Re: [CentOS] More on amavis/clam permission errors on Centos 6.3
On 31/01/13 11:17, Robert Moskowitz wrote: > > On 01/31/2013 02:30 AM, John Hinton wrote: >> On 1/30/2013 5:05 PM, Robert Moskowitz wrote: >>> On 01/30/2013 04:31 PM, Nicolas Thierry-Mieg wrote: Robert Moskowitz wrote: > I should probably find either the amavis or clam list(s) and take this > there? > > Oh, I have not applied the updated policy rpms that Dan Walsh pointed me > to. This is all 'out of the box' rpms, following the amavis/clamav > recommendations from: http://wiki.centos.org/HowTos/Amavisd is it? so your rpms come from rpmforge? I thought you mentioned epel at some point. Hopefully you're not mixing them? >>> Sorry, I followed the HowTo, but got all the rpms from epel. >>> If you are, then that might be your problem. If you really followed the wiki instructions you must be using RF packages, so you could take it to the RF list. And if you're using epel, then you didn't follow the wiki instructions but nevertheless you should take it to the epel list... >>> epel list. Hmm. Now to find that. >>> >>> Thanks for the direction. >>> >> Read near the top of the amavis config file. It will reference the >> directories you are having trouble with. It tells you to create them and >> that they need to be owned by whatever you set the amavis user to be. It >> is all right there in the conf file. >> > Yes, I read that. > > > amavis from the epel repo defaults to /var/spool/amavisd which is owned > by amavis:amavis with permissions 700. > > The rpm created the subdirs under this of quarantine, tmp, and db also > owned by amavis:amavis with permissions 700. I had to create var myself > for spamassassin to use. > > The permissions problem is under /var/spool/amavis/tmp if you look at > the maillog entry. I have altered all permissions to 750 and still have > the problem; the directory created is with 700, and perhaps that is why > the problem? > Permissions should be 750 as the clamav user is a member of the amavis group and needs group access. > I am thinking to change the clamd conf files to run with user amavis > instead of clam and see if that gets around the problem... > That will likely cause other problems. The clamav user just needs to be a member of the amavis group. > I have joined the epel-devel list (I did not find an epel-users list) > and posted this there yesterday. I see that epel repo is the same > version currently available from rpmforge that the howto uses. > Interestingly, rpmforge uses userid clamav and epel uses userid clam. > Don't know what other differences there are. So far no replies on the > epel list. > As you have seen there are differences between the packages. This makes the CentOS documentation worthless to you as you are not using the same versions used in the documentation. You should take this thread, and your issue, to the EPEL list as it really has nothing to do with CentOS. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] More on amavis/clam permission errors on Centos 6.3
On 01/31/2013 02:30 AM, John Hinton wrote: > On 1/30/2013 5:05 PM, Robert Moskowitz wrote: >> On 01/30/2013 04:31 PM, Nicolas Thierry-Mieg wrote: >>> Robert Moskowitz wrote: I should probably find either the amavis or clam list(s) and take this there? >>> Oh, I have not applied the updated policy rpms that Dan Walsh pointed me to. This is all 'out of the box' rpms, following the amavis/clamav recommendations from: http://wiki.centos.org/HowTos/Amavisd >>> is it? so your rpms come from rpmforge? I thought you mentioned epel at >>> some point. Hopefully you're not mixing them? >> Sorry, I followed the HowTo, but got all the rpms from epel. >> >>> If you are, then that might be your problem. >>> If you really followed the wiki instructions you must be using RF >>> packages, so you could take it to the RF list. >>> And if you're using epel, then you didn't follow the wiki instructions >>> but nevertheless you should take it to the epel list... >> epel list. Hmm. Now to find that. >> >> Thanks for the direction. >> > Read near the top of the amavis config file. It will reference the > directories you are having trouble with. It tells you to create them and > that they need to be owned by whatever you set the amavis user to be. It > is all right there in the conf file. > Yes, I read that. amavis from the epel repo defaults to /var/spool/amavisd which is owned by amavis:amavis with permissions 700. The rpm created the subdirs under this of quarantine, tmp, and db also owned by amavis:amavis with permissions 700. I had to create var myself for spamassassin to use. The permissions problem is under /var/spool/amavis/tmp if you look at the maillog entry. I have altered all permissions to 750 and still have the problem; the directory created is with 700, and perhaps that is why the problem? I am thinking to change the clamd conf files to run with user amavis instead of clam and see if that gets around the problem... I have joined the epel-devel list (I did not find an epel-users list) and posted this there yesterday. I see that epel repo is the same version currently available from rpmforge that the howto uses. Interestingly, rpmforge uses userid clamav and epel uses userid clam. Don't know what other differences there are. So far no replies on the epel list. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] More on amavis/clam permission errors on Centos 6.3
On 1/30/2013 5:05 PM, Robert Moskowitz wrote: > On 01/30/2013 04:31 PM, Nicolas Thierry-Mieg wrote: >> Robert Moskowitz wrote: >>> I should probably find either the amavis or clam list(s) and take this >>> there? >>> >> >>> Oh, I have not applied the updated policy rpms that Dan Walsh pointed me >>> to. This is all 'out of the box' rpms, following the amavis/clamav >>> recommendations from: http://wiki.centos.org/HowTos/Amavisd >> is it? so your rpms come from rpmforge? I thought you mentioned epel at >> some point. Hopefully you're not mixing them? > Sorry, I followed the HowTo, but got all the rpms from epel. > >> If you are, then that might be your problem. >> If you really followed the wiki instructions you must be using RF >> packages, so you could take it to the RF list. >> And if you're using epel, then you didn't follow the wiki instructions >> but nevertheless you should take it to the epel list... > epel list. Hmm. Now to find that. > > Thanks for the direction. > Read near the top of the amavis config file. It will reference the directories you are having trouble with. It tells you to create them and that they need to be owned by whatever you set the amavis user to be. It is all right there in the conf file. -- John Hinton 877-777-1407 ext 502 http://www.ew3d.com Comprehensive Online Solutions ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] More on amavis/clam permission errors on Centos 6.3
On 01/30/2013 04:31 PM, Nicolas Thierry-Mieg wrote: > Robert Moskowitz wrote: >> I should probably find either the amavis or clam list(s) and take this >> there? >> > >> Oh, I have not applied the updated policy rpms that Dan Walsh pointed me >> to. This is all 'out of the box' rpms, following the amavis/clamav >> recommendations from: http://wiki.centos.org/HowTos/Amavisd > is it? so your rpms come from rpmforge? I thought you mentioned epel at > some point. Hopefully you're not mixing them? Sorry, I followed the HowTo, but got all the rpms from epel. > If you are, then that might be your problem. > If you really followed the wiki instructions you must be using RF > packages, so you could take it to the RF list. > And if you're using epel, then you didn't follow the wiki instructions > but nevertheless you should take it to the epel list... epel list. Hmm. Now to find that. Thanks for the direction. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] More on amavis/clam permission errors on Centos 6.3
Robert Moskowitz wrote: > I should probably find either the amavis or clam list(s) and take this > there? > > Oh, I have not applied the updated policy rpms that Dan Walsh pointed me > to. This is all 'out of the box' rpms, following the amavis/clamav > recommendations from: http://wiki.centos.org/HowTos/Amavisd is it? so your rpms come from rpmforge? I thought you mentioned epel at some point. Hopefully you're not mixing them? If you are, then that might be your problem. If you really followed the wiki instructions you must be using RF packages, so you could take it to the RF list. And if you're using epel, then you didn't follow the wiki instructions but nevertheless you should take it to the epel list... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] More on amavis/clam permission errors on Centos 6.3
I should probably find either the amavis or clam list(s) and take this there? Anyway, I have totally rebuilt my machine with clean installs. I have spent time carefully (I hope!) studying the amavis and clamav conf files before starting them and running the tests. Here is what I am getting: Jan 30 14:14:10 test1 postfix/pickup[6682]: DA8082A099B: uid=0 from= Jan 30 14:14:10 test1 postfix/cleanup[6773]: DA8082A099B: message-id=<20130130191410.da8082a0...@test1.test.htt-consult.com> Jan 30 14:14:10 test1 postfix/qmgr[6683]: DA8082A099B: from=, size=446, nrcpt=1 (queue active) Jan 30 14:14:11 test1 amavis[6756]: (06756-01) LMTP::10024 /var/spool/amavisd/tmp/amavis-20130130T141411-06756: -> SIZE=446 Received: from test1.test.htt-consult.com ([127.0.0.1]) by localhost (test1.test.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP for ; Wed, 30 Jan 2013 14:14:11 -0500 (EST) Jan 30 14:14:11 test1 amavis[6756]: (06756-01) Checking: 95-+1-aqz4Cb -> Jan 30 14:14:11 test1 amavis[6756]: (06756-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output="/var/spool/amavisd/tmp/amavis-20130130T141411-06756/parts: lstat() failed: Permission denied. ERROR\n" Jan 30 14:14:11 test1 amavis[6756]: (06756-01) (!)ClamAV-clamd av-scanner FAILED: CODE(0x9fff7b8) unexpected , output="/var/spool/amavisd/tmp/amavis-20130130T141411-06756/parts: lstat() failed: Permission denied. ERROR\n" at (eval 100) line 594. Jan 30 14:14:11 test1 amavis[6756]: (06756-01) (!!)WARN: all primary virus scanners failed, considering backups Jan 30 14:14:21 test1 amavis[6756]: (06756-01) Blocked INFECTED (Eicar-Test-Signature), -> , Message-ID: <20130130191410.da8082a0...@test1.test.htt-consult.com>, mail_id: 95-+1-aqz4Cb, Hits: -, size: 446, 10352 ms Jan 30 14:14:21 test1 postfix/lmtp[6777]: DA8082A099B: to=, relay=127.0.0.1[127.0.0.1]:10024, delay=11, delays=0.19/0.01/0.01/10, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=06756-01 - INFECTED: Eicar-Test-Signature) Jan 30 14:14:21 test1 postfix/qmgr[6683]: DA8082A099B: removed Jan 30 14:18:37 test1 postfix/pickup[6682]: 6E6342A099C: uid=0 from= Jan 30 14:18:37 test1 postfix/cleanup[6807]: 6E6342A099C: message-id= Jan 30 14:18:37 test1 postfix/qmgr[6683]: 6E6342A099C: from=, size=947, nrcpt=1 (queue active) Jan 30 14:18:37 test1 amavis[6755]: (06755-01) LMTP::10024 /var/spool/amavisd/tmp/amavis-20130130T141837-06755: -> SIZE=947 Received: from test1.test.htt-consult.com ([127.0.0.1]) by localhost (test1.test.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP for ; Wed, 30 Jan 2013 14:18:37 -0500 (EST) Jan 30 14:18:37 test1 amavis[6755]: (06755-01) Checking: iVLEI2wVyvfc -> Jan 30 14:18:37 test1 amavis[6755]: (06755-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output="/var/spool/amavisd/tmp/amavis-20130130T141837-06755/parts: lstat() failed: Permission denied. ERROR\n" Jan 30 14:18:37 test1 amavis[6755]: (06755-01) (!)ClamAV-clamd av-scanner FAILED: CODE(0x9fff7b8) unexpected , output="/var/spool/amavisd/tmp/amavis-20130130T141837-06755/parts: lstat() failed: Permission denied. ERROR\n" at (eval 100) line 594. Jan 30 14:18:37 test1 amavis[6755]: (06755-01) (!!)WARN: all primary virus scanners failed, considering backups Jan 30 14:19:01 test1 amavis[6755]: (06755-01) Blocked SPAM, -> , Message-ID: , mail_id: iVLEI2wVyvfc, Hits: 1005.069, size: 947, 23998 ms Jan 30 14:19:01 test1 postfix/lmtp[6811]: 6E6342A099C: to=, relay=127.0.0.1[127.0.0.1]:10024, delay=24, delays=0.13/0.01/0.01/24, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=06755-01 - SPAM) Jan 30 14:19:01 test1 postfix/qmgr[6683]: 6E6342A099C: removed I should also see what I might change so that instead of blocking and dropping, it will tag and let through so I can see it for now at least. Oh, I have not applied the updated policy rpms that Dan Walsh pointed me to. This is all 'out of the box' rpms, following the amavis/clamav recommendations from: http://wiki.centos.org/HowTos/Amavisd ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
