ClamD permission issue

[quattr0]

Greetings,

Running the current pre-release version. I had to change the clamdscan.conf to reflect the correct name of the socket file which is clamd.ctl (Ubuntu 18.04.4 Bionic).

When downloading a file, this is the error in syslog.

Jun 15 12:54:35 ubuntu e2guardian[30410]: ClamD error: /tmp/csc5z8sU: Access denied. ERROR
Jun 15 12:54:35 ubuntu e2guardian[30410]: Unknown return code from content scanner: -1

Is this a bug? /var/run/clamav/clamd.ctl is own by clamav.

[fredbcode]

As far I can remember ... Clamav must works with the same id at least group id than e2 Please check with: ls -la /tmp/cs*

…

-- Envoyé de mon appareil Android avec Courriel K-9 Mail. Veuillez excuser ma brièveté.

[quattr0]

looks like it tried to create but couldn't. Here's the output

@ubuntu:~$ sudo ls -al /tmp/cs*
ls: cannot access '/tmp/cs*': No such file or directory

[fredbcode]

The file exist only when there is a dowload, you should try at the right time -- Envoyé de mon appareil Android avec Courriel K-9 Mail. Veuillez excuser ma brièveté.

[quattr0]

I just tried it again...e2guardian actually produces the error in syslog since yesterday...the error keeps repeating(the same error line is inserted in syslog every few seconds) in syslog.

And there isn't anything created in /tmp as it doesn't have permission; thus the error.

@ubuntu:~$ sudo tail /var/log/syslog
Jun 16 15:51:04 ubuntu e2guardian[30410]: ClamD error: /tmp/csZzeueT: Access denied. ERROR
Jun 16 15:51:04 ubuntu e2guardian[30410]: Unknown return code from content scanner: -1
Jun 16 15:51:07 ubuntu e2guardian[30410]: ClamD error: /tmp/csv7aR4n: Access denied. ERROR
Jun 16 15:51:07 ubuntu e2guardian[30410]: Unknown return code from content scanner: -1
Jun 16 15:51:10 ubuntu e2guardian[30410]: ClamD error: /tmp/csVMXkw4: Access denied. ERROR
Jun 16 15:51:10 ubuntu e2guardian[30410]: Unknown return code from content scanner: -1
Jun 16 15:51:13 ubuntu e2guardian[30410]: ClamD error: /tmp/csLCVBuW: Access denied. ERROR
Jun 16 15:51:13 ubuntu e2guardian[30410]: Unknown return code from content scanner: -1
Jun 16 15:51:17 ubuntu e2guardian[30410]: ClamD error: /tmp/csLu2z1Z: Access denied. ERROR
Jun 16 15:51:17 ubuntu e2guardian[30410]: Unknown return code from content scanner: -1

[KDGundermann]

which id/groupid have the e2guardian and clamav users ??

[quattr0]

sudo cat /etc/passwd | grep e2guardian
e2guardian:x:133:137:e2guardian User,,,:/var/log/e2guardian:/bin/sh

sudo cat /etc/passwd | grep clamav
clamav:x:134:138::/var/lib/clamav:/bin/false

[fredbcode]

Please add clamav to e2guardian group or run clamav whith e2guardian id (if possible)

[quattr0]

I added clamav to e2guardian group and restarted e2guardian, same error.

root@ubuntu:~# groups clamav
clamav : clamav e2guardian

Jul  8 09:28:53 ubuntu e2guardian[12642]: Unknown return code from content scann                                                                                        er: -1
Jul  8 09:28:56 ubuntu e2guardian[12642]: ClamD error: /tmp/csH9RTgO: Access den                                                                                        ied. ERROR
Jul  8 09:28:56 ubuntu e2guardian[12642]: Unknown return code from content scann                                                                                        er: -1
^C
root@ubuntu:~# ls /tmp/csH9RTgO:
ls: cannot access '/tmp/csH9RTgO:': No such file or directory

[fredbcode]

Hum, you can run clamav with e2guardian id ?
Also please try ls -la /tmp/* again and again when the proxy is used, you should see some files and their rights

[philipianpearce]

Stale