ports/132575: mail/amavisd pidfile not respected

[Helmut Schneider]

>Number:         132575
>Category:       ports
>Synopsis:       mail/amavisd pidfile not respected
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Mar 12 11:40:04 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Helmut Schneider
>Release:        7.1-RELEASE
>Organization:
>Environment:
>Description:
As amavisd is most often chrooted to /var/amavis the process should not have write permissions to that directory for security reasons. A good place for the pid file would be e.g. /var/amavis/var/run
If a user sets a custom path for the pid file the rc script does not respect that as /var/amavis/amavisd.pid is "hardcoded".

>How-To-Repeat:

>Fix:
--- /usr/local/etc/rc.d/amavisd.bak     2009-03-12 12:21:42.000000000 +0100
+++ /usr/local/etc/rc.d/amavisd 2009-03-12 12:24:59.000000000 +0100
@@ -12,6 +12,8 @@
 # Add the following lines to /etc/rc.conf to enable amavisd:
 #
 #amavisd_enable="YES"
+#amavisd_pidfile="$PATH_TO_PIDFILE"
 #

 . /etc/rc.subr
@@ -20,7 +22,6 @@
 rcvar=`set_rcvar`

 command=/usr/local/sbin/amavisd > /dev/null 2>&1
-pidfile=/var/amavis/amavisd.pid
 required_files=/usr/local/etc/amavisd.conf
 extra_commands="reload"

@@ -59,6 +60,7 @@
 # set defaults

 amavisd_enable=${amavisd_enable:-"NO"}
+amavisd_pidfile=${amavisd_pidfile:-"/var/amavis/amavisd.pid"}

 load_rc_config $name
 run_rc_command "$1"

>Release-Note:
>Audit-Trail:
>Unformatted: