-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/9/2014 8:37 AM, Kevin A. McGrail wrote: > On 10/9/2014 10:28 AM, Cliff Hayes wrote: >> Thanks to this list I am making progress :) Now clamd is failing >> due to this... Wed Oct 8 16:32:20 2014 -> WARNING: lstat() >> failed on: /var/spool/MIMEDefang/mdefang-s98LWK78002037/Work >> ...I'm assuming this is because the mimedefang working directory >> is owned by defang and clamd runs as clamav. I fixed by running >> clamd as root ... is this the preferred solution or is there a >> better way? > In general, you don't want daemons running as privileged users. > > I run clamd as the same user as I run MD and that would be my > recommendation as well.
If you're building clamav from source that's pretty easily maintained, but if you're using clamav from one of the third-party repositories I like to mess with it as little as possible (so that it doesn't get broken on version updates) and instead do a little more upfront configuration with MD. The RPMForge clamav packages use clamav.clamav, so I do the following: 1. Add the clamav user to the defang group; 2. Make sure that "AllowSupplementaryGroups yes" line exists in clamd.conf; 3. Change mode for MD spool directory (on tmpfs of course) to 750; 4. Configure MD to create group readable working files (-G option to multiplexor); 5. Tweak other MD settings as necessary (location of clamd.sock, etc.) - -- Nels Lindquist <[email protected]> -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (MingW32) iEYEARECAAYFAlQ2uTMACgkQh6z5POoOLgTQ7gCfcTy7STyd7DnCN69QLV0bF5kw lZEAniMntSg+spQ3yoJpXJ3M2oQj+g5/ =tZ5N -----END PGP SIGNATURE----- _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
