Re: [Clamav-users] Permission denied when sending notifications

[George Chelidze]

Hello,
Jose Gervasio Gomiz wrote:
Hi everyone.
 
I'm using clamd/clamav-milter 0.80 + Sendmail 8.12.11-4.6 on Fedora Core 2.
 
I have "--postmaster-only" in /etc/sysconfig/clamav-milter, because I 
need to get email notifications when a virus is found.
 
The problem is that notifications fail. Extract from /var/log/maillog:
Nov  8 14:03:31 mail sendmail[21690]: NOQUEUE: SYSERR(clamav): can not 
chdir(/var/spool/clientmqueue/): Permission denied
ls -l /usr/sbin/sendmail
mine is:
-r-xr-sr-x    1 root     smmsp      661621 Nov  3 11:37 /usr/sbin/sendmail
I dought you don't have SGID turned on.
Permissions:
/etc/mail/:
-rw-r--r--  1 root root 58156 Nov  8 15:14 sendmail.cf
-r--r--r--   1 root root 39181 Nov  8 15:13 submit.cf
-rw-r--r--  1 root root    127 Nov  8 15:14 trusted-users
/var/spool/:
drwxrwx---  2 smmsp  smmsp   12288 Nov  8 15:11 clientmqueue
drwxrwxr-x  2 root       mail         4096 Nov  8 15:37 mail
 
Users:
uid=46(clamav) gid=46(clamav) groups=46(clamav)
uid=51(smmsp) gid=51(smmsp) groups=51(smmsp)
 
Processes:
root         23999  0.0  1.1   7948 2860 ?        S    15:14   0:00 
sendmail: accepting connections
smmsp    24008  0.0  0.9   6308 2408 ?        S    15:14   0:00 
sendmail: Queue [EMAIL PROTECTED]:00:00 <mailto:[EMAIL PROTECTED]:00:00> for 
/var/spool/clientmqueue
clamav     23570  0.0  2.3 20092 6036 ?        S    15:09   0:00 
/usr/sbin/clamd
clamav     23582  0.0  0.5 37784 1508 ?        S    15:09   0:00 
/usr/sbin/clamav-milter --dont-wait --force-scan --dont-log-clean 
--server=localhost --postmaster=postmaster --postmaster-only 
--pidfile=/var/run/clamav/clamav-milter.pid 
local:/var/run/clamav/clamav-milter.sock
 
I know that user clamav (uid 46) can't write or chdir to 
/var/spool/clientmqueue in this setup.
 
I've tried:
User clamav in /etc/mail/sendmail.cf "Trusted users" section? Doesn't work.
User clamav in /etc/mail/submit.cf "Trusted users" section? Doesn't work.
User clamav in /etc/mail/trusted-users file? Doesn't work.
Adding clamav to smmsp group? Doesn't work.
Changing /var/spool/clientmqueue permissions/ownership? Not recommended.
Running clamd as user smmsp? clamav-milter fails to start.
 
Which is the correct way to do it?
 
Thanks in advance!
 
 
Jose G. Gomiz
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
Administrador Area Internet
Compel SRL
 

------------------------------------------------------------------------
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Best Regards,
--
George Chelidze
_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users