Centos 7 + Postfix + clamd at scan

Shawn Iverson iversons at rushville.k12.in.us
Mon Oct 9 19:06:51 UTC 2017


Checking my notes...

I have this, but I'm haven't gotten very deep into CentOS7 clam yet.

echo "d /var/run/clamd.scan 0750 clamupdate matgroup -" >
/usr/lib/tmpfiles.d/clamd.conf

It is weird looking to me, but it is in my notes.

On Mon, Oct 9, 2017 at 3:01 PM, Tracy Greggs <mailscanner-list at okla.com>
wrote:

> So what can be done about clamd at scan service creating /var/run/clamd.scan
> folder as follows:
>
> drwx--x---   2 clamscan       mtagroup         80 Oct  7 16:07 clamd.scan
>
> The group permissions is creates the folder with are clearly a problem.
>
> Thanks :)
>
> Tracy
>
>
> -----Original Message-----
> From: MailScanner [mailto:mailscanner-bounces+mailscanner-list=okla.com@
> lists.mailscanner.info] On Behalf Of Mark Sapiro
> Sent: Saturday, October 7, 2017 1:59 PM
> To: mailscanner at lists.mailscanner.info
> Subject: Re: Centos 7 + Postfix + clamd at scan
>
> On 10/07/2017 11:40 AM, Shawn Iverson wrote:
> > Is clamscan a member of the mtagroup group?
>
>
> I don't think that's exactly the issue.
>
>
> > On Sat, Oct 7, 2017 at 2:37 PM, Tracy Greggs <mailscanner-list at okla.com>
> wrote:
> >
> ...
> >
> >     [root at test ~]# ls -la /var/run/clamd.scan/
> >     total 4
> >     drwx--x---  2 clamscan clamscan   80 Oct  7 13:25 .
> >     drwxr-xr-x 41 root     root     1260 Oct  7 13:26 ..
> >     -rw-rw-r--  1 clamscan clamscan    6 Oct  7 13:25 clamd.pid
> >     srw-rw-rw-  1 clamscan clamscan    0 Oct  7 13:25 clamd.sock
>
>
> The issue here is only the clamscan user or group can access clamd.pid and
> clamd.sock and the group and MailScanner is not running as that user or
> group.
>
>
> >     [root at test ~]# cat /etc/group | grep clam
> >     clamupdate:x:984:
> >     virusgroup:x:983:clamupdate,clamscan,postfix
> >     mtagroup:x:1002:postfix,mail,clamscan
> >     clamscan:x:982:
>
>
> What you want is the user/group of /var/run/clamd.scan to be mtagroup, not
> clamscan. What you need is
>
> LocalSocketGroup mtagroup
>
> in /etc/clamav/clamd.conf
>
> --
> Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
> San Francisco Bay Area, California    better use your sense - B. Dylan
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>
>
> ---
> This email has been checked for viruses by Avast antivirus software.
> https://www.avast.com/antivirus
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>
>
> --
> MailScanner mailing list
> mailscanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
>


-- 
Shawn Iverson, CETL
Director of Technology
Rush County Schools
765-932-3901 x271
iversons at rushville.k12.in.us
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mailscanner.info/pipermail/mailscanner/attachments/20171009/32815397/attachment.html>


More information about the MailScanner mailing list