[Mimedefang] Using ClamAV with default run-as-user settings
Kenneth Porter
shiva at sewingwitch.com
Wed Feb 11 01:06:06 EST 2004
--On Tuesday, February 10, 2004 7:58 PM -0500 "David F. Skoll"
<dfs at roaringpenguin.com> wrote:
> As of Clam 0.65, you do not need to modify Clam in any way to work with
> MD. Just put this in your config file:
>
> User defang
>
> and everything (including freshclam --daemon-notify) just works. If it
> upsets you to run as "defang", just make a MIMEDefang-specific Clam config
> file and specify it as a command-line option.
Good to know, but there's an additional complication when installing RPM's:
The log and run directories, which need to be writable by the user in
question, and the lib directory with the virus database downloaded by
freshclam. These are created by the clamav RPM at installation time.
Currently I'm hand-changing the ownership on these following
installation/update, but it gets undone every time I update the package.
BTW, there's a new 0.66 out tonight to deal with the DoS vulnerability
announced today. I found I had to add a "DatabaseMirror
database.clamav.net" directive to clamav.conf. It's not documented and
replaces the old mirrors.txt file to tell freshclam where to get the DB's
from.
More information about the MIMEDefang
mailing list