[Clamav-users] Error "Out of memory: cannot allocate memory" fixed

[Dan O'Brien]

Well, not *exactly* fixed...

I started to get this error after performing an upgrade from 0.68 to 0.70 
(see my post 04/21/2004).  I made no changes to my autoconf options, and 
no changes to my clamav.conf (apart from ThreadTimeout --> ReadTimeout). 
v0.70 would cause sendmail to error upon connection from an smtp client 
with the "Out of memory: cannot allocate memory" error.  v0.68 does not do 
this.

After seeing a post about this error being caused by the socket name being 
wrong, I did a bit of troubleshooting on another system and found it was a 
permissions problem on the directory where the socket lies 
(/var/local/clamav).

Here are the particulars (Pease note, this this test system is running 
clamav-milter, not mimedefang, I'm just running as mimedefang.  Another 
system exhibiting the same problem is running as clamav):

clamav is complied as follows:

./configure --enable-milter \
        --enable-debug \
        --with-user=mimedefang \
        --with-group=mimedefang \
        --with-gnu-ld \
        --disable-clamuko \
        --sysconfdir=/etc/clamav \
        --localstatedir=/var/local/clamav \
        --with-dbdir=/var/local/clamav

The socket files are /var/local/clamav/clamd.sock and 
/var/local/clamav/clamav-milter.sock

The directory /var/local/clamav is owned by mimedefang with group 
mimedefang.  When /var/local/clamav has permissions 0700 or 0770, I get 
the "cannot allocate memory" error.  When it's 0777, it works fine.  If I 
run clamd and clamav-milter as root, it works fine.  I've tried running as 
mimedefang with "AllowSupplementaryGroups" enabled, but that doesn't work, 
either (and I'm not entirely clear on its purpose from the notes in 
clamav.conf).  In any case, if /var/local/clamav has group or world write 
permissions sendmail complains.

So the point of this ramble is to find out the following:

How should I have clamav configured so it's not running as root, with the 
config files in /var/local/clamav (with reasonable permissions).

And what changed between v0.68 and 0.70 so as to cause this predicament (I 
didn't see anything in the ChangeLog that gave much of a clue.




-------------------------------------------------------
This SF.Net email is sponsored by Sleepycat Software
Learn developer strategies Cisco, Motorola, Ericsson & Lucent use to 
deliver higher performing products faster, at low TCO.
http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3
_______________________________________________
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users