On Thu, 9 Oct 2014, Kevin A. McGrail wrote: > On 10/9/2014 10:28 AM, Cliff Hayes wrote: >> Thanks to this list I am making progress :) >> Now clamd is failing due to this... >> Wed Oct 8 16:32:20 2014 -> WARNING: lstat() failed on: >> /var/spool/MIMEDefang/mdefang-s98LWK78002037/Work >> ...I'm assuming this is because the mimedefang working directory is owned by >> defang and clamd runs as clamav. >> I fixed by running clamd as root ... is this the preferred solution or is >> there a better way? > In general, you don't want daemons running as privileged users. > > I run clamd as the same user as I run MD and that would be my recommendation > as > well.
On my systems (debian) I run mimedefang as user "defang" and group "defang" while clamd is runing as user "clamav" and group "clamav". I made the "clamav" user a menber of the "defang" group so clamd can read the contents of subdirs below /var/spool/MIMEDefang with group rights. ~# id defang uid=108(defang) gid=110(defang) groups=110(defang) ~# id clamav uid=107(clamav) gid=109(clamav) groups=110(defang),109(clamav) Regards, Kees Theunissen. -- Kees Theunissen, System and network manager, Tel: +31 (0)30 6096724 Dutch Institute For Fundamental Energy Research (DIFFER) e-mail address: c.j.theunis...@differ.nl postal address: PO Box 1207, 3430 BE Nieuwegein, NL visitors address: Edisonbaan 14, 3439 MN Nieuwegein, NL _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang