[Clamav-users] Re: aliases.db Permission denied

[René Berber]

Sergey Yudin wrote:
[snip]
Hello Rene!
Hi!
let me post more logs
[snip]
Feb 15 13:49:17 <mail.info> astra sendmail[3467]: j1F8nFvV003467: Milter 
add: header: X-Virus-Scanned:
ClamAV version 0.83, clamav-milter version 0.83 on astra.ufa.iib.ru

Feb 15 13:49:17 <mail.info> astra sendmail[3467]: j1F8nFvV003467: Milter 
add: header: X-Virus-Status: Infected with Worm.SomeFool.P

===> Here Clamav is reporting a virus
Can you explain how clavav sends EMAIL ? via smtp:25 or running 
/usr/sbin/sendmail -t ?
Running sendmail -t -i -odq  or sendmail -t -i.  (I have no idea what 
the -i does)

by the way
sendmail has atrributes:
# ls -l /usr/sbin/sendmail
-r-xr-sr-x  1 root  smmsp  562348 Feb 11 22:03 /usr/sbin/sendmail
This looks good.
Press any key to continue...
Feb 15 13:49:17 <mail.info> astra sendmail[3469]: NOQUEUE: connect from 
[EMAIL PROTECTED]

Feb 15 13:49:17 <mail.crit> astra sendmail[3469]: j1F8nHog003469: 
SYSERR(clamav): Cannot open hash database /etc/mail/aliases.db: Permission denied
---------^^^^^^
sendmail running as user clamav (yes, this must be the sendmail -t which 
calmav-milter executed) can't access the alias database?

My aliases.db is "-rw-r-----   1 root     smmsp" so if sendmail has the 
sgid bit set correctly (as shown above) it should work.

Feb 15 13:49:17 <mail.info> astra sendmail[3469]: j1F8nHog003469: alias 
postmaster => root

Feb 15 13:49:17 <mail.info> astra sendmail[3469]: j1F8nHog003469: alias 
root => sergey
Feb 15 13:49:17 <mail.crit> astra sendmail[3469]: j1F8nHog003469: 
SYSERR(clamav): collect:
Cannot write ./dfj1F8nHog003469 (bfcommit, uid=121, gid=25): Permission 
denied
Probably the same problem, the same sendmail process can't create a file 
inside the sendmail queue because the permissions are "drwxr-x---   2 
root     bin".

Feb 15 13:49:17 <mail.info> astra sendmail[3469]: j1F8nHog003469: 
from=clamav, size=447,
class=0, nrcpts=2, [EMAIL PROTECTED]

Feb 15 13:49:17 <mail.debug> astra sendmail[3469]: j1F8nHog003469:   0: 
fl=0x2, mode=10000: FIFO:
dev=0/0, ino=0, nlink=0, u/gid=0/0, size=0
Feb 15 13:49:17 <mail.debug> astra sendmail[3469]: j1F8nHog003469:   1: 
fl=0x1, mode=20666: CHR:
dev=131/131072, ino=4499, nlink=1, u/gid=0/0, size=0
Feb 15 13:49:17 <mail.debug> astra sendmail[3469]: j1F8nHog003469:   2: 
fl=0x1, mode=20666: CHR:
dev=131/131072, ino=4499, nlink=1, u/gid=0/0, size=0
Feb 15 13:49:17 <mail.debug> astra sendmail[3469]: j1F8nHog003469:   3: 
fl=0x2, mode=140666:
SOCK [0]->[[UNIX: /var/run/log]]
Feb 15 13:49:17 <mail.debug> astra sendmail[3469]: j1F8nHog003469:   4: 
fl=0x1, mode=20666: CHR:
dev=131/131072, ino=4499, nlink=1, u/gid=0/0, size=0
Feb 15 13:49:17 <mail.alert> astra sendmail[3469]: j1F8nHog003469: 
SYSERR(clamav): queueup:
cannot create queue file ./qfj1F8nHog003469, euid=121, fd=-1, fp=0x0: 
Permission denied
Feb 15 13:49:17 <mail.info> astra sendmail[3467]: j1F8nFvV003467: 
Milter: data, reject=554
5.7.1 virus Worm.SomeFool.P detected by ClamAV - http://www.clamav.net
=========The end of the citation================
I don't know.  It's definitely a permissions problem, but I can't see 
what caused it.

Perhaps you could try the clamav-milter daemon without the --force-scan 
and --outgoing parameters.  Or use the --debug parameter, that way we 
could see what it executed.
--
Renà Berber

_______________________________________________
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users