[prev in list] [next in list] [prev in thread] [next in thread]
List: qmail-scanner-general
Subject: Re: [Qmail-scanner-general]clamdscan]
From: Jim Maul <jmaul () elih ! org>
Date: 2006-05-16 13:48:45
Message-ID: 4469D83D.3070901 () elih ! org
[Download RAW message or body]
Cristina Tanzi Tolenti wrote:
>>
>> Yeah, the solution is to have it correctly run as the clamav user. Did you
>> add clamav to the qscand group? Are the permissions of ALL directories clamav
>> uses owned by the clamav user (log files, database directory, etc..)?
>>
>> -Jim
>>
>>
>>
> Yes, I add clamav to qscand group (usermod -Gqscand clamav) and yes the
> permission of all directories of clamav are owned by clamav
>
> [root@mail root]# ls -alt /var/log/clamav/
> total 144
> -rw-r----- 1 clamav clamav 7268 May 16 15:15 freshclam.log
> -rw-r----- 1 clamav clamav 124490 May 16 15:12 clamd.log
> drwxr-xr-x 2 clamav clamav 4096 May 15 15:55 .
> drwxr-xr-x 6 root root 4096 May 15 15:50 ..
>
> [root@mail root]# ls -alt /usr/local/share/clamav/
> total 4500
> drwxrwxr-x 2 clamav clamav 4096 May 16 12:15 .
> -rw-r--r-- 1 clamav clamav 638838 May 16 12:15 daily.cvd
> -rw-rw-r-- 1 clamav clamav 3950054 Apr 21 22:15 main.cvd
> drwxr-xr-x 5 root root 4096 Jun 28 2004 ..
> [root@mail root]#
>
> [root@mail root]# ls -alt /var/run/clamav/
> total 12
> drwxr-xr-x 2 clamav clamav 4096 May 16 15:20 .
> -rw-rw---- 1 clamav clamav 5 May 16 15:20 clamd.pid
> drwxr-xr-x 8 root root 4096 May 16 07:04 ..
>
> If I run clamd as qscand, clamdscan works perfectly so I think qmail-scanner
> 2.01_ST_ didn't Change setuid to 6755
>
>
http://qmail-scanner.sourceforge.net/CHANGES
says:
Changed setuid to 6755 - ie it's now setuid and setgid. Forcing all
files to be group qscand will allow those who wish to do so to keep
their AV daemons running as other accounts. They just need to ensure
those daemons are members of the qscand group - and as such should be
able to read the necessary files.
e.g. clamd could run as "clamav", but as long as account "clamav" is a
member of group "qscand", clamd is able to read the mail enough to scan it.
But that is without the ST patch. I dont see why this ability would
have been removed with the patch so i really dont think thats the problem.
What are the permissions of /var/spool/qscan/ ?
-Jim
-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Qmail-scanner-general mailing list
Qmail-scanner-general@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic