Question RE Kaspersky 8.0 (klms) socket permission error

Jakob Curdes via amavis-users amavis-users at amavis.org
Tue Jan 21 14:00:33 CET 2014


I am now trying to start with simpler things:
with the command-line version of KLMS 8.0, kavscanner.
This is similar or identical to the scanner delivered with kav4fs, so I 
can use a predefined configuration, only the path must be modified:

    ### http://www.kaspersky.com/
    ['Kaspersky Antivirus v8',
       ['/opt/kaspersky/klms/bin/kavscanner', 'kavscanner'],
      '-i0 -xn -xp -mn -R -ePASBME {}/*', [0,10,15], [5,20,21,25],
      qr/(?:INFECTED|WARNING|SUSPICION|SUSPICIOUS) (.*)/m,
     sub {chdir('/opt/kaspersky/klms/bin') or die "Can't chdir to kav: $!"},
     sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
    ],

After modifying the permissions of the "facade"

chmod g+w /var/run/klms/facade

this runs nicely if called from the command line as user amavis.

But called from amavisd, as above, I get
Jan 21 13:51:21  amavis[18062]: (18062-02) (!)run_av (Kaspersky 
Antivirus v8) FAILED - unexpected exit 30, output="Kaspersky Anti-Virus 
On-Demand Scanner.\nCopyright (C) Kaspersky Lab, 1997-2012.\nCannot 
create /var/log/kaspersky/klms/kavscanner.log"

even though it could access the same file without problems when it ran 
from a shell of this user. The logfile belongs to amavis:amavis.
Does amavisd detach the virus scanner processes to another user, e.g. 
"nobody"? I have no other explanation why the binary cannot access its 
logfile.


JC


More information about the amavis-users mailing list