LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 08-20-2008, 09:33 PM   #1
ragebot
Member
 
Registered: Jun 2008
Location: Devon, United Kingdom
Distribution: Slackware 12.1-current
Posts: 32

Rep: Reputation: 15
question about SLACKBUILD: clamav and problems with milter


Hi everyone

built clamav using the slackbuild at slackbuilds.org and it seemed to go ok, but i can't get the clamav-milter daemon to start.

I haven't altered the build script at all apart from to point it to the latest sources as it's a little out of date.

I've update my sendmail mc file and modified the /etc/rc.d/rc.clamav script so it will start the daemon but each time i do i get:

clamav: Operation not permitted.

I've tried a variety of things from 'how-to's i've found but it's the same issue and i can't get it sorted.

Can anyone help at all as i'm stuck!

Cheers, Jamie
 
Old 08-20-2008, 09:38 PM   #2
MS3FGX
Guru
 
Registered: Jan 2004
Location: NJ, USA
Distribution: Slackware, Debian
Posts: 5,852

Rep: Reputation: 351Reputation: 351Reputation: 351Reputation: 351
When do you get that error, when you try to execute the rc.clamav file? Have you verified it is executable?
 
Old 08-20-2008, 09:51 PM   #3
ragebot
Member
 
Registered: Jun 2008
Location: Devon, United Kingdom
Distribution: Slackware 12.1-current
Posts: 32

Original Poster
Rep: Reputation: 15
yeah it's definately executable...checked that.

it starts the clamd daemon and freshclam daemon ok but then gives the error i described and doesn't generate the milter socket.

sendmail is configured with milter support, which i checked also.
 
Old 08-20-2008, 10:01 PM   #4
ragebot
Member
 
Registered: Jun 2008
Location: Devon, United Kingdom
Distribution: Slackware 12.1-current
Posts: 32

Original Poster
Rep: Reputation: 15
i have just checked /usr/sbin/clamav-milter which does not appear to be executable:

j# ls -l /usr/sbin/ | grep clam
-rws------ 1 clamav root 129892 2008-08-20 23:45 clamav-milter
-rwxr-xr-x 1 root root 61672 2008-08-20 23:45 clamd

do you think this could be my problem?

Jamie
 
Old 08-21-2008, 02:54 AM   #5
gnashley
Amigo developer
 
Registered: Dec 2003
Location: Germany
Distribution: Slackware
Posts: 4,749

Rep: Reputation: 461Reputation: 461Reputation: 461Reputation: 461Reputation: 461
Sounds like it. You should write a line into the SlackBuild script which makes the file executable. It can't be run if it isn't executable.
 
Old 08-21-2008, 11:47 AM   #6
ragebot
Member
 
Registered: Jun 2008
Location: Devon, United Kingdom
Distribution: Slackware 12.1-current
Posts: 32

Original Poster
Rep: Reputation: 15
Thanks for your help, i've sorted it. Stupid really; i don't know why i did look at /usr/sbin/clamav-milter permissions before.

changing ownership and permission (chown & chmod) put it right.


Although, i'm not sure why the slackbuild script didn't include a line to put that right in the first place. Not criticising slackbuilds or anything as i use them religiously; just would have saved a lot of time.

Nevermind, thanks again.

Jamie
 
Old 08-21-2008, 12:13 PM   #7
keefaz
Senior Member
 
Registered: Mar 2004
Distribution: Slackware
Posts: 4,322

Rep: Reputation: 71
I am afraid but the permissions were right to me (I could be wrong)
Code:
-rws------ 1 clamav root   129892 2008-08-20 23:45 clamav-milter
Look closely, the suid bit is set (letter "s") but just for the file owner (first position)
So that means user clamav can execute clamav-milter with root privileges
 
Old 08-21-2008, 12:19 PM   #8
ragebot
Member
 
Registered: Jun 2008
Location: Devon, United Kingdom
Distribution: Slackware 12.1-current
Posts: 32

Original Poster
Rep: Reputation: 15
hmmm, confusing. You see i tried it over and over and when the clamav-milter daemon was activated (clamd and freshclam were ok) it kept returning an error:

Code:
Clamav: Operation not Permitted
Changing the ownership to root and adding 'chmod +x' resolved it straight away. Is this not correct then?
 
Old 08-21-2008, 12:24 PM   #9
keefaz
Senior Member
 
Registered: Mar 2004
Distribution: Slackware
Posts: 4,322

Rep: Reputation: 71
I don't know as I don't use clamav but I think you have to create an user named "clamav"
It is like mysql, apache or ftp; those softwares use an user to not execute everything as root

Could you post your rc.clamav script ?

[edit]
I am an idiot, the clamav user is already in your system, else the ls output wouldn't show its name! (check /etc/passwd) So the error must comes from the rc.clamav script

Last edited by keefaz; 08-21-2008 at 12:34 PM.
 
Old 08-21-2008, 12:30 PM   #10
ragebot
Member
 
Registered: Jun 2008
Location: Devon, United Kingdom
Distribution: Slackware 12.1-current
Posts: 32

Original Poster
Rep: Reputation: 15
I had to create the user clamav and its group before i could install the software (as determined by the slackbuild i used) so that was already set up correctly (i believe).

Here's the script i've got:

Code:
#!/bin/sh
# Start/stop/restart clamav.
# $Id: rc.clamav,v 1.1 2007/02/14 10:29:03 root Exp root $
# Author: Eric Hameleers <alien@slackware.com>
# ---------------------------------------------------------------------------
# Slightly modified by Robby Workman <rworkman@slackbuilds.org>
# to replace backticks ( s/`command`/$(command)/ )

# Set to '1' if you want milter support:
MILTER=1

# Start clamav:
clamav_start() {
  if [ -x /usr/sbin/clamd ]; then
    echo -n "Starting clamd daemon:  /usr/sbin/clamd "
    /usr/sbin/clamd
    echo "."
    # Give clamd a chance to create the socket
    sleep 1
    echo -n "Starting freshclam daemon:  /usr/bin/freshclam -d -l /var/log/freshclam.log "
    /usr/bin/freshclam -d -l /var/log/freshclam.log
    echo "."
    if [ "$MILTER" == "1" ]; then
      echo -n "Starting clamav-milter daemon:  /usr/sbin/clamav-milter -dblo --max-children=2 --quarantine-dir=/var/mail/quarantine local:/var/run/clamav/clmilter.sock "
      /usr/sbin/clamav-milter -dblo --max-children=2 --quarantine-dir=/var/mail/quarantine local:/var/run/clamav/clmilter.sock
      echo "."
    fi
  fi
}

# Stop clamav:
clamav_stop() {
  kill $(cat /var/run/clamav/clamd.pid)
  #killall freshclam
  kill $(cat /var/run/clamav/freshclam.pid)
  [ "$MILTER" == "1" ] && killall clamav-milter
}

# Restart clamav:
clamav_restart() {
  clamav_stop
  sleep 1
  clamav_start
}

case "$1" in
'start')
  clamav_start
  ;;
'stop')
  clamav_stop
  ;;
'restart')
  clamav_restart
  ;;
*)
  echo "usage $0 start|stop|restart"
esac
Jamie
 
Old 08-21-2008, 12:45 PM   #11
keefaz
Senior Member
 
Registered: Mar 2004
Distribution: Slackware
Posts: 4,322

Rep: Reputation: 71
Could you try:
Code:
su clamav -c '/usr/sbin/clamav-milter -dblo --max-children=2 --quarantine-dir=/var/mail/quarantine local:/var/run/clamav/clmilter.sock'
instead of:
Code:
/usr/sbin/clamav-milter -dblo --max-children=2 --quarantine-dir=/var/mail/quarantine local:/var/run/clamav/clmilter.sock
in the clamav_start() function, after you reset the /usr/sbin/clamav-milter to -rws------

Code:
chown clamav /usr/sbin/clamav-milter
chmod 4600 /usr/sbin/clamav-milter
 
Old 08-21-2008, 01:18 PM   #12
ragebot
Member
 
Registered: Jun 2008
Location: Devon, United Kingdom
Distribution: Slackware 12.1-current
Posts: 32

Original Poster
Rep: Reputation: 15
Tried that but it did not work: the milter would not start.

Reverting to root ownership on /usr/sbin/clamav-milter and chmod +x /usr/sbin/clamav-milter put it right again.

Jamie
 
Old 08-21-2008, 02:01 PM   #13
keefaz
Senior Member
 
Registered: Mar 2004
Distribution: Slackware
Posts: 4,322

Rep: Reputation: 71
Yes, whatever works...
It's weird though.. I wonder about what the clamav user is supposed to do

[edit]
Also I was wrong with the setuid bit, with the clamav-milter file owner set to clamav and with the setuid bit set, that means that root can execute clamav-milter and the process should have the clamav rights (I said the contrary )

Last edited by keefaz; 08-21-2008 at 02:38 PM. Reason: just wanted to correct myself
 
Old 08-21-2008, 03:36 PM   #14
ragebot
Member
 
Registered: Jun 2008
Location: Devon, United Kingdom
Distribution: Slackware 12.1-current
Posts: 32

Original Poster
Rep: Reputation: 15
yeah it struck me as odd: i've never needed to change anything when i've used slackbuild scripts in the past. But,obviously the fact it's working is great, i just hope there aren't any security issues running it this way.

Interesingly, clamd is running as user 'clamav' according to the log-files.

i might drop a mail to the clamav list and see what they say.

Thanks for your help though.

Jamie
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Database error - clamav-milter is stopping m2azer Linux - Server 2 12-16-2007 08:48 PM
clamav-milter: accept() returned invalid socket RichDygert Linux - Enterprise 1 05-07-2007 08:20 PM
Clamav-Milter Issues (messages not being processed) jon3k Linux - Server 0 08-28-2006 05:31 PM
Problem with amavis-milter + sendmail + clamav bhaveshvv109 Linux - General 0 06-21-2006 07:56 AM
Amavisd-new: Interface to Sendmail milter + ClamAV cyberjames Slackware 0 02-07-2005 01:41 AM


All times are GMT -5. The time now is 06:23 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration