Philip, I think it is the other way round - your MD process is running as "defang", which has no permissions on the clamav socket.
Paul. -----Original Message----- From: mimedefang-boun...@lists.roaringpenguin.com [mailto:mimedefang-boun...@lists.roaringpenguin.com] On Behalf Of Philip Prindeville Sent: 13 January 2012 19:21 To: mimedefang@lists.roaringpenguin.com Subject: [Mimedefang] Clamd permissions on Centos with mimedefang I'm seeing the following message: Jan 12 15:50:38 glue01 mimedefang.pl[9415]: 84D7D22131D: Clamd returned error: lstat() failed: Permission denied. and I'm not sure why. I have the following clamd config: LogFile /var/log/clamav/clamd.log LogFileMaxSize 0 LogTime yes LogSyslog yes ExtendedDetectionInfo yes PidFile /var/run/clamav/clamd.pid TemporaryDirectory /var/tmp DatabaseDirectory /var/lib/clamav LocalSocket /var/run/clamav/clamd.sock FixStaleSocket yes MaxConnectionQueueLength 30 MaxThreads 50 ReadTimeout 300 User clam AllowSupplementaryGroups yes ScanPE yes ScanELF yes DetectBrokenExecutables yes ScanOLE2 yes ScanMail yes ScanArchive yes ArchiveBlockEncrypted no I have the following group memberships: uid=89(postfix) gid=89(postfix) groups=89(postfix),12(mail),494(defang) uid=496(defang) gid=494(defang) groups=494(defang) uid=497(clam) gid=495(clam) groups=495(clam),494(defang) what is failing and why? And since clamd is in the defang group, why doesn't it have access to the message? Any ideas? Thanks, -Philip _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang ------------ Scanned by MIMEDefang - q0DJTHn7030215 _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang