clamd does not scan emails
Dominic Raferd
dominic at timedicer.co.uk
Wed May 22 17:06:06 CEST 2019
So I guess you have explicitly set (probably in /etc/amavis/conf.d/50-user):
$MYHOME = '/var/amavis';
whereas the preset in debian/ubuntu package of amavis is:
$MYHOME = '/var/lib/amavis';
... or maybe you built amavis from source?
On Wed, 22 May 2019 at 15:28, Alexander Azeev <artang89 at gmail.com> wrote:
> Question about selinux from uhlar at fantomas.sk got me thinking.
> As it turns out, the issue was with apparmor.
>
> In /etc/apparmor.d/usr.sbin.clamd there is a line:
> "# For amavisd-new integration
> /var/lib/amavis/tmp/** r, "
>
> I changed it to "/var/amavis/tmp/** r,", rebooted and it works now!
> Thanks everyone for helping.
>
> ср, 22 мая 2019 г. в 16:42, Patrick Ben Koetter <p at sys4.de>:
>
>> Alexander,
>>
>> I've just checked on an Ubuntu 14 LTS and I want you to check this too:
>>
>> What are the permissions where amavis stores messages (and parts)? In my
>> case
>> the directory (NOTE: Your's seems to be /var/amavis/tmp/? Is that
>> correct?) is
>> 0755 for amavis:amavis:
>>
>> # ls -ld /var/lib/amavis/tmp/
>> drwxr-xr-x 19 amavis amavis 380 May 22 15:27 /var/lib/amavis/tmp/
>>
>> Clamav is in group amavis:
>> # id clamav
>> uid=110(clamav) gid=117(clamav) groups=117(clamav),119(amavis)
>>
>> Amavis is in group amavis:
>> # id amavis
>> uid=112(amavis) gid=119(amavis) groups=119(amavis)
>>
>> Did you restart clamav after you added its user to amavis' group?
>> Can you confirm the same settings?
>>
>> Tanks
>>
>> p at rick
>>
>>
>> * Alexander Azeev <artang89 at gmail.com>:
>> > Ubuntu 18.04.1 LTS, selinux is disabled.
>> >
>> > getenforce
>> > Command 'getenforce' not found, but can be installed with:
>> > sudo apt install selinux-utils
>> >
>> > ср, 22 мая 2019 г. в 15:46, Matus UHLAR - fantomas <uhlar at fantomas.sk>:
>> >
>> > > >> >> On Tue, 21 May 2019 at 14:54, Alexander Azeev <
>> artang89 at gmail.com>
>> > > wrote:
>> > > >> >>> Hello, I have a problem with clamd not being able to scan mail
>> > > properly.
>> > > >> >>> In the amavis log there are messages like:
>> > > >> >>>
>> > > >> >>> run_av (ClamAV-clamd) result:
>> > > >> >>> /var/amavis/tmp/amavis-20190518T065844-01954-dOjV4CBP/parts:
>> lstat()
>> > > >> >>> failed: Permission denied.
>> > > >> >>>
>> ERROR\n/var/amavis/tmp/amavis-20190518T065844-01954-dOjV4CBP/parts:
>> > > OK\n
>> > > >> >>> run_av (ClamAV-clamd): CLEAN
>> > > >> >>> run_av (ClamAV-clamd) result: clean
>> > > >> >>>
>> > > >> >>> So it passes everything as CLEAN, even the EICAR test virus.
>> > > >> >>> It seems to be a permissions issue.
>> > > >> >>> I used this article to check my settings
>> > > >> >>>
>> > >
>> https://www.moshe-schmidt.de/linux/clamav-permission-denied-how-to-fix-it/
>> > > >> >>> ,
>> > > >> >>> but everything seems to be correct.
>> > >
>> > > >вт, 21 мая 2019 г. в 21:23, Matus UHLAR - fantomas <
>> uhlar at fantomas.sk>:
>> > > >> did you restart clamav after?
>> > >
>> > > On 22.05.19 14:42, Alexander Azeev wrote:
>> > > >Of course, I did that as well as restarting amavis and even the
>> machine
>> > > >itself.
>> > >
>> > > what os/distro? Don't you run with selinux enabled by any chance?
>> > > --
>> > > Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
>> > > Warning: I wish NOT to receive e-mail advertising to this address.
>> > > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
>> > > Fighting for peace is like fucking for virginity...
>> > >
>> >
>> >
>> > --
>> > С уважением,
>> > Азеев Александр
>>
>> --
>> [*] sys4 AG
>>
>> https://sys4.de, +49 (89) 30 90 46 64
>> Schleißheimer Straße 26/MG,80333 München
>>
>> Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
>> Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
>> Aufsichtsratsvorsitzender: Florian Kirstein
>>
>>
>
> --
> С уважением,
> Азеев Александр
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.amavis.org/pipermail/amavis-users/attachments/20190522/099051fa/attachment.html>
More information about the amavis-users
mailing list