Owner/group/perms on /var/spool/MailScanner keep clamav from scanning
mailinglist at mindconnect.nl
Tue Nov 20 11:55:31 GMT 2012
In MailScanner.conf, I can set the user/group under which MailScanner
should do it's work. I'm using Postfix, which is running as user
postfix, so this is set to:
Run As User = postfix
Run As Group = postfix
Then I can set the path, user, group and permissions for the Work Dir. I
use clamav with user clamav for clamscan and clamdscan, so I set this to:
Incoming Work Dir = /var/spool/MailScanner/incoming
Incoming Work User = (empty so this is postfix, taken from Run As User)
Incoming Work Group = clamav
Incoming Work Permissions = 0640
This is as suggested in de configuration. In addition I also needed to
adjust my apparmor configuration to allow clamav to scan in that directory.
Now the problem I have doesn't seem related to the permissions for the
Work Dir, but to a higher directory. Every time MailScanner is
restarted, it (re)sets to owner for /var/spool/MailScanner to
postfix:postfix. The permissions on this dir are 640, not allowing the
user clamav entry to the lower /var/spool/MailScanner/incoming.
If /var/spool/MailScanner is postfix:clamav, all works fine.
Should the permissions on /var/spool/MailScanner be 640, and if so, how
can the suggested settings work combined with the reset of the
permissions on the higher directory?
This is on Ubuntu 10.04 with a recent MailScanner .deb from Baruwa.
More information about the MailScanner