[Mimedefang] Fwd: Re: clamav vs clamd vs clamscan
Kees Theunissen
C.J.Theunissen at differ.nl
Thu Oct 9 14:36:05 EDT 2014
On Thu, 9 Oct 2014, Kevin A. McGrail wrote:
> On 10/9/2014 10:28 AM, Cliff Hayes wrote:
>> Thanks to this list I am making progress :)
>> Now clamd is failing due to this...
>> Wed Oct 8 16:32:20 2014 -> WARNING: lstat() failed on:
>> /var/spool/MIMEDefang/mdefang-s98LWK78002037/Work
>> ...I'm assuming this is because the mimedefang working directory is owned by
>> defang and clamd runs as clamav.
>> I fixed by running clamd as root ... is this the preferred solution or is
>> there a better way?
> In general, you don't want daemons running as privileged users.
>
> I run clamd as the same user as I run MD and that would be my recommendation as
> well.
On my systems (debian) I run mimedefang as user "defang" and
group "defang" while clamd is runing as user "clamav" and
group "clamav". I made the "clamav" user a menber of the
"defang" group so clamd can read the contents of subdirs
below /var/spool/MIMEDefang with group rights.
~# id defang
uid=108(defang) gid=110(defang) groups=110(defang)
~# id clamav
uid=107(clamav) gid=109(clamav) groups=110(defang),109(clamav)
Regards,
Kees Theunissen.
--
Kees Theunissen, System and network manager, Tel: +31 (0)30 6096724
Dutch Institute For Fundamental Energy Research (DIFFER)
e-mail address: C.J.Theunissen at differ.nl
postal address: PO Box 1207, 3430 BE Nieuwegein, NL
visitors address: Edisonbaan 14, 3439 MN Nieuwegein, NL
More information about the MIMEDefang
mailing list