Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 18 May 2008 13:59:07 +1000
From:      Adrian Thearle <adrian@thearle.com.au>
Cc:        ports@freebsd.org, garga@FreeBSD.org
Subject:   Re: FreeBSD Port: clamav-0.93
Message-ID:  <482FA98B.5010604@thearle.com.au>
In-Reply-To: <20080518015625.GX7468@bunrab.catwhisker.org>
References:  <482F89FA.4090408@thearle.com.au> <20080518015625.GX7468@bunrab.catwhisker.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
This is a multi-part message in MIME format.
--------------040604090309020201060908
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

Attached is an updated unified diff

Looks like sendmail works with the default set of permission on the socket.
Is your sendmail running as root? Perhaps that's how it can access the 
socket...

I run postfix under the postfix user. To get the clamav-milter to work, 
i need to change the owner of the socket to postfix so that it has write 
access to the file.
unless anyone else out there knows of a configuration option i don't... 
(I guess I could run clam totally as the postfix user...)

Cheers
Adrian


David Wolfskill wrote:
> On Sun, May 18, 2008 at 11:44:26AM +1000, Adrian Thearle wrote:
>   
>> Hi
>>
>> I have made a change to the clamav-milter startup script that helps with 
>> permissions on the socket.
>> I use postfix, not sure of sendmails requirements, but the socket needs 
>> to be writeable by the postfix user. The attached patch adds three 
>> variables that can be used to change the permissions and owner of the 
>> socket. I checked for this functionality within clam itself, but could 
>> not find an option.
>>
>> This is similar to the way spamass-milter does it.
>>     
>
> Well, I use sendmail and clamav-milter; the following reflects what I
> have & use:
>
> janus(6.3-S)[14] ls -l /var/run/clamav/
> total 4
> -rw-rw----  1 clamav  clamav  6 May 15 20:38 clamav-milter.pid
> srwxrwxrwx  1 clamav  clamav  0 May 15 20:38 clamd
> -rw-rw----  1 clamav  clamav  5 May 15 20:38 clamd.pid
> srwxr-xr-x  1 clamav  clamav  0 May 15 20:38 clmilter.sock
> janus(6.3-S)[15] grep clam /etc/rc.conf 
> clamav_clamd_enable="YES"
> clamav_milter_enable="YES"
> # See clamav-milter(1) for flags
> clamav_milter_flags="--noxheader -q -l --max-children=8"
> janus(6.3-S)[16] 
>
> As for patches, I suggest that you create either context (-c) or uni-
> (-u) diffs.
>
> Peace,
> david
>   

--------------040604090309020201060908
Content-Type: text/x-diff;
 name="clamav-milter.in.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="clamav-milter.in.diff"

--- clamav-milter.in	2007-08-14 11:14:06.000000000 +0000
+++ clamav-milter.in.new	2008-05-18 11:45:43.000000000 +0000
@@ -27,6 +27,13 @@
 required_files=%%PREFIX%%/etc/clamd.conf
 
 start_precmd=start_precmd
+start_postcmd=start_postcmd
+
+start_postcmd()
+{
+	/usr/sbin/chown ${clamav_milter_socket_owner}:${clamav_milter_socket_group} ${clamav_milter_socket}
+	/bin/chmod ${clamav_milter_socket_mode} ${clamav_milter_socket}
+}
 
 start_precmd()
 {
@@ -62,6 +69,9 @@
 : ${clamav_milter_socket="%%CLAMAV_MILTER_SOCKET%%"}
 : ${clamav_milter_flags="--postmaster-only --local --outgoing --timeout=0 --max-children=50"}
 : ${clamav_milter_socktimeout="60"}
+: ${clamav_milter_socket_owner="clamav"}
+: ${clamav_milter_socket_group="clamav"}
+: ${clamav_milter_socket_mode="755"}
 
 : ${clamav_clamd_socket="%%CLAMAV_CLAMD_SOCKET%%"}
 : ${clamav_clamd_enable="NO"}

--------------040604090309020201060908--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?482FA98B.5010604>