Howdy, I'm running qmail-scanner 1.25 with sophie 3.04 and libsavi 3.95.0. After a few hours of debugging I've determined that qmail-scanner is writing the files in /var/spool/qmailscan/tmp as the wrong user. I've properly set up suidperl and and qmail-scanner-queue.pl to the proper suid permissions, ie:
chown qscand:qscand /var/qmail/bin/qmail-scanner-queue.pl chmod 4755 /var/qmail/bin/qmail-scanner-queue.pl I also have sophie configured to run as user qscand:qscand. With all of this the files being written to /var/spool/qmailscan/tmp are written as root, therefore sophie gets a permission denied: Sophie IDE : Sophos IDE version 3.95 (detects 106742 viruses) SAVI config : /etc/sophie.savi Max processes : 25 Socket path : /var/spool/qmailscan/sophie Umask : 7 PID file : /var/spool/qmailscan/run/sophie.pid Timeout : 300 seconds Running as user : qscand Socket group : qscand Logname : sophie Log facility : 16 (mail) Log priority : 5 (notice) Error strings? : yes Timestamps? : no Show virus name? : yes Callbacks? : yes limit_classif : 10 limit_nextfile : 10000 limit_decompr : 1000 socket_check : yes Sophie version : 3.04 NOTICE : accept() set, scan type [1] /DEBUG,10530/ NOTICE : Current PROC_COUNT is '0' /DEBUG,10565/ NOTICE : Cleared buf using memset() /DEBUG,10565/ NOTICE : read 69 bytes from socket /DEBUG,10565/ NOTICE : Read: '/var/spool/qmailscan/tmp/relay1-nyc.tsysprepaid.net112066418549310560' /DEBUG,10565/ WARNING : Could not open dir (/var/spool/qmailscan/tmp/relay1-nyc.tsysprepaid.net112066418549310560) NOTICE : Response is '-1:opendir() failed for '/var/spool/qmailscan/tmp/relay1-nyc.tsysprepaid.net112066418549310560' (Permission denied)' /DEBUG,10565/ NOTICE : Response '-1:opendir() failed for '/var/spool/qmailscan/tmp/relay1-nyc.tsysprepaid.net112066418549310560' (Permission denied)' sent /DEBUG,10565/ NOTICE : Alarm (300) set /DEBUG,10565/ NOTICE : fork()ed a child - everything seems ok /DEBUG,10530/ NOTICE : Child finished /DEBUG,10565/ If I configure sophie to run as user root everything works, however this is a suboptimal configuration. I've also tried using the c wrapper with the same results. Any tips are appreciated! Thanks, Chris ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ Qmail-scanner-general mailing list Qmail-scanner-general@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
