[CentOS] permission problems with avamis and Centos 6.3

Mon Jan 28 16:31:01 UTC 2013
Robert Moskowitz <rgm at htt-consult.com>

On 01/24/2013 02:22 PM, Rob wrote:
>
> On 24.01.2013, at 19:15, Robert Moskowitz <rgm at htt-consult.com> wrote:
>
>> Thank you for your suggestion, but it did not fix the permissions problem.
>>
>> On 01/24/2013 10:13 AM, Rob wrote:
>>> usermod -a -G amavis clam
>> How is this different from:
>>
>> gpasswd -a clam amavis
>>
>> And I am still getting the permissions error.
>>
>>> service clamd restart
>>>
>>> be happy
>>>
>>> On 24.01.2013, at 04:16, Robert Moskowitz <rgm at htt-consult.com> wrote:
>>>
>>>> I am trying to follow:
>>>>
>>>> http://wiki.centos.org/HowTos/Amavisd
>>>>
>>>> Which seems to really be written for Centos 5, with just some selinux
>>>> references for Centos 6.  There are real problems here for Centos 6 with
>>>> the userids section.
>>>>
>>>> It gives the following command and result:
>>>>
>>>> cat /etc/passwd | grep "amavis\|clamav"
>>>> clamav:x:101:102:Clam Anti Virus Checker:/var/clamav:/sbin/nologin
>>>> amavis:x:102:103:Amavis email scan user:/var/amavis:/bin/sh
>>>>
>>>> But my Centos 6.3 has:
>>>>
>>>> clam:x:494:490:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin
>>>> amavis:x:493:489::/var/spool/amavisd:/sbin/nologin
>>>>
>>>> Note the difference in userid clam instead of clamav.  So this causes
>>>> problems with the group recommendation:
>>>>
>>>> In addition, the clamav user should automatically have been added to the
>>>> amavis group:
>>>>
>>>> # groups clamav
>>>> clamav : clamav amavis
>>>>
>>>> If not, you can manually add clamav to the amavis group:
>>>>
>>>> gpasswd -a clamav amavis
>>>>
>>>>
>>>> so I did:
>>>>
>>>> gpasswd -a clam amavis
>>>>
>>>>
>>>> So far, it seems just changing what userid is now used by clamav...
>>>>
>>>> But in testing for spam I see the following in /var/log/maillog
>>>>
>>>> Jan 23 15:56:17 test1 amavis[25669]: (25669-01) (!)run_av (ClamAV-clamd)
>>>> FAILED - unexpected ,
>>>> output="/var/spool/amavisd/tmp/amavis-20130123T155617-25669/parts:
>>>> lstat() failed: Permission denied. ERROR\n"
>>>>
>>>> I checked this directory tree and all along the tree the permissions are
>>>> to amavis:amavis
>>>>
>>>> So where is my permission problem?
>>>>
>>>>
>>>> _______________________________________________
>>>> CentOS mailing list
>>>> CentOS at centos.org
>>>> http://lists.centos.org/mailman/listinfo/centos
>>> _______________________________________________
>>> CentOS mailing list
>>> CentOS at centos.org
>>> http://lists.centos.org/mailman/listinfo/centos
> What are the permission for /var/spool/amavisd.

amavis:amavis

>
> Did you try:
> service clam stop
> service clam start
> Instead of:
> restart?   (it is not the same)

Does boot count?  ;)

Yes this was from a clean boot.  And I just powered up the system again 
today and it repeated the permissions problem.

>