Centos 7 + Postfix + clamd at scan

Tracy Greggs mailscanner-list at okla.com
Mon Oct 9 19:01:08 UTC 2017 

So what can be done about clamd at scan service creating /var/run/clamd.scan folder as follows:

drwx--x---   2 clamscan       mtagroup         80 Oct  7 16:07 clamd.scan

The group permissions is creates the folder with are clearly a problem.

Thanks :)

Tracy


-----Original Message-----
From: MailScanner [mailto:mailscanner-bounces+mailscanner-list=okla.com at lists.mailscanner.info] On Behalf Of Mark Sapiro
Sent: Saturday, October 7, 2017 1:59 PM
To: mailscanner at lists.mailscanner.info
Subject: Re: Centos 7 + Postfix + clamd at scan

On 10/07/2017 11:40 AM, Shawn Iverson wrote:
> Is clamscan a member of the mtagroup group?


I don't think that's exactly the issue.


> On Sat, Oct 7, 2017 at 2:37 PM, Tracy Greggs <mailscanner-list at okla.com> wrote:
>
...
>
>     [root at test ~]# ls -la /var/run/clamd.scan/
>     total 4
>     drwx--x---  2 clamscan clamscan   80 Oct  7 13:25 .
>     drwxr-xr-x 41 root     root     1260 Oct  7 13:26 ..
>     -rw-rw-r--  1 clamscan clamscan    6 Oct  7 13:25 clamd.pid
>     srw-rw-rw-  1 clamscan clamscan    0 Oct  7 13:25 clamd.sock


The issue here is only the clamscan user or group can access clamd.pid and clamd.sock and the group and MailScanner is not running as that user or group.


>     [root at test ~]# cat /etc/group | grep clam
>     clamupdate:x:984:
>     virusgroup:x:983:clamupdate,clamscan,postfix
>     mtagroup:x:1002:postfix,mail,clamscan
>     clamscan:x:982:


What you want is the user/group of /var/run/clamd.scan to be mtagroup, not clamscan. What you need is

LocalSocketGroup mtagroup

in /etc/clamav/clamd.conf

--
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan


--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list