Re: [Exim] Exiscan and Clam Antivirus

Top Page
Delete this message
Reply to this message
Author: Patrick Boutilier
Date:  
To: Tom Kistner, exim-users
Subject: Re: [Exim] Exiscan and Clam Antivirus
I don't think it is a permission problem because exim should run with
the same permisions wheter it is in the foreground or the background.
Can anybody confirm this?

I removed the clean up code from the exiscan patch to see what the files
looked like after a successful scan. Here are the results:



ls -l /var/spool/exim-scan/scan/
total 0
drwxr-x---   2 exim     exim          272 Jun  4 12:54 17FGdh-0005AI-00




ls -l /var/spool/exim-scan/scan/17FGdh-0005AI-00/
total 20
-rw-rw-rw-   1 exim     exim         1006 Jun  4 12:54
17FGdh-0005AI-00-complete
-rw-rw-rw-   1 exim     exim          404 Jun  4 12:54
17FGdh-0005AI-00-scanner_output
-rw-rw-rw-   1 exim     exim           69 Jun  4 12:54 eicar.com
-rw-rw-rw-   1 exim     exim           46 Jun  4 12:54 textfile0
-rw-rw-rw-   1 exim     exim            7 Jun  4 12:54 textfile1
-rw-rw-rw-   1 exim     exim            0 Jun  4 12:54 textfile2






I am thinking that this error is being generated because the file is
never created in the background.

exiscan: unable to open scanner output file for reading

Just proved that theory by running in the background and the
-scanner_output file is missing.



ls -l /var/spool/exim-scan/scan/17FGtB-0006dR-00/
total 16
-rw-rw-rw-   1 exim     exim         1006 Jun  4 13:10
17FGtB-0006dR-00-complete
-rw-rw-rw-   1 exim     exim           69 Jun  4 13:10 eicar.com
-rw-rw-rw-   1 exim     exim           46 Jun  4 13:10 textfile0
-rw-rw-rw-   1 exim     exim            7 Jun  4 13:10 textfile1
-rw-rw-rw-   1 exim     exim            0 Jun  4 13:10 textfile2











Tom Kistner wrote:
> On Mon, Jun 03, 2002 at 09:16:45PM -0300, boutilpj (boutilpj@???) wrote:
>
>
>>2002-06-03 21:07:59 17F1rj-0005tt-00 temporarily rejected by
>>local_scan(): exiscan: unable to open scanner output file for reading:
>>/var/spool/exim-scan/scan/17F1rj-0005tt-00/17F1rj-0005tt-00-scanner_output
>
>
> This looks like a permission problem. What user does exim run as in daemon
> mode ? Is the scanner installed setuid ? It looks like exim is not allowed
> to read the file produced by the scanner.
>
> /tom
>
> --
> Tom Kistner <tom@???>
> ICQ 1501527 dcanthrax@efnet
> http://duncanthrax.net
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>