On 01/24/2013 02:48 PM, Daniel J Walsh wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 01/24/2013 01:15 PM, Robert Moskowitz wrote: >> Thank you for your suggestion, but it did not fix the permissions problem. >> >> On 01/24/2013 10:13 AM, Rob wrote: >>> usermod -a -G amavis clam >> How is this different from: >> >> gpasswd -a clam amavis >> >> And I am still getting the permissions error. >> >>> service clamd restart >>> >>> be happy >>> >>> On 24.01.2013, at 04:16, Robert Moskowitz <rgm at htt-consult.com> wrote: >>> >>>> I am trying to follow: >>>> >>>> http://wiki.centos.org/HowTos/Amavisd >>>> >>>> Which seems to really be written for Centos 5, with just some selinux >>>> references for Centos 6. There are real problems here for Centos 6 >>>> with the userids section. >>>> >>>> It gives the following command and result: >>>> >>>> cat /etc/passwd | grep "amavis\|clamav" clamav:x:101:102:Clam Anti >>>> Virus Checker:/var/clamav:/sbin/nologin amavis:x:102:103:Amavis email >>>> scan user:/var/amavis:/bin/sh >>>> >>>> But my Centos 6.3 has: >>>> >>>> clam:x:494:490:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin >>>> amavis:x:493:489::/var/spool/amavisd:/sbin/nologin >>>> >>>> Note the difference in userid clam instead of clamav. So this causes >>>> problems with the group recommendation: >>>> >>>> In addition, the clamav user should automatically have been added to >>>> the amavis group: >>>> >>>> # groups clamav clamav : clamav amavis >>>> >>>> If not, you can manually add clamav to the amavis group: >>>> >>>> gpasswd -a clamav amavis >>>> >>>> >>>> so I did: >>>> >>>> gpasswd -a clam amavis >>>> >>>> >>>> So far, it seems just changing what userid is now used by clamav... >>>> >>>> But in testing for spam I see the following in /var/log/maillog >>>> >>>> Jan 23 15:56:17 test1 amavis[25669]: (25669-01) (!)run_av >>>> (ClamAV-clamd) FAILED - unexpected , >>>> output="/var/spool/amavisd/tmp/amavis-20130123T155617-25669/parts: >>>> lstat() failed: Permission denied. ERROR\n" >>>> >>>> I checked this directory tree and all along the tree the permissions >>>> are to amavis:amavis >>>> >>>> So where is my permission problem? >>>> >>>> >>>> _______________________________________________ CentOS mailing list >>>> CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos >>> _______________________________________________ CentOS mailing list >>> CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos >>> >> _______________________________________________ CentOS mailing list >> CentOS at centos.org http://lists.centos.org/mailman/listinfo/centos >> > Can you attach the AVC messages from audit log. > > ausearch -m avc -ts recent Back home and booted up test system (thus no questions about clamav state): ---- time->Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.446:25): arch=40000003 syscall=5 success=yes exit=3 a0=92de9d8 a1=98800 a2=92de9d8 a3=92ba620 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm="clamscan" exe="/usr/bin/clamscan" subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.446:25): avc: denied { read } for pid=3045 comm="clamscan" name="parts" dev=dm-0 ino=2624185 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir ---- time->Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.490:26): arch=40000003 syscall=39 success=yes exit=0 a0=92e64f8 a1=1c0 a2=a36cd8 a3=92e64f8 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm="clamscan" exe="/usr/bin/clamscan" subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.490:26): avc: denied { create } for pid=3045 comm="clamscan" name="clamav-add5fee27e737080ac3907505396eca9" scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir type=AVC msg=audit(1359389906.490:26): avc: denied { add_name } for pid=3045 comm="clamscan" name="clamav-add5fee27e737080ac3907505396eca9" scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir type=AVC msg=audit(1359389906.490:26): avc: denied { write } for pid=3045 comm="clamscan" name="tmp" dev=dm-0 ino=2624119 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir ---- time->Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.528:27): arch=40000003 syscall=5 success=yes exit=5 a0=92f1810 a1=2c2 a2=1c0 a3=bfdb5d2c items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm="clamscan" exe="/usr/bin/clamscan" subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.528:27): avc: denied { write } for pid=3045 comm="clamscan" name="clamav-308541af5e7a69c500ba0757a9644b91" dev=dm-0 ino=2753728 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=file type=AVC msg=audit(1359389906.528:27): avc: denied { create } for pid=3045 comm="clamscan" name="clamav-308541af5e7a69c500ba0757a9644b91" scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=file ---- time->Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.529:28): arch=40000003 syscall=15 success=yes exit=0 a0=92e64f8 a1=1c0 a2=a36cd8 a3=92e64f8 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm="clamscan" exe="/usr/bin/clamscan" subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.529:28): avc: denied { setattr } for pid=3045 comm="clamscan" name="clamav-add5fee27e737080ac3907505396eca9" dev=dm-0 ino=2753586 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir ---- time->Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.529:29): arch=40000003 syscall=40 success=no exit=-39 a0=92e64f8 a1=5106a4d2 a2=a36cd8 a3=92fee08 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm="clamscan" exe="/usr/bin/clamscan" subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.529:29): avc: denied { rmdir } for pid=3045 comm="clamscan" name="clamav-add5fee27e737080ac3907505396eca9" dev=dm-0 ino=2753586 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir type=AVC msg=audit(1359389906.529:29): avc: denied { remove_name } for pid=3045 comm="clamscan" name="clamav-add5fee27e737080ac3907505396eca9" dev=dm-0 ino=2753586 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir ---- time->Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.529:30): arch=40000003 syscall=10 success=yes exit=0 a0=92f1910 a1=5106a4d2 a2=a36cd8 a3=92fee08 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm="clamscan" exe="/usr/bin/clamscan" subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.529:30): avc: denied { unlink } for pid=3045 comm="clamscan" name="clamav-fcdca25df759de4e1da6dab82a8439a5" dev=dm-0 ino=2753729 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=file Hope this helps!