Question RE Kaspersky 8.0 (klms) socket permission error

Jakob Curdes via amavis-users amavis-users at amavis.org
Mon Jan 20 15:15:48 CET 2014


Hi, we are installing the kaspersky for linux mail scanner 8.0 in 
conjunction with amavis following klms's manual.
We are looking at our screens and do not understand why this is not 
working.

We have
   ### Kaspersky Security 8.0 for Linux Mail Server
   ['Kaspersky Security 8.0 for Linux Mail Server',
     \&ask_daemon, ["nCONTSCAN {}\n", "/var/run/klms/rds_av"],
     qr/\bOK$/m, qr/\bFOUND$/m,
     qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],

and the socket looks like this:

srw-rw----. 1 kluser klusers 0 Jan 20 14:57 /var/run/klms/rds_av

The user "amavis" is member of the "klusers" group so he should be able 
to access the socket.
But the log tells us differently:
Jan 20 15:02:36 commsrv amavis[18023]: (18023-01) (!)connect to 
/var/run/klms/rds_av failed, attempt #1: Can't connect to UNIX socket 
/var/run/klms/rds_av: Permission denied
Jan 20 15:02:36 commsrv amavis[18023]: (18023-01) Kaspersky Security 8.0 
for Linux Mail Server: All attempts (1) failed connecting to 
/var/run/klms/rds_av, retrying (1)
Jan 20 15:02:37 commsrv amavis[18023]: (18023-01) (!)connect to 
/var/run/klms/rds_av failed, attempt #1: Can't connect to UNIX socket 
/var/run/klms/rds_av: Permission denied

etc.
We checked that the amavis process actually uses the user amavis and 
double-checked the group entries. All is correct, still we get "no 
permission". SELinux is set to "permissive" for testing and does not 
report any denies.
Even when I set the user of the socket file to amavis:amavis, we still 
get "permission denied" errors.  What is this?


Regards,
JC



More information about the amavis-users mailing list