[Mimedefang] Clamd permissions on Centos with mimedefang
Philip Prindeville
philipp_subx at redfish-solutions.com
Fri Jan 13 20:35:06 EST 2012
I will note that if I lstat() the file, its parent, and its parent's parent and do the following:
--- /usr/bin/mimedefang.pl.orig 2012-01-02 11:39:14.000000000 -0800
+++ /usr/bin/mimedefang.pl 2012-01-13 17:32:55.315950407 -0800
@@ -74,6 +74,8 @@ use MIME::Parser;
use Sys::Hostname;
use File::Spec qw ();
+use File::Basename;
+
# Detect these Perl modules at run-time. Can explicitly prevent
# loading of these modules by setting $Features{"xxx"} = 0;
#
@@ -4759,6 +4761,24 @@ sub entity_contains_virus_clamd ($;$) {
if (! ($path =~ m+^/+)) {
$path = $CWD . "/" . $path;
}
+
+ {
+ my $name = $path;
+ my $mode = (lstat($name))[2];
+ $mode |= 0040;
+ chmod($mode, $name);
+
+ $name = dirname($name);
+ $mode = (lstat($name))[2];
+ $mode |= 0050;
+ chmod($mode, $name);
+
+ $name = dirname($name);
+ $mode = (lstat($name))[2];
+ $mode |= 0050;
+ chmod($mode, $name);
+ }
+
if (!$sock->print("SCAN $path\n")) {
$sock->close;
return (wantarray ? (999, 'swerr', 'tempfail') : 1);
it works fine... Where do the Work/, Work/mefang-xxx/ and Work/mdefang-xxx/yyy directories/files get created?
I'll come up with a patch to create them with the correct modes...
-Philip
On 1/13/12 4:56 PM, Philip Prindeville wrote:
> The problem is here:
>
> Jan 13 15:45:55 glue01 mimedefang.pl[23502]: E827922134F: lstat(/var/spool/MIMEDefang/mdefang-GlbJT07/Work/msg-23502-3.txt) errno 0 => 100600, defang.defang
> Jan 13 15:45:55 glue01 mimedefang.pl[23502]: E827922134F: lstat(/var/spool/MIMEDefang/mdefang-GlbJT07/Work) errno 0 => 40700, defang.defang
> Jan 13 15:45:55 glue01 mimedefang.pl[23502]: E827922134F: lstat(/var/spool/MIMEDefang/mdefang-GlbJT07) errno 0 => 40700, defang.defang
>
> mimedefang isn't creating the work-items as group readable/searchable in /var/spool/MIMEDefang/ ...
More information about the MIMEDefang
mailing list