Re: [Mimedefang] Fwd: Re: clamav vs clamd vs clamscan

Mon, 13 Oct 2014 14:10:23 -0700

Per other comments I removed all traces of previous clam installs and started over with binaries. 
Got clamd running as root and mimedefang running as defang - no problem.
But I'd like to run clamd as clamav so I did your idea and added defang to clamav as such: usermod -G defang clamav So now clamd is a member of two groups: clamav and defang but I still get the following error: 


Oct 13 15:53:47 sendmail mimedefang.pl[27449]: s9DKrlSJ027472: Clamd 
returned error: lstat() failed: Permission denied.



Oct 13 15:53:47 sendmail mimedefang.pl[27449]: s9DKrlSJ027472: Problem 
running virus scanner: code=999, category=swerr, action=tempfail



Mon Oct 13 15:53:47 2014 -> WARNING: lstat() failed on: 
/var/spool/MIMEDefang/mdefang-s9DKrlSJ027472/Work



On 10/9/2014 1:36 PM, Kees Theunissen wrote:

On Thu, 9 Oct 2014, Kevin A. McGrail wrote:


On 10/9/2014 10:28 AM, Cliff Hayes wrote:

Thanks to this list I am making progress :)
Now clamd is failing due to this...
Wed Oct  8 16:32:20 2014 -> WARNING: lstat() failed on:
/var/spool/MIMEDefang/mdefang-s98LWK78002037/Work
...I'm assuming this is because the mimedefang working directory is owned by
defang and clamd runs as clamav.
I fixed by running clamd as root ... is this the preferred solution or is
there a better way?

In general, you don't want daemons running as privileged users.

I run clamd as the same user as I run MD and that would be my recommendation as
well.


On my systems (debian) I run mimedefang as user "defang" and
group "defang" while clamd is runing as user "clamav" and
group "clamav". I made the "clamav" user a menber of the
"defang" group so clamd can read the contents of subdirs
below /var/spool/MIMEDefang with group rights.

~# id defang
uid=108(defang) gid=110(defang) groups=110(defang)
~# id clamav
uid=107(clamav) gid=109(clamav) groups=110(defang),109(clamav)




Regards,

Kees Theunissen.


_______________________________________________
NOTE: If there is a disclaimer or other legal boilerplate in the above
message, it is NULL AND VOID.  You may ignore it.

Visit http://www.mimedefang.org and http://www.roaringpenguin.com
MIMEDefang mailing list [email protected]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

























					Reply via email to