[Mimedefang] Clamd permissions on Centos with mimedefang

[Paul Murphy]

Philip,

I think it is the other way round - your MD process is running as
"defang", which has no permissions on the clamav socket.

Paul.

-----Original Message-----
From: mimedefang-bounces at lists.roaringpenguin.com
[mailto:mimedefang-bounces at lists.roaringpenguin.com] On Behalf Of Philip
Prindeville
Sent: 13 January 2012 19:21
To: mimedefang at lists.roaringpenguin.com
Subject: [Mimedefang] Clamd permissions on Centos with mimedefang

I'm seeing the following message:

Jan 12 15:50:38 glue01 mimedefang.pl[9415]: 84D7D22131D: Clamd returned
error: lstat() failed: Permission denied.

and I'm not sure why. I have the following clamd config:

LogFile /var/log/clamav/clamd.log
LogFileMaxSize 0
LogTime yes
LogSyslog yes
ExtendedDetectionInfo yes
PidFile /var/run/clamav/clamd.pid
TemporaryDirectory /var/tmp
DatabaseDirectory /var/lib/clamav
LocalSocket /var/run/clamav/clamd.sock
FixStaleSocket yes
MaxConnectionQueueLength 30
MaxThreads 50
ReadTimeout 300
User clam
AllowSupplementaryGroups yes
ScanPE yes
ScanELF yes
DetectBrokenExecutables yes
ScanOLE2 yes
ScanMail yes
ScanArchive yes
ArchiveBlockEncrypted no


I have the following group memberships:

uid=89(postfix) gid=89(postfix) groups=89(postfix),12(mail),494(defang)
uid=496(defang) gid=494(defang) groups=494(defang)
uid=497(clam) gid=495(clam) groups=495(clam),494(defang)

what is failing and why?  And since clamd is in the defang group, why
doesn't it have access to the message?

Any ideas?

Thanks,

-Philip
_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list MIMEDefang at lists.roaringpenguin.com
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang



------------
Scanned by MIMEDefang - q0DJTHn7030215