Centos 7 + Postfix + clamd at scan

Tracy Greggs mailscanner-list at okla.com
Mon Oct 9 19:54:12 UTC 2017 

The file on Centos7 is /usr/lib/tmpfiles.d/clamd.scan.conf

So I did this:

echo "d /var/run/clamd.scan 0750 clamscan mtagroup -" > /usr/lib/tmpfiles.d/clamd.scan.conf

Rebooted the vm to make sure and it resolved the issue and it did, thanks for your assistance Shawn :)

Tracy


From: MailScanner [mailto:mailscanner-bounces+mailscanner-list=okla.com at lists.mailscanner.info] On Behalf Of Shawn Iverson
Sent: Monday, October 9, 2017 2:46 PM
To: MailScanner Discussion
Subject: RE: Centos 7 + Postfix + clamd at scan

What happens if you create a tmpfiles.d config like the one I shared?

On Oct 9, 2017 3:38 PM, "Tracy Greggs" <mailscanner-list at okla.com> wrote:
When the VM is rebooted, it re-creates /var/run/clamd.scan/

drwx--x---   2 clamscan       clamscan         80 Oct  9 14:34 clamd.scan



From: MailScanner [mailto:mailscanner-bounces+mailscanner-list=okla.com at lists.mailscanner.info] On Behalf Of Shawn Iverson
Sent: Monday, October 9, 2017 2:13 PM
To: MailScanner Discussion

Subject: Re: Centos 7 + Postfix + clamd at scan

Wait, that's a directory, my bad.  socket would be inside.

On Mon, Oct 9, 2017 at 3:11 PM, Shawn Iverson <iversons at rushville.k12.in.us> wrote:
There is no rw on the socket for the mtagroup.

On Mon, Oct 9, 2017 at 3:10 PM, Mark Sapiro <mark at msapiro.net> wrote:
On 10/09/2017 12:01 PM, Tracy Greggs wrote:
> So what can be done about clamd at scan service creating /var/run/clamd.scan folder as follows:
>
> drwx--x---   2 clamscan       mtagroup         80 Oct  7 16:07 clamd.scan
>
> The group permissions is creates the folder with are clearly a problem.


Why is this a problem?

If MailScanner is running as a member of the mtagroup group, it can
search that directory for the /var/run/clamd.scan/clamd.sock socket and
as long as it has rw permission on the socket, there should be no problem.

--
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan


--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner




--
Shawn Iverson, CETL
Director of Technology
Rush County Schools
765-932-3901 x271
iversons at rushville.k12.in.us






--
Shawn Iverson, CETL
Director of Technology
Rush County Schools
765-932-3901 x271
iversons at rushville.k12.in.us



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


Virus-free. www.avast.com

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



--
MailScanner mailing list
mailscanner at lists.mailscanner.info
http://lists.mailscanner.info/mailman/listinfo/mailscanner



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


---
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the MailScanner mailing list