Clamav issue with The Perfect SpamSnake - Ubuntu Jeos 9.10
I have been following the The Perfect SpamSnake - Ubuntu Jeos 9.10 how to and have got to the point of where MailScanner and Postfix are configured and running. I get the following error every time the server handles a piece of mail:
Apr 28 12:44:24 ubuntufirewall MailScanner: Clamd::ERROR:: UNKNOWN CLAMD RETURN ./lstat() failed: Permission denied. ERROR :: /var/spool/MailScanner/incoming/2208
Apr 28 12:44:24 ubuntufirewall MailScanner: Virus Scanning: Clamd found 1 infections
Apr 28 12:44:24 ubuntufirewall MailScanner: Virus Scanning: Found 1 viruses
Here are the permissions on /var/spool/MailScanner/
drwxr-xr-x 9 postfix www-data 4096 2010-04-28 12:44 incoming
drwxr-xr-x 3 postfix www-data 4096 2010-04-28 12:05 quarantine
drwxr-xr-x 2 postfix www-data 4096 2010-04-28 12:05 spamassassin
Here are the permissions on /var/spool/MailScanner/incomming
drwxr-x--- 2 postfix www-data 4096 2010-04-28 12:43 2193
drwxr-x--- 2 postfix www-data 4096 2010-04-28 12:44 2199
drwxr-x--- 2 postfix www-data 4096 2010-04-28 12:44 2202
drwxr-x--- 2 postfix www-data 4096 2010-04-28 12:44 2205
drwxr-x--- 2 postfix www-data 4096 2010-04-28 12:44 2208
drwxr-x--- 2 postfix www-data 4096 2010-04-28 12:43 Locks
-rw------- 1 postfix www-data 4096 2010-04-28 12:44 Processing.db
-rw------- 1 postfix www-data 10240 2010-04-28 12:44 SpamAssassin.cache.db
drwx------ 2 postfix www-data 4096 2010-04-28 12:44 SpamAssassin-Temp
I also get a warning message in /var/log/clamav/clamav.log
Wed Apr 28 12:44:24 2010 -> WARNING: lstat() failed on: /var/spool/MailScanner/incoming/2208
/opt/MailScanner/etc/MailScanner.conf is set as per the how to. Where
Incoming Work Group = clamav
Incoming Work Permissions = 0640
/etc/clamav/clamd.conf is configured with
To try and fix the problem I have
Added clamav to the postfix group: postfix:x:115:clamav
Added the following line to /etc/apparmor.d/usr.sbin.clamd:
Try the following:
usermod -a -G postfix clamav
Verify 'AllowSupplementaryGroups yes' is set in clamd.conf
Let me know if that worked and i'll update the guide.
I ran usermod -a -G postfix clamav and Verified 'AllowSupplementaryGroups tRue' in the clamav.conf. I still received the error.
I should have mentioned in the original post i am using Ubuntu Server 9.10 AMD64. I am not sure if that would make a difference but thought I should mention it.
OK it looks like I have got it fixed.
First I removed Apparmor - I am sure there is a way to modify the profile to get it to go but i couldn't figure it out. I could leave apparmor installed and put the clamav profile in complain mode and it worked as well.
Second I added clamav to the www-data group. Which now that I am looking back at the permissions I posted for the /var/spool/MailScanner/incoming directory makes perfect sense.
Thanks for your help..i am off to finish the how to.
Just to Add to Maxum's post I did the following which ridded me of the dreaded Clam error:
1. clamd is located in
After that I reload ALL the Apparmor profiles (it was easier at the time to find that than find how to reload just one).
Hope this helps.
Good addition. I take it that you didn't remove apparmor? This is good for those who prefer to use it.
No, I didn't, I didn't see any point in removing it plus it just means my system that that bit more secure! Though I could be wrong as I am no Genius when it comes to Linux.
Thanks! That was bugging me, I chose the keep apparmor route as well.
|All times are GMT +2. The time now is 17:39.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.