Re: [CentOS] permission problems with avamis and Centos 6.3
On 01/24/2013 02:48 PM, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/24/2013 01:15 PM, Robert Moskowitz wrote: Thank you for your suggestion, but it did not fix the permissions problem. On 01/24/2013 10:13 AM, Rob wrote: usermod -a -G amavis clam How is this different from: gpasswd -a clam amavis And I am still getting the permissions error. service clamd restart be happy On 24.01.2013, at 04:16, Robert Moskowitz r...@htt-consult.com wrote: I am trying to follow: http://wiki.centos.org/HowTos/Amavisd Which seems to really be written for Centos 5, with just some selinux references for Centos 6. There are real problems here for Centos 6 with the userids section. It gives the following command and result: cat /etc/passwd | grep amavis\|clamav clamav:x:101:102:Clam Anti Virus Checker:/var/clamav:/sbin/nologin amavis:x:102:103:Amavis email scan user:/var/amavis:/bin/sh But my Centos 6.3 has: clam:x:494:490:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin amavis:x:493:489::/var/spool/amavisd:/sbin/nologin Note the difference in userid clam instead of clamav. So this causes problems with the group recommendation: In addition, the clamav user should automatically have been added to the amavis group: # groups clamav clamav : clamav amavis If not, you can manually add clamav to the amavis group: gpasswd -a clamav amavis so I did: gpasswd -a clam amavis So far, it seems just changing what userid is now used by clamav... But in testing for spam I see the following in /var/log/maillog Jan 23 15:56:17 test1 amavis[25669]: (25669-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output=/var/spool/amavisd/tmp/amavis-20130123T155617-25669/parts: lstat() failed: Permission denied. ERROR\n I checked this directory tree and all along the tree the permissions are to amavis:amavis So where is my permission problem? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Can you attach the AVC messages from audit log. ausearch -m avc -ts recent Back home and booted up test system (thus no questions about clamav state): time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.446:25): arch=4003 syscall=5 success=yes exit=3 a0=92de9d8 a1=98800 a2=92de9d8 a3=92ba620 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.446:25): avc: denied { read } for pid=3045 comm=clamscan name=parts dev=dm-0 ino=2624185 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.490:26): arch=4003 syscall=39 success=yes exit=0 a0=92e64f8 a1=1c0 a2=a36cd8 a3=92e64f8 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.490:26): avc: denied { create } for pid=3045 comm=clamscan name=clamav-add5fee27e737080ac3907505396eca9 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir type=AVC msg=audit(1359389906.490:26): avc: denied { add_name } for pid=3045 comm=clamscan name=clamav-add5fee27e737080ac3907505396eca9 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir type=AVC msg=audit(1359389906.490:26): avc: denied { write } for pid=3045 comm=clamscan name=tmp dev=dm-0 ino=2624119 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.528:27): arch=4003 syscall=5 success=yes exit=5 a0=92f1810 a1=2c2 a2=1c0 a3=bfdb5d2c items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.528:27): avc: denied { write } for pid=3045 comm=clamscan name=clamav-308541af5e7a69c500ba0757a9644b91 dev=dm-0 ino=2753728 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=file type=AVC msg=audit(1359389906.528:27): avc: denied { create } for pid=3045 comm=clamscan name=clamav-308541af5e7a69c500ba0757a9644b91
Re: [CentOS] permission problems with avamis and Centos 6.3
On 01/24/2013 02:22 PM, Rob wrote: On 24.01.2013, at 19:15, Robert Moskowitz r...@htt-consult.com wrote: Thank you for your suggestion, but it did not fix the permissions problem. On 01/24/2013 10:13 AM, Rob wrote: usermod -a -G amavis clam How is this different from: gpasswd -a clam amavis And I am still getting the permissions error. service clamd restart be happy On 24.01.2013, at 04:16, Robert Moskowitz r...@htt-consult.com wrote: I am trying to follow: http://wiki.centos.org/HowTos/Amavisd Which seems to really be written for Centos 5, with just some selinux references for Centos 6. There are real problems here for Centos 6 with the userids section. It gives the following command and result: cat /etc/passwd | grep amavis\|clamav clamav:x:101:102:Clam Anti Virus Checker:/var/clamav:/sbin/nologin amavis:x:102:103:Amavis email scan user:/var/amavis:/bin/sh But my Centos 6.3 has: clam:x:494:490:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin amavis:x:493:489::/var/spool/amavisd:/sbin/nologin Note the difference in userid clam instead of clamav. So this causes problems with the group recommendation: In addition, the clamav user should automatically have been added to the amavis group: # groups clamav clamav : clamav amavis If not, you can manually add clamav to the amavis group: gpasswd -a clamav amavis so I did: gpasswd -a clam amavis So far, it seems just changing what userid is now used by clamav... But in testing for spam I see the following in /var/log/maillog Jan 23 15:56:17 test1 amavis[25669]: (25669-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output=/var/spool/amavisd/tmp/amavis-20130123T155617-25669/parts: lstat() failed: Permission denied. ERROR\n I checked this directory tree and all along the tree the permissions are to amavis:amavis So where is my permission problem? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos What are the permission for /var/spool/amavisd. amavis:amavis Did you try: service clam stop service clam start Instead of: restart? (it is not the same) Does boot count? ;) Yes this was from a clean boot. And I just powered up the system again today and it repeated the permissions problem. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] permission problems with avamis and Centos 6.3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/28/2013 11:29 AM, Robert Moskowitz wrote: On 01/24/2013 02:48 PM, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/24/2013 01:15 PM, Robert Moskowitz wrote: Thank you for your suggestion, but it did not fix the permissions problem. On 01/24/2013 10:13 AM, Rob wrote: usermod -a -G amavis clam How is this different from: gpasswd -a clam amavis And I am still getting the permissions error. service clamd restart be happy On 24.01.2013, at 04:16, Robert Moskowitz r...@htt-consult.com wrote: I am trying to follow: http://wiki.centos.org/HowTos/Amavisd Which seems to really be written for Centos 5, with just some selinux references for Centos 6. There are real problems here for Centos 6 with the userids section. It gives the following command and result: cat /etc/passwd | grep amavis\|clamav clamav:x:101:102:Clam Anti Virus Checker:/var/clamav:/sbin/nologin amavis:x:102:103:Amavis email scan user:/var/amavis:/bin/sh But my Centos 6.3 has: clam:x:494:490:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin amavis:x:493:489::/var/spool/amavisd:/sbin/nologin Note the difference in userid clam instead of clamav. So this causes problems with the group recommendation: In addition, the clamav user should automatically have been added to the amavis group: # groups clamav clamav : clamav amavis If not, you can manually add clamav to the amavis group: gpasswd -a clamav amavis so I did: gpasswd -a clam amavis So far, it seems just changing what userid is now used by clamav... But in testing for spam I see the following in /var/log/maillog Jan 23 15:56:17 test1 amavis[25669]: (25669-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output=/var/spool/amavisd/tmp/amavis-20130123T155617-25669/parts: lstat() failed: Permission denied. ERROR\n I checked this directory tree and all along the tree the permissions are to amavis:amavis So where is my permission problem? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Can you attach the AVC messages from audit log. ausearch -m avc -ts recent Back home and booted up test system (thus no questions about clamav state): time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.446:25): arch=4003 syscall=5 success=yes exit=3 a0=92de9d8 a1=98800 a2=92de9d8 a3=92ba620 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.446:25): avc: denied { read } for pid=3045 comm=clamscan name=parts dev=dm-0 ino=2624185 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.490:26): arch=4003 syscall=39 success=yes exit=0 a0=92e64f8 a1=1c0 a2=a36cd8 a3=92e64f8 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.490:26): avc: denied { create } for pid=3045 comm=clamscan name=clamav-add5fee27e737080ac3907505396eca9 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir type=AVC msg=audit(1359389906.490:26): avc: denied { add_name } for pid=3045 comm=clamscan name=clamav-add5fee27e737080ac3907505396eca9 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir type=AVC msg=audit(1359389906.490:26): avc: denied { write } for pid=3045 comm=clamscan name=tmp dev=dm-0 ino=2624119 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.528:27): arch=4003 syscall=5 success=yes exit=5 a0=92f1810 a1=2c2 a2=1c0 a3=bfdb5d2c items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.528:27): avc: denied { write } for pid=3045 comm=clamscan name=clamav-308541af5e7a69c500ba0757a9644b91 dev=dm-0 ino=2753728 scontext=system_u:system_r:clamscan_t:s0
Re: [CentOS] permission problems with avamis and Centos 6.3
On 01/28/2013 01:15 PM, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/28/2013 11:29 AM, Robert Moskowitz wrote: On 01/24/2013 02:48 PM, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/24/2013 01:15 PM, Robert Moskowitz wrote: Thank you for your suggestion, but it did not fix the permissions problem. On 01/24/2013 10:13 AM, Rob wrote: usermod -a -G amavis clam How is this different from: gpasswd -a clam amavis And I am still getting the permissions error. service clamd restart be happy On 24.01.2013, at 04:16, Robert Moskowitz r...@htt-consult.com wrote: I am trying to follow: http://wiki.centos.org/HowTos/Amavisd Which seems to really be written for Centos 5, with just some selinux references for Centos 6. There are real problems here for Centos 6 with the userids section. It gives the following command and result: cat /etc/passwd | grep amavis\|clamav clamav:x:101:102:Clam Anti Virus Checker:/var/clamav:/sbin/nologin amavis:x:102:103:Amavis email scan user:/var/amavis:/bin/sh But my Centos 6.3 has: clam:x:494:490:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin amavis:x:493:489::/var/spool/amavisd:/sbin/nologin Note the difference in userid clam instead of clamav. So this causes problems with the group recommendation: In addition, the clamav user should automatically have been added to the amavis group: # groups clamav clamav : clamav amavis If not, you can manually add clamav to the amavis group: gpasswd -a clamav amavis so I did: gpasswd -a clam amavis So far, it seems just changing what userid is now used by clamav... But in testing for spam I see the following in /var/log/maillog Jan 23 15:56:17 test1 amavis[25669]: (25669-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output=/var/spool/amavisd/tmp/amavis-20130123T155617-25669/parts: lstat() failed: Permission denied. ERROR\n I checked this directory tree and all along the tree the permissions are to amavis:amavis So where is my permission problem? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Can you attach the AVC messages from audit log. ausearch -m avc -ts recent Back home and booted up test system (thus no questions about clamav state): time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.446:25): arch=4003 syscall=5 success=yes exit=3 a0=92de9d8 a1=98800 a2=92de9d8 a3=92ba620 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.446:25): avc: denied { read } for pid=3045 comm=clamscan name=parts dev=dm-0 ino=2624185 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.490:26): arch=4003 syscall=39 success=yes exit=0 a0=92e64f8 a1=1c0 a2=a36cd8 a3=92e64f8 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.490:26): avc: denied { create } for pid=3045 comm=clamscan name=clamav-add5fee27e737080ac3907505396eca9 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir type=AVC msg=audit(1359389906.490:26): avc: denied { add_name } for pid=3045 comm=clamscan name=clamav-add5fee27e737080ac3907505396eca9 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir type=AVC msg=audit(1359389906.490:26): avc: denied { write } for pid=3045 comm=clamscan name=tmp dev=dm-0 ino=2624119 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.528:27): arch=4003 syscall=5 success=yes exit=5 a0=92f1810 a1=2c2 a2=1c0 a3=bfdb5d2c items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.528:27): avc: denied { write } for pid=3045 comm=clamscan name=clamav-308541af5e7a69c500ba0757a9644b91 dev=dm-0 ino=2753728 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0
Re: [CentOS] permission problems with avamis and Centos 6.3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/28/2013 02:39 PM, Robert Moskowitz wrote: On 01/28/2013 01:15 PM, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/28/2013 11:29 AM, Robert Moskowitz wrote: On 01/24/2013 02:48 PM, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/24/2013 01:15 PM, Robert Moskowitz wrote: Thank you for your suggestion, but it did not fix the permissions problem. On 01/24/2013 10:13 AM, Rob wrote: usermod -a -G amavis clam How is this different from: gpasswd -a clam amavis And I am still getting the permissions error. service clamd restart be happy On 24.01.2013, at 04:16, Robert Moskowitz r...@htt-consult.com wrote: I am trying to follow: http://wiki.centos.org/HowTos/Amavisd Which seems to really be written for Centos 5, with just some selinux references for Centos 6. There are real problems here for Centos 6 with the userids section. It gives the following command and result: cat /etc/passwd | grep amavis\|clamav clamav:x:101:102:Clam Anti Virus Checker:/var/clamav:/sbin/nologin amavis:x:102:103:Amavis email scan user:/var/amavis:/bin/sh But my Centos 6.3 has: clam:x:494:490:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin amavis:x:493:489::/var/spool/amavisd:/sbin/nologin Note the difference in userid clam instead of clamav. So this causes problems with the group recommendation: In addition, the clamav user should automatically have been added to the amavis group: # groups clamav clamav : clamav amavis If not, you can manually add clamav to the amavis group: gpasswd -a clamav amavis so I did: gpasswd -a clam amavis So far, it seems just changing what userid is now used by clamav... But in testing for spam I see the following in /var/log/maillog Jan 23 15:56:17 test1 amavis[25669]: (25669-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output=/var/spool/amavisd/tmp/amavis-20130123T155617-25669/parts: lstat() failed: Permission denied. ERROR\n I checked this directory tree and all along the tree the permissions are to amavis:amavis So where is my permission problem? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Can you attach the AVC messages from audit log. ausearch -m avc -ts recent Back home and booted up test system (thus no questions about clamav state): time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.446:25): arch=4003 syscall=5 success=yes exit=3 a0=92de9d8 a1=98800 a2=92de9d8 a3=92ba620 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.446:25): avc: denied { read } for pid=3045 comm=clamscan name=parts dev=dm-0 ino=2624185 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.490:26): arch=4003 syscall=39 success=yes exit=0 a0=92e64f8 a1=1c0 a2=a36cd8 a3=92e64f8 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.490:26): avc: denied { create } for pid=3045 comm=clamscan name=clamav-add5fee27e737080ac3907505396eca9 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir type=AVC msg=audit(1359389906.490:26): avc: denied { add_name } for pid=3045 comm=clamscan name=clamav-add5fee27e737080ac3907505396eca9 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir type=AVC msg=audit(1359389906.490:26): avc: denied { write } for pid=3045 comm=clamscan name=tmp dev=dm-0 ino=2624119 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.528:27): arch=4003 syscall=5 success=yes exit=5 a0=92f1810 a1=2c2 a2=1c0 a3=bfdb5d2c items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.528:27): avc: denied { write } for pid=3045
Re: [CentOS] permission problems with avamis and Centos 6.3
On 01/28/2013 02:46 PM, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/28/2013 02:39 PM, Robert Moskowitz wrote: On 01/28/2013 01:15 PM, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/28/2013 11:29 AM, Robert Moskowitz wrote: On 01/24/2013 02:48 PM, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/24/2013 01:15 PM, Robert Moskowitz wrote: Thank you for your suggestion, but it did not fix the permissions problem. On 01/24/2013 10:13 AM, Rob wrote: usermod -a -G amavis clam How is this different from: gpasswd -a clam amavis And I am still getting the permissions error. service clamd restart be happy On 24.01.2013, at 04:16, Robert Moskowitz r...@htt-consult.com wrote: I am trying to follow: http://wiki.centos.org/HowTos/Amavisd Which seems to really be written for Centos 5, with just some selinux references for Centos 6. There are real problems here for Centos 6 with the userids section. It gives the following command and result: cat /etc/passwd | grep amavis\|clamav clamav:x:101:102:Clam Anti Virus Checker:/var/clamav:/sbin/nologin amavis:x:102:103:Amavis email scan user:/var/amavis:/bin/sh But my Centos 6.3 has: clam:x:494:490:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin amavis:x:493:489::/var/spool/amavisd:/sbin/nologin Note the difference in userid clam instead of clamav. So this causes problems with the group recommendation: In addition, the clamav user should automatically have been added to the amavis group: # groups clamav clamav : clamav amavis If not, you can manually add clamav to the amavis group: gpasswd -a clamav amavis so I did: gpasswd -a clam amavis So far, it seems just changing what userid is now used by clamav... But in testing for spam I see the following in /var/log/maillog Jan 23 15:56:17 test1 amavis[25669]: (25669-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output=/var/spool/amavisd/tmp/amavis-20130123T155617-25669/parts: lstat() failed: Permission denied. ERROR\n I checked this directory tree and all along the tree the permissions are to amavis:amavis So where is my permission problem? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Can you attach the AVC messages from audit log. ausearch -m avc -ts recent Back home and booted up test system (thus no questions about clamav state): time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.446:25): arch=4003 syscall=5 success=yes exit=3 a0=92de9d8 a1=98800 a2=92de9d8 a3=92ba620 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.446:25): avc: denied { read } for pid=3045 comm=clamscan name=parts dev=dm-0 ino=2624185 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.490:26): arch=4003 syscall=39 success=yes exit=0 a0=92e64f8 a1=1c0 a2=a36cd8 a3=92e64f8 items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.490:26): avc: denied { create } for pid=3045 comm=clamscan name=clamav-add5fee27e737080ac3907505396eca9 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir type=AVC msg=audit(1359389906.490:26): avc: denied { add_name } for pid=3045 comm=clamscan name=clamav-add5fee27e737080ac3907505396eca9 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir type=AVC msg=audit(1359389906.490:26): avc: denied { write } for pid=3045 comm=clamscan name=tmp dev=dm-0 ino=2624119 scontext=system_u:system_r:clamscan_t:s0 tcontext=system_u:object_r:amavis_spool_t:s0 tclass=dir time-Mon Jan 28 11:18:26 2013 type=SYSCALL msg=audit(1359389906.528:27): arch=4003 syscall=5 success=yes exit=5 a0=92f1810 a1=2c2 a2=1c0 a3=bfdb5d2c items=0 ppid=2211 pid=3045 auid=4294967295 uid=493 gid=489 euid=493 suid=493 fsuid=493 egid=489 sgid=489 fsgid=489 tty=(none) ses=4294967295 comm=clamscan exe=/usr/bin/clamscan subj=system_u:system_r:clamscan_t:s0 key=(null) type=AVC msg=audit(1359389906.528:27): avc: denied { write } for pid=3045 comm=clamscan
Re: [CentOS] permission problems with avamis and Centos 6.3
usermod -a -G amavis clam service clamd restart be happy On 24.01.2013, at 04:16, Robert Moskowitz r...@htt-consult.com wrote: I am trying to follow: http://wiki.centos.org/HowTos/Amavisd Which seems to really be written for Centos 5, with just some selinux references for Centos 6. There are real problems here for Centos 6 with the userids section. It gives the following command and result: cat /etc/passwd | grep amavis\|clamav clamav:x:101:102:Clam Anti Virus Checker:/var/clamav:/sbin/nologin amavis:x:102:103:Amavis email scan user:/var/amavis:/bin/sh But my Centos 6.3 has: clam:x:494:490:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin amavis:x:493:489::/var/spool/amavisd:/sbin/nologin Note the difference in userid clam instead of clamav. So this causes problems with the group recommendation: In addition, the clamav user should automatically have been added to the amavis group: # groups clamav clamav : clamav amavis If not, you can manually add clamav to the amavis group: gpasswd -a clamav amavis so I did: gpasswd -a clam amavis So far, it seems just changing what userid is now used by clamav... But in testing for spam I see the following in /var/log/maillog Jan 23 15:56:17 test1 amavis[25669]: (25669-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output=/var/spool/amavisd/tmp/amavis-20130123T155617-25669/parts: lstat() failed: Permission denied. ERROR\n I checked this directory tree and all along the tree the permissions are to amavis:amavis So where is my permission problem? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] permission problems with avamis and Centos 6.3
Thank you for your suggestion, but it did not fix the permissions problem. On 01/24/2013 10:13 AM, Rob wrote: usermod -a -G amavis clam How is this different from: gpasswd -a clam amavis And I am still getting the permissions error. service clamd restart be happy On 24.01.2013, at 04:16, Robert Moskowitz r...@htt-consult.com wrote: I am trying to follow: http://wiki.centos.org/HowTos/Amavisd Which seems to really be written for Centos 5, with just some selinux references for Centos 6. There are real problems here for Centos 6 with the userids section. It gives the following command and result: cat /etc/passwd | grep amavis\|clamav clamav:x:101:102:Clam Anti Virus Checker:/var/clamav:/sbin/nologin amavis:x:102:103:Amavis email scan user:/var/amavis:/bin/sh But my Centos 6.3 has: clam:x:494:490:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin amavis:x:493:489::/var/spool/amavisd:/sbin/nologin Note the difference in userid clam instead of clamav. So this causes problems with the group recommendation: In addition, the clamav user should automatically have been added to the amavis group: # groups clamav clamav : clamav amavis If not, you can manually add clamav to the amavis group: gpasswd -a clamav amavis so I did: gpasswd -a clam amavis So far, it seems just changing what userid is now used by clamav... But in testing for spam I see the following in /var/log/maillog Jan 23 15:56:17 test1 amavis[25669]: (25669-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output=/var/spool/amavisd/tmp/amavis-20130123T155617-25669/parts: lstat() failed: Permission denied. ERROR\n I checked this directory tree and all along the tree the permissions are to amavis:amavis So where is my permission problem? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] permission problems with avamis and Centos 6.3
On 24.01.2013, at 19:15, Robert Moskowitz r...@htt-consult.com wrote: Thank you for your suggestion, but it did not fix the permissions problem. On 01/24/2013 10:13 AM, Rob wrote: usermod -a -G amavis clam How is this different from: gpasswd -a clam amavis And I am still getting the permissions error. service clamd restart be happy On 24.01.2013, at 04:16, Robert Moskowitz r...@htt-consult.com wrote: I am trying to follow: http://wiki.centos.org/HowTos/Amavisd Which seems to really be written for Centos 5, with just some selinux references for Centos 6. There are real problems here for Centos 6 with the userids section. It gives the following command and result: cat /etc/passwd | grep amavis\|clamav clamav:x:101:102:Clam Anti Virus Checker:/var/clamav:/sbin/nologin amavis:x:102:103:Amavis email scan user:/var/amavis:/bin/sh But my Centos 6.3 has: clam:x:494:490:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin amavis:x:493:489::/var/spool/amavisd:/sbin/nologin Note the difference in userid clam instead of clamav. So this causes problems with the group recommendation: In addition, the clamav user should automatically have been added to the amavis group: # groups clamav clamav : clamav amavis If not, you can manually add clamav to the amavis group: gpasswd -a clamav amavis so I did: gpasswd -a clam amavis So far, it seems just changing what userid is now used by clamav... But in testing for spam I see the following in /var/log/maillog Jan 23 15:56:17 test1 amavis[25669]: (25669-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output=/var/spool/amavisd/tmp/amavis-20130123T155617-25669/parts: lstat() failed: Permission denied. ERROR\n I checked this directory tree and all along the tree the permissions are to amavis:amavis So where is my permission problem? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos What are the permission for /var/spool/amavisd. Did you try: service clam stop service clam start Instead of: restart? (it is not the same) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] permission problems with avamis and Centos 6.3
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/24/2013 01:15 PM, Robert Moskowitz wrote: Thank you for your suggestion, but it did not fix the permissions problem. On 01/24/2013 10:13 AM, Rob wrote: usermod -a -G amavis clam How is this different from: gpasswd -a clam amavis And I am still getting the permissions error. service clamd restart be happy On 24.01.2013, at 04:16, Robert Moskowitz r...@htt-consult.com wrote: I am trying to follow: http://wiki.centos.org/HowTos/Amavisd Which seems to really be written for Centos 5, with just some selinux references for Centos 6. There are real problems here for Centos 6 with the userids section. It gives the following command and result: cat /etc/passwd | grep amavis\|clamav clamav:x:101:102:Clam Anti Virus Checker:/var/clamav:/sbin/nologin amavis:x:102:103:Amavis email scan user:/var/amavis:/bin/sh But my Centos 6.3 has: clam:x:494:490:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin amavis:x:493:489::/var/spool/amavisd:/sbin/nologin Note the difference in userid clam instead of clamav. So this causes problems with the group recommendation: In addition, the clamav user should automatically have been added to the amavis group: # groups clamav clamav : clamav amavis If not, you can manually add clamav to the amavis group: gpasswd -a clamav amavis so I did: gpasswd -a clam amavis So far, it seems just changing what userid is now used by clamav... But in testing for spam I see the following in /var/log/maillog Jan 23 15:56:17 test1 amavis[25669]: (25669-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output=/var/spool/amavisd/tmp/amavis-20130123T155617-25669/parts: lstat() failed: Permission denied. ERROR\n I checked this directory tree and all along the tree the permissions are to amavis:amavis So where is my permission problem? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Can you attach the AVC messages from audit log. ausearch -m avc -ts recent -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlEBkB4ACgkQrlYvE4MpobPzzwCeLiolKq7hzthQKuWaLtLHmQIO zVYAoOnEBvhNGxlPjIoptc7S5ueP2ev4 =YNrJ -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] permission problems with avamis and Centos 6.3
On hold until monday. It was decided we (family) would pack up and go to Chicago for the weekend. Will work on this when I get back. Thanks for the pointer. On 01/24/2013 02:48 PM, Daniel J Walsh wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/24/2013 01:15 PM, Robert Moskowitz wrote: Thank you for your suggestion, but it did not fix the permissions problem. On 01/24/2013 10:13 AM, Rob wrote: usermod -a -G amavis clam How is this different from: gpasswd -a clam amavis And I am still getting the permissions error. service clamd restart be happy On 24.01.2013, at 04:16, Robert Moskowitz r...@htt-consult.com wrote: I am trying to follow: http://wiki.centos.org/HowTos/Amavisd Which seems to really be written for Centos 5, with just some selinux references for Centos 6. There are real problems here for Centos 6 with the userids section. It gives the following command and result: cat /etc/passwd | grep amavis\|clamav clamav:x:101:102:Clam Anti Virus Checker:/var/clamav:/sbin/nologin amavis:x:102:103:Amavis email scan user:/var/amavis:/bin/sh But my Centos 6.3 has: clam:x:494:490:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin amavis:x:493:489::/var/spool/amavisd:/sbin/nologin Note the difference in userid clam instead of clamav. So this causes problems with the group recommendation: In addition, the clamav user should automatically have been added to the amavis group: # groups clamav clamav : clamav amavis If not, you can manually add clamav to the amavis group: gpasswd -a clamav amavis so I did: gpasswd -a clam amavis So far, it seems just changing what userid is now used by clamav... But in testing for spam I see the following in /var/log/maillog Jan 23 15:56:17 test1 amavis[25669]: (25669-01) (!)run_av (ClamAV-clamd) FAILED - unexpected , output=/var/spool/amavisd/tmp/amavis-20130123T155617-25669/parts: lstat() failed: Permission denied. ERROR\n I checked this directory tree and all along the tree the permissions are to amavis:amavis So where is my permission problem? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Can you attach the AVC messages from audit log. ausearch -m avc -ts recent -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlEBkB4ACgkQrlYvE4MpobPzzwCeLiolKq7hzthQKuWaLtLHmQIO zVYAoOnEBvhNGxlPjIoptc7S5ueP2ev4 =YNrJ -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos