behaviour: amavis and postgrey.




-- System Information:
Debian Release: 7.0
  APT prefers oldstable-updates
  APT policy: (500, 'oldstable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores)
Locale: LANG=de_DE@euro, LC_CTYPE=de_DE@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/dash

Versions of packages amavisd-new depends on:
ii  adduser                             3.113+nmu3
ii  debconf [debconf-2.0]               1.5.49
ii  file                                5.11-2
ii  libarchive-zip-perl                 1.30-6
ii  libberkeleydb-perl                  0.51-1
ii  libcompress-raw-zlib-perl           2.052-1
ii  libconvert-tnef-perl                0.17-11
ii  libconvert-uulib-perl               1:1.4~dfsg-1+b1
pn  libdigest-md5-perl                  <none>
ii  libio-stringy-perl                  2.110-5
ii  libmail-dkim-perl                   0.39-1
ii  libmailtools-perl                   2.09-1
pn  libmime-base64-perl                 <none>
ii  libmime-tools-perl                  5.503-1
ii  libnet-server-perl                  2.006-1
ii  libunix-syslog-perl                 1.1-2+b2
ii  pax                                 1:20120606-2
ii  perl [libtime-hires-perl]           5.14.2-21
ii  perl-modules [libarchive-tar-perl]  5.14.2-21

Versions of packages amavisd-new recommends:
pn  altermime              <none>
pn  libnet-patricial-perl  <none>
ii  ripole                 0.2.0+20081101.0215-1

Versions of packages amavisd-new suggests:
pn  apt-listchanges      <none>
ii  arj                  3.10.22-10
ii  cabextract           1.4-3
ii  clamav               0.97.8+dfsg-1
ii  clamav-daemon        0.97.8+dfsg-1
ii  cpio                 2.11+dfsg-0.1
pn  dspam                <none>
ii  lha                  1.14i-10.3
pn  lhasa                <none>
pn  libauthen-sasl-perl  <none>
pn  libdbi-perl          <none>
ii  libmail-dkim-perl    0.39-1
pn  libnet-ldap-perl     <none>
pn  libsnmp-perl         <none>
ii  lzop                 1.03-3
ii  nomarch              1.4-3
pn  p7zip                <none>
pn  rpm                  <none>
ii  spamassassin         3.3.2-5
ii  unrar                1:4.1.4-1
ii  unrar-free           1:0.0.1+cvs20071127-2
ii  zoo                  2.10-27

-- Configuration Files:
/etc/amavis/conf.d/05-domain_id changed:
use strict;
chomp($mydomain = `head -n 1 /etc/mailname`);
@local_domains_acl = ( ".$mydomain", "postfix.schorsch.de", "mail.schorsch.de", "localhost" );
1;  # ensure a defined return

/etc/amavis/conf.d/15-content_filter_mode changed:
use strict;
@bypass_virus_checks_maps = (
   \%bypass_virus_checks, \@bypass_virus_checks_acl, \$bypass_virus_checks_re);
@bypass_spam_checks_maps = (
   \%bypass_spam_checks, \@bypass_spam_checks_acl, \$bypass_spam_checks_re);
1;  # ensure a defined return

/etc/amavis/conf.d/20-debian_defaults changed:
use strict;
$virus_quarantine_to = "viren_intern\@schorsch.de";
$spam_quarantine_to = "spam_intern\@schorsch.de";
$banned_quarantine_to = "postmaster\@schorsch.de";
$bad_header_quarantine_to = "postmaster\@schorsch.de";
$QUARANTINEDIR = "$MYHOME/virusmails";
$quarantine_subdir_levels = 1; # enable quarantine dir hashing
$log_recip_templ = undef;    # disable by-recipient level-0 log entries
$DO_SYSLOG = 1;              # log via syslogd (preferred)
$syslog_ident = 'amavis';    # syslog ident tag, prepended to all messages
$syslog_facility = 'mail';
$syslog_priority = 'debug';  # switch to info to drop debug output, etc
$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)
$enable_global_cache = 1;    # enable use of libdb-based cache if $enable_db=1
$inet_socket_port = 10024;   # default listening socket
$sa_spam_subject_tag = '***SPAM*** ';
$sa_tag_level_deflt  = 2.0;  # add spam info headers if at, or above that level
$sa_tag2_level_deflt = 5.00; # add 'spam detected' headers at that level
$sa_kill_level_deflt = 5.00; # triggers spam evasive actions
$sa_dsn_cutoff_level = 10;   # spam level beyond which a DSN is not sent
$sa_mail_body_size_limit = 200*1024; # don't waste time on SA if mail is larger
$sa_local_tests_only = 0;    # only tests which do not require internet access?
$MAXLEVELS = 14;
$MAXFILES = 1500;
$MIN_EXPANSION_QUOTA =      100*1024;  # bytes
$MAX_EXPANSION_QUOTA = 300*1024*1024;  # bytes
$final_virus_destiny      = D_DISCARD;  # (data not lost, see virus quarantine)
$final_banned_destiny     = D_DISCARD;   # D_REJECT when front-end MTA
$final_spam_destiny       = D_DISCARD;
$final_bad_header_destiny = D_PASS;     # False-positive prone (for spam)
$enable_dkim_verification = 1;
$enable_dkim_verification = 0; #disabled to prevent warning
$virus_admin = undef; 
$X_HEADER_LINE = "Debian $myproduct_name at $mydomain";
@viruses_that_fake_sender_maps = (new_RE(
  [qr'\bEICAR\b'i => 0],            # av test pattern name
  [qr/.*/ => 1],  # true for everything else
));
@keep_decoded_original_maps = (new_RE(
  qr'^MAIL-UNDECIPHERABLE$', # recheck full mail if it contains undecipherables
  qr'^(ASCII(?! cpio)|text|uuencoded|xxencoded|binhex)'i,
));
$banned_filename_re = new_RE(
  # block certain double extensions anywhere in the base name
  qr'\.[^./]*\.(exe|vbs|pif|scr|bat|cmd|com|cpl|dll)\.?$'i,
  qr'\{[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\}?$'i, # Windows Class ID CLSID, strict
  qr'^application/x-msdownload$'i,                  # block these MIME types
  qr'^application/x-msdos-program$'i,
  qr'^application/hta$'i,
  qr'.\.(exe|vbs|pif|scr|bat|cmd|com|cpl)$'i, # banned extension - basic
  qr'^\.(exe-ms)$',                       # banned file(1) types
);
@score_sender_maps = ({ # a by-recipient hash lookup table,
                        # results from all matching recipient tables are summed
  ## site-wide opinions about senders (the '.' matches any recipient)
  '.' => [  # the _first_ matching sender determines the score boost
   new_RE(  # regexp-type lookup table, just happens to be all soft-blacklist
    [qr'^(bulkmail|offers|cheapbenefits|earnmoney|foryou)@'i         => 5.0],
    [qr'^(greatcasino|investments|lose_weight_today|market\.alert)@'i=> 5.0],
    [qr'^(money2you|MyGreenCard|new\.tld\.registry|opt-out|opt-in)@'i=> 5.0],
    [qr'^(optin|saveonlsmoking2002k|specialoffer|specialoffers)@'i   => 5.0],
    [qr'^(stockalert|stopsnoring|wantsome|workathome|yesitsfree)@'i  => 5.0],
    [qr'^(your_friend|greatoffers)@'i                                => 5.0],
    [qr'^(inkjetplanet|marketopt|MakeMoney)\d*@'i                    => 5.0],
   ),
   { # a hash-type lookup table (associative array)
     #'nobody@cert.org'                        => -3.0,
     #'cert-advisory@us-cert.gov'              => -3.0,
     #'owner-alert@iss.net'                    => -3.0,
     #'slashdot@slashdot.org'                  => -3.0,
     #'securityfocus.com'                      => -3.0,
     #'ntbugtraq@listserv.ntbugtraq.com'       => -3.0,
     #'security-alerts@linuxsecurity.com'      => -3.0,
     #'mailman-announce-admin@python.org'      => -3.0,
     #'amavis-user-admin@lists.sourceforge.net'=> -3.0,
     #'amavis-user-bounces@lists.sourceforge.net' => -3.0,
     #'spamassassin.apache.org'                => -3.0,
     #'notification-return@lists.sophos.com'   => -3.0,
     #'owner-postfix-users@postfix.org'        => -3.0,
     #'owner-postfix-announce@postfix.org'     => -3.0,
     #'owner-sendmail-announce@lists.sendmail.org'   => -3.0,
     #'sendmail-announce-request@lists.sendmail.org' => -3.0,
     #'donotreply@sendmail.org'                => -3.0,
     #'ca+envelope@sendmail.org'               => -3.0,
     #'noreply@freshmeat.net'                  => -3.0,
     #'owner-technews@postel.acm.org'          => -3.0,
     #'ietf-123-owner@loki.ietf.org'           => -3.0,
     #'cvs-commits-list-admin@gnome.org'       => -3.0,
     #'rt-users-admin@lists.fsck.com'          => -3.0,
     #'clp-request@comp.nus.edu.sg'            => -3.0,
     #'surveys-errors@lists.nua.ie'            => -3.0,
     #'emailnews@genomeweb.com'                => -5.0,
     #'yahoo-dev-null@yahoo-inc.com'           => -3.0,
     #'returns.groups.yahoo.com'               => -3.0,
     #'clusternews@linuxnetworx.com'           => -3.0,
     #lc('lvs-users-admin@LinuxVirtualServer.org')    => -3.0,
     #lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,
     # soft-blacklisting (positive score)
     #'sender@example.net'                     =>  3.0,
     #'.example.net'                           =>  1.0,
   },
  ],  # end of site-wide tables
});
1;  # ensure a defined return

/etc/amavis/conf.d/50-user changed:
use strict;
@local_domains_maps = ( ["."] );
@mynetworks = qw( 192.168.0.0/16 172.16.0.0/16 );
$policy_bank{'MYNETS'} = {  # clients in @mynetworks
  bypass_spam_checks_maps   => [1],  # don't spam-check internal mail
  bypass_banned_checks_maps => [1],  # don't banned-check internal mail
  bypass_header_checks_maps => [1],  # don't header-check internal mail  
};
1;  # ensure a defined return


-- debconf information:
  amavisd-new/outdated_config_style_warning:

Message #10 received at 708945@bugs.debian.org (full text, mbox, reply):

From: Ron <ron@debian.org>

To: 708945@bugs.debian.org

Subject: Re: amavisd-new: amavis unfriendly against process list tools

Date: Wed, 10 Sep 2014 08:21:31 +0930

Hi,

I crashed into this today too, so here's some more information :)

The underlying cause of this change appears to be the same thing
that resulted in #652026 (also in amavis).  There's a pretty
complete description of it there, so I won't repeat it here.

On the bright side, it should be quite easy to fix, and is trivial
to workaround.

amavisd-new does:

 $myprogram_name = $0;

Followed by later calls to do (essentially):

 $0 = $myprogram_name . $something

for its various sub-processes.  So it could be fixed in the amavis
code by just stripping the path components off the initial assignment
to $myprogram_name in the BEGIN {} section.


In the meantime, people who need to can set $myprogram_name to whatever
they want in the amavis config, and that will also be respected.


FWIW, I hit this trying to use the munin 'proc' plugin to monitor
amavis, and it initially choked on the '/' characters in the process
name.  Unfortunately there's a synergy of sadness there which means
it still doesn't play nice with $myprogram_name = 'amavisd-new',
because that then means /proc/$pid/stat ends up with something like
'amavisd-new (ma' in it, and there's no prizes for guessing how happy
it is with the space and the paren ...

But I can set it to something like 'amavisd_process' which is 15
characters long, doesn't look totally stupid as a graph label, and
pushes the nasties out of the /stat entry too, to work around two
bugs with one kludge :)

  Cheers,
  Ron

Send a report that this bug log contains spam.