On Tue, 8 Jun 2004, Troy Piggins wrote:
I tried clamassassin, but for some reason every mail with an attachment
returned with a header saying something like
Clamscan: Access denied.
This message comes up with regard to clamd permissions to access the
temporary files created by the user. I added the following lines to my
clamassassin script (in appropriate locations):
TMPPATH=/tmp/clamav
# Before the 'mktemp' command.....
if [ ! -d /tmp/clamav ]
then
sudo -u clamav /bin/mkdir -m 2777 /tmp/clamav
fi
# After the /bin/cat > ${MSGTMP} command.....
# the temp file is group 'clamav', now make it readable by group...
chmod g+rw ${MSGTMP}
and added the following line to /etc/sudoers:
# Allow /etc/procmailrc to recrate /tmp/clamav with proper
# userid/groupid and group execute bit set, so that temp files
# created in this dir have the proper group for access by clamd.
# This is preferred over a 'chgrp' sudo command so that
# we don't have every mail process accessing sudo
ALL ALL= (clamav) NOPASSWD: /bin/mkdir -m 2777 /tmp/clamav
As the comment indicates, I first tried a 'chgrp sudo (tmpfile)' but ended
up with a long sudo log with one entry for every piece of mail.
The test and create of the directory covers the fact that system cleanup
occasionally gets rid of /tmp/clamav - alternately, you could put the
tempfiles in a different location.....
- Charles
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail