https://bugzilla.novell.com/show_bug.cgi?id=826354 https://bugzilla.novell.com/show_bug.cgi?id=826354#c0 Summary: clamav: group and permissions of /var/spool/amavis conflicts with other av programms Classification: openSUSE Product: openSUSE 11.4 Version: Final Platform: x86-64 OS/Version: SLES 11 Status: NEW Severity: Normal Priority: P5 - None Component: Maintenance AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: stefan.jakobs@rus.uni-stuttgart.de QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:21.0) Gecko/20100101 Firefox/21.0 I'm referencing to: # rpm -q clamav clamav-0.97.8-0.2.1 The directory /var/spool/amavis has the following rights: # ls -ld /var/spool/amavis drwx------ 8 vscan root 4096 4. Jun 6 17:29 /var/spool/amavis This conflicts with other av scanners, like sophie. They need to access the files in /var/spool/amavis but doesn't run as the user vscan but in the group vscan.
From the INSTALL file in the amavisd-new sourceball: "Check or set the ownership and protection of the directories to be readable and writable by the chosen UID, and not writable by other non-privileged users; chown -R amavis:amavis /var/amavis chmod -R 750 /var/amavis "
I suggest to change the rights to 750 and make the group vscan, too. It will look like: drwxr-x--- 8 vscan vscan 4096 4. Jun 17:29 /var/spool/amavis Reproducible: Always Steps to Reproduce: 1. manually change permissons: # chgrp vscan /var/spool/amavis/ 2. # chmod 750 /var/spool/amavis/ 3. # ls -ld /var/spool/amavis/ drwxr-x--- 8 vscan vscan 4096 4. Jun 17:29 /var/spool/amavis/ 4. # zypper install --force clamav 5. # ls -ld /var/spool/amavis/ drwx------ 8 vscan root 4096 4. Jun 17:29 /var/spool/amavis/ Actual Results: Other av scanners will fail: amavis[22776]: (22776-03) (!)run_av (Sophie) FAILED - unexpected , output="-1:/var/spool/amavis/tmp/amavis-20130624T083714-22776-qr9FqnNd/parts/ (Permission denied)" amavis[22776]: (22776-03) (!)Sophie av-scanner FAILED: CODE(0x16a60d8) unexpected , output="-1:/var/spool/amavis/tmp/amavis-20130624T083714-22776-qr9FqnNd/parts/ (Permission denied)" at (eval 125) line 899, <GEN37> line 32. amavis[22776]: (22776-03) (!)WARN: all primary virus scanners failed, considering backups Expected Results: amavis[22807]: (22807-02) run_av (Sophie): /var/spool/amavis/tmp/amavis-20130624T091223-22807-fadhRZ8h/parts INFECTED: EICAR-AV-Test amavis[22807]: (22807-02) virus_scan: (EICAR-AV-Test), detected by 1 scanners: Sophie -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.