<html><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:16px"><div dir="ltr" id="yui_3_16_0_1_1436262004045_8159"><span id="yui_3_16_0_1_1436262004045_8580"><br></span></div><div id="yui_3_16_0_1_1436262004045_8605" dir="ltr"><span style="" class="" id="yui_3_16_0_1_1436262004045_8580">The state of  </span>the parameter "NoNewPrivileges" in amavis startup is already in "false"</div><div id="yui_3_16_0_1_1436262004045_8677" dir="ltr"><br></div><div id="yui_3_16_0_1_1436262004045_9108" dir="ltr">Best Regards<br class="" style="" clear="none">
          Martin</div><div id="yui_3_16_0_1_1436262004045_8676" dir="ltr"><br></div><div id="yui_3_16_0_1_1436262004045_8606" dir="ltr"><span id="yui_3_16_0_1_1436262004045_8580"><br></span></div><div id="yui_3_16_0_1_1436262004045_8607" dir="ltr"><span id="yui_3_16_0_1_1436262004045_8580">[Unit]<br style="" class="">Description=Amavisd-new is an interface between MTA and content checkers.<br style="" class="">Documentation=http://www.ijs.si/software/amavisd/#doc<br style="" class="">After=network.target<br style="" class="">Wants=clamd@amavisd.service<br style="" class="">Wants=postfix.service<br style="" class=""><br style="" class="">[Service]<br style="" class="">Type=forking<br style="" class="">User=amavis<br style="" class="">Group=amavis<br style="" class="">PIDFile=/var/run/amavisd/amavisd.pid<br style="" class="">ExecStart=/usr/sbin/amavisd -c /etc/amavisd/amavisd.conf<br style="" class="">ExecReload=/usr/sbin/amavisd -c /etc/amavisd/amavisd.conf reload<br style="" class="">Restart=on-failure<br style="" class="">PrivateTmp=true<br style="" class="">NoNewPrivileges=false<br style="" class=""><br style="" class="">[Install]<br style="" class="">WantedBy=multi-user.target<br style="" class=""></span></div>  <div style="" class="" id="yui_3_16_0_1_1436262004045_8159"><span style="" class=""><br style="" class=""></span></div><br><div id="yui_3_16_0_1_1436262004045_8695" class="qtdSeparateBR"><br><br></div><div style="display: block;" id="yui_3_16_0_1_1436262004045_8775" class="yahoo_quoted"> <div id="yui_3_16_0_1_1436262004045_8774" style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 16px;"> <div id="yui_3_16_0_1_1436262004045_8773" style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 16px;"> <div dir="ltr"> <font face="Arial" size="2"> Le Mardi 7 juillet 2015 12h08, bortolotti <daniela.bortolotti@bo.infn.it> a écrit :<br> </font> </div>  <br><br> <div id="yui_3_16_0_1_1436262004045_8772" class="y_msg_container"><div id="yiv7552598155"><div id="yui_3_16_0_1_1436262004045_8771">
    <div id="yui_3_16_0_1_1436262004045_8770" class="yiv7552598155moz-cite-prefix">Hello,<br clear="none">
      what is the parameter "NoNewPrivileges" in amavis startup?<br clear="none">
      We use sendmail instead of postfix and the problem was the same. <br clear="none">
      <br clear="none">
      We changed a startup parameter in
      /usr/lib/systemd/system/amavisd.service :<br clear="none">
      <br clear="none">
      NoNewPrivileges=true  (original)<br clear="none">
      <br clear="none">
      into<br clear="none">
      <br clear="none">
      NoNewPrivileges=false<br clear="none">
      <br clear="none">
      <br clear="none">
      <br clear="none">
      Best regards<br clear="none">
      Daniela Bortolotti<br clear="none">
      <br clear="none">
      <br clear="none">
      On 07/07/2015 10:21 AM, Francois Martin wrote:<br clear="none">
    </div>
    <div class="yiv7552598155yqt4178244755" id="yiv7552598155yqt13749"><blockquote id="yui_3_16_0_1_1436262004045_9095" type="cite">
      <div id="yui_3_16_0_1_1436262004045_9094" style="color:#000;background-color:#fff;font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:16px;">
        <div dir="ltr" id="yiv7552598155yui_3_16_0_1_1436255942066_6227">Hello,</div>
        <div dir="ltr" id="yiv7552598155yui_3_16_0_1_1436255942066_6337"><br clear="none">
        </div>
        <div dir="ltr" id="yiv7552598155yui_3_16_0_1_1436255942066_6424">I just
          installed Kolab 3.4 on a VM OpenVZ (CentOS 7.1.1503).</div>
        <div dir="ltr" id="yiv7552598155yui_3_16_0_1_1436255942066_6339">Everything
          works fine apart from the amavisd service.<br class="yiv7552598155" style="" clear="none">
          It can not start.<br class="yiv7552598155" style="" clear="none">
          Result, emails are blocked in the postfix queue.<br class="yiv7552598155" style="" clear="none">
          If I disable the use of amavis-new in postfix, emails can
          circulate.<br class="yiv7552598155" style="" clear="none">
        </div>
        <div dir="ltr" id="yiv7552598155yui_3_16_0_1_1436255942066_6353"><br clear="none">
        </div>
        <div dir="ltr" id="yiv7552598155yui_3_16_0_1_1436255942066_6340">The error
          code when running the service:<br class="yiv7552598155" style="" clear="none">
          code = exited, status = 227 / NO_NEW_PRIVILEGES<br class="yiv7552598155" style="" clear="none">
        </div>
        <div dir="ltr" id="yiv7552598155yui_3_16_0_1_1436255942066_6352"><br clear="none">
        </div>
        <div dir="ltr" id="yiv7552598155yui_3_16_0_1_1436255942066_6351">Thank you
          for your help! :-)<br class="yiv7552598155" style="" clear="none">
          Best Regards<br class="yiv7552598155" style="" clear="none">
          Martin<br clear="none">
        </div>
        <div class="yiv7552598155" id="yiv7552598155yui_3_16_0_1_1436255942066_6227" style=""><br class="yiv7552598155" style="" clear="none">
        </div>
      </div>
    </blockquote></div>
    <br clear="none">
  </div></div><br><br></div>  </div> </div>  </div></div></body></html>