Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: ClamAV: users

Clamav packaging on Fedora

  

 
ClamAV users RSS feed   Index | Next | Previous | View Threaded


philipp_subx at redfish-solutions

Feb 27, 2012, 4:49 PM

Post #1 of 2 (380 views)
Permalink
Clamav packaging on Fedora
Hi.

I'm trying to figure out why the packaging on Fedora for clamav is so problematic, and what can be done to simplify things.

Following the latest (draft) directions that the clamav-server comes with, I've set things up as:


# cat /etc/tmpfiles.d/clamd.mimedefang.conf
d /var/run/clamd.mimedefang 0710 defang defang
# ls -ld /var/run/clamd.mimedefang/
drwx--x---. 2 defang defang 60 Feb 27 16:48 /var/run/clamd.mimedefang/
# cat /lib/systemd/system/clamd [at] mimedefang
[Unit]
Description = clamd scanner (%i) daemon
After = syslog.target nss-lookup.target network.target

[Service]
Type = simple
ExecStart = /usr/sbin/clamd -c /etc/clamd.d/%i.conf --nofork=yes
Restart = on-failure
PrivateTmp = true
# egrep '^[^#]' /etc/clamd.d/mimedefang.conf
LogFile /var/log/clamd.mimedefang
LogSyslog yes
LogFacility LOG_MAIL
ExtendedDetectionInfo yes
LocalSocket /var/run/clamd.mimedefang/scan.sock
LocalSocketMode 660
User defang
AllowSupplementaryGroups yes
# grep ClamdSock /etc/mail/mimedefang-filter
$ClamdSock = "/var/run/clamd.mimedefang/scan.sock";
# id clamscan
uid=488(clamscan) gid=473(clamscan) groups=473(clamscan)
# id defang
uid=491(defang) gid=478(defang) groups=478(defang)
#


but I still manage to see the following:

Feb 27 17:01:02 mail clamd[26580]: LibClamAV Error: cli_scanhtml: Can't create temporary directory /tmp/clamav-293c4b6ccd2f2904b61cb051fc92fb99
Feb 27 17:01:02 mail clamd[26580]: /var/spool/MIMEDefang/mdefang-q1S00uD0026813/Work/msg-26658-3.html: Can't create temporary directory ERROR
Feb 27 17:10:31 mail clamd[26580]: SelfCheck: Database status OK.
Feb 27 17:10:45 mail clamd[26580]: LibClamAV Error: cli_scanhtml: Can't create temporary directory /tmp/clamav-40cd21fa609116b32c9e4abf961df17e
Feb 27 17:10:45 mail clamd[26580]: /var/spool/MIMEDefang/mdefang-q1S0Aeo8026927/Work/msg-26658-11.html: Can't create temporary directory ERROR

since the directories being created are ephemeral, I don't get a chance to see what the actual file ownership, group, and permissions are.

Has anyone successfully set up mimedefang/clamav-server interaction on Fedora?

Thanks,

-Philip
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml


philipp_subx at redfish-solutions

Feb 27, 2012, 6:51 PM

Post #2 of 2 (365 views)
Permalink
Re: Clamav packaging on Fedora [In reply to]
Asked and answered. It turns out to be rooted here:

https://bugzilla.redhat.com/show_bug.cgi?id=790522

installing the test update build (koji) fixed the issue.


On 2/27/12 5:49 PM, Philip Prindeville wrote:
> Hi.
>
> I'm trying to figure out why the packaging on Fedora for clamav is so problematic, and what can be done to simplify things.
>
> Following the latest (draft) directions that the clamav-server comes with, I've set things up as:
>
>
> # cat /etc/tmpfiles.d/clamd.mimedefang.conf
> d /var/run/clamd.mimedefang 0710 defang defang
> # ls -ld /var/run/clamd.mimedefang/
> drwx--x---. 2 defang defang 60 Feb 27 16:48 /var/run/clamd.mimedefang/
> # cat /lib/systemd/system/clamd [at] mimedefang
> [Unit]
> Description = clamd scanner (%i) daemon
> After = syslog.target nss-lookup.target network.target
>
> [Service]
> Type = simple
> ExecStart = /usr/sbin/clamd -c /etc/clamd.d/%i.conf --nofork=yes
> Restart = on-failure
> PrivateTmp = true
> # egrep '^[^#]' /etc/clamd.d/mimedefang.conf
> LogFile /var/log/clamd.mimedefang
> LogSyslog yes
> LogFacility LOG_MAIL
> ExtendedDetectionInfo yes
> LocalSocket /var/run/clamd.mimedefang/scan.sock
> LocalSocketMode 660
> User defang
> AllowSupplementaryGroups yes
> # grep ClamdSock /etc/mail/mimedefang-filter
> $ClamdSock = "/var/run/clamd.mimedefang/scan.sock";
> # id clamscan
> uid=488(clamscan) gid=473(clamscan) groups=473(clamscan)
> # id defang
> uid=491(defang) gid=478(defang) groups=478(defang)
> #
>
>
> but I still manage to see the following:
>
> Feb 27 17:01:02 mail clamd[26580]: LibClamAV Error: cli_scanhtml: Can't create temporary directory /tmp/clamav-293c4b6ccd2f2904b61cb051fc92fb99
> Feb 27 17:01:02 mail clamd[26580]: /var/spool/MIMEDefang/mdefang-q1S00uD0026813/Work/msg-26658-3.html: Can't create temporary directory ERROR
> Feb 27 17:10:31 mail clamd[26580]: SelfCheck: Database status OK.
> Feb 27 17:10:45 mail clamd[26580]: LibClamAV Error: cli_scanhtml: Can't create temporary directory /tmp/clamav-40cd21fa609116b32c9e4abf961df17e
> Feb 27 17:10:45 mail clamd[26580]: /var/spool/MIMEDefang/mdefang-q1S0Aeo8026927/Work/msg-26658-11.html: Can't create temporary directory ERROR
>
> since the directories being created are ephemeral, I don't get a chance to see what the actual file ownership, group, and permissions are.
>
> Has anyone successfully set up mimedefang/clamav-server interaction on Fedora?
>
> Thanks,
>
> -Philip
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml

ClamAV users RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.