Clamav permissions

Forum for getting help with Project Gamera, Spamassassin, Clamav, qmail-scanner and other anti-spam tools.
Galactic Zero
Forum Regular
Forum Regular
Posts: 471
Joined: Mon Dec 06, 2004 10:43 pm

Clamav permissions

Unread post by Galactic Zero »

Ok, what am I missing here?

[root@gz httpdocs]# freshclam
ClamAV update process started at Wed May 21 15:10:43 2008
main.cvd is up to date (version: 46, sigs: 231834, f-level: 26, builder: sven)
ERROR: chdir_tmp: Can't create directory ./clamav-9a6c236742c44cbb823ae0bd5bce8898
WARNING: Incremental update failed, trying to download daily.cvd
ERROR: getfile: Can't create new file /var/clamav/clamav-3fb571f641615bec8c92306667f9dcdb in /var/clamav
Hint: The database directory must be writable for UID 113 or GID 102
WARNING: Can't download daily.cvd from db.local.clamav.net

users clamav and qscand are group members of both clamav:
clamav:x:102:qscand,clamav
qscand:x:103:qscand

/var/clamav has qscand:qscand as owner and group.

This was all the default from the RPM's in Atomic SRPMs channel.

Thanks
Franklyn
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Unread post by scott »

Freshclam might be configured to run as userid clamav instead of qscand.
Galactic Zero
Forum Regular
Forum Regular
Posts: 471
Joined: Mon Dec 06, 2004 10:43 pm

Unread post by Galactic Zero »

This the spot to change that in freshclam.conf?

# By default when started freshclam drops privileges and switches to the
# "clamav" user. This directive allows you to change the database owner.
# Default: clamav (may depend on installation options)
DatabaseOwner clamav
Franklyn Halamka
Still learning my way around Linux Security.
http://www.galacticzero.net
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Unread post by scott »

Yup, thats the one
Galactic Zero
Forum Regular
Forum Regular
Posts: 471
Joined: Mon Dec 06, 2004 10:43 pm

Unread post by Galactic Zero »

Thanks, that fixed it.
Franklyn Halamka
Still learning my way around Linux Security.
http://www.galacticzero.net
Post Reply