Bug#966205: Exim4-base cron script doesn't call tidydb correctly

[Ruth Ivimey-Cook]

Package: exim4-base

Version: 4.90.1-1ubuntu1.5


The cron script exim4-base, present in /etc/cron.daily, performs various 
update actions for exim, amongst which is calling exim_tidydb for the 
installed BDB databases. The code that calls tidydb is at the end of the 
file, and in my configuration the script exits with code 123 but no 
messages; this causes cron to complain.

The relevant code is as follows:

# run tidydb as Debian-exim:Debian-exim.
if [ -x /usr/sbin/exim_tidydb ]; then
   cd $SPOOLDIR/db || exit 1
   if ! find $SPOOLDIR/db -maxdepth 1 -name '*.lockfile' -or -name 'log.*' \
     -or -type f -printf '%f\0' | \
       xargs -0r -n 1 \
       start-stop-daemon --start --exec /usr/sbin/exim_tidydb \
       --chuid Debian-exim:Debian-exim -- $SPOOLDIR > /dev/null; then
     # if we reach this, invoking exim_tidydb from start-stop-daemon has
     # failed, most probably because of libpam-tmpdir being in use
     # (see #373786 and #376165)
     find $SPOOLDIR/db -maxdepth 1 -name '*.lockfile' -or -name 'log.*' \
     -or -type f -printf '%f\0' | \
     runuser --shell=/bin/bash \
          --command="xargs -0r -n 1 /usr/sbin/exim_tidydb $SPOOLDIR > 
/dev/null" \
          Debian-exim
   fi
fi


This seems excessively complex, but also assumes that any file which is 
present and not a lockfile or a logfile is a BDB database. Checking the 
source code for tidydb shows that only the following names are accepted: 
"retry", "misc", "callout" and "wait-*". In my configuration I use the 
widely known "greylist" code, and it makes sense to me to put the sqlite 
greylist database in SPOOL/db.

I propose replacing the above code with the following, much simpler and 
more correct version, because it finds all databases that are acceptable 
to exim_tidydb while ignoring any other file. I have avoided using 
'runuser' as this step does not appear to be necessary: tidied files are 
changed in-place, and so there is no reason for the user or group name 
to change. It could of course be reinstated if needed.


# run tidydb.
if [ -x /usr/sbin/exim_tidydb ]; then
   cd $SPOOLDIR/db || exit 1
   # exim_tidydb operates on Berkeley DB files retry, misc, callout, and
   # wait-* (e.g. wait-remote_smtp), but not on the lockfiles that can 
accompany
   # them. The lockfiles are zero length so it's easiest to eliminate 
that way
   # (rather than checking the name).
   [ -f "retry" ]   && /usr/sbin/exim_tidydb $SPOOLDIR retry
   [ -f "misc" ]    && /usr/sbin/exim_tidydb $SPOOLDIR misc
   [ -f "callout" ] && /usr/sbin/exim_tidydb $SPOOLDIR callout
   for db in "wait-*" ; do
     [ ! -s "${db}" ] && /usr/sbin/exim_tidydb $SPOOLDIR $db
   done
fi


-- 
Software Manager & Engineer
Tel: 01223 414180
Blog: http://www.ivimey.org/blog
LinkedIn: http://uk.linkedin.com/in/ruthivimeycook/