system
November 6, 2014, 7:55am
1
Good Day.
I`m installed trial Avast (avast.x86_64 1.1.5-1).
in amavisd.conf for avast: (in accordance with the documentation techdoc-avast-linux-en.pdf from avast.com )
[‘Avast’, ‘/bin/scan’, ‘{}’, [0], [1], qr/\t(.+)/m ],
user for Avast = avast
group=amavis
cat /etc/group |grep amavis
amavis:x:492:clamav,avast
and follow errors in maillog:
Nov 6 17:06:07 mhub amavis[25669]: (25669-03) (!)run_av (Avast) FAILED - unexpected exit 2, output=“avast: /var/amavis/tmp/amavis-20141106T170547-25669-nhiUasHs/parts: Permission denied”
Nov 6 17:06:07 mhub amavis[25669]: (25669-03) (!)Avast av-scanner FAILED: /bin/scan unexpected exit 2, output=“avast: /var/amavis/tmp/amavis-20141106T170547-25669-nhiUasHs/parts: Permission denied” at (eval 101) line 897.
]# ls -l /var/amavis/tmp/
total 20
drwxrwx— 3 amavis amavis 4096 Nov 5 17:41 amavis-20141105T174103-27936-NH7t6HFp
drwxrwx— 3 amavis amavis 4096 Nov 5 17:42 amavis-20141105T174203-27937-SrYAWrn2
drwxrwx— 3 amavis amavis 4096 Nov 5 23:11 amavis-20141105T231155-17941-IoU_8hST
drwxrwx— 3 amavis amavis 4096 Nov 6 17:31 amavis-20141106T173106-27391-mBRhoqWg
drwxrwx— 3 amavis amavis 4096 Nov 6 17:32 amavis-20141106T173202-27506-BDQx0bMi
ls -l /var/amavis/tmp/amavis-20141106T173202-27506-BDQx0bMi/
total 8
-rw-r----- 1 amavis amavis 2407 Nov 6 17:51 email.txt
drwxr-x— 2 amavis amavis 4096 Nov 6 17:51 parts
rights for reading is ok!
clamd works without any errors…
what could be the problem with avast?
system
November 6, 2014, 10:47am
2
and other users have same problem.
for example:
amavisd and Avast! scanner - permission problems
https://groups.google.com/forum/#!msg/mailing.unix.amavis-user/s4uf_7K2WPk/FZt0AWYR2q0J
tumic
November 6, 2014, 5:49pm
3
Do you have SELinux enabled? Does it start working, if you disable SELinux (and reboot)?
system
November 7, 2014, 1:21am
4
SElinux is disabled
cat /etc/selinux/config
This file controls the state of SELinux on the system.
SELINUX= can take one of these three values:
enforcing - SELinux security policy is enforced.
permissive - SELinux prints warnings instead of enforcing.
disabled - No SELinux policy is loaded.
###SELINUX=enforcing
SELINUX=disabled
SELINUXTYPE= can take one of these two values:
targeted - Targeted processes are protected,
mls - Multi Level Security protection.
SELINUXTYPE=targeted
tumic
November 7, 2014, 5:44pm
5
Did you reboot after disabling SElinux? If SElinux is disabled, than it must be some error
with the access rights specific to your setup.
I have installed avast on a clean installation of CentOS 6.6 (amavis from rpmforge) and it works
for me (If I disable SElinux).
tumic
November 7, 2014, 5:47pm
6
Just a note - the av_scanners defiition you posted is broken, the correct one is
### http://www.avast.com
['Avast', '/bin/scan', '{}', [0], [1], qr/\t(.+)/m]
But this is probably only a copy&paste error since with such entry amavis would
not work at all I guess.
system
November 8, 2014, 1:55pm
7
Just a note - the av_scanners defiition you posted is broken, the correct one is
### http://www.avast.com
['Avast', '/bin/scan', '{}', [0], [1], qr/\t(.+)/m]
But this is probably only a copy&paste error since with such entry amavis would
not work at all I guess.
Yes, It is a copy&paste error…
system
November 12, 2014, 3:56am
8
Is it possible to start avast daemon from other user (non “avast”)?
tumic
November 12, 2014, 11:43am
9
Yes it is. Just create /etc/sysconfig/avast with the following content:
AVAST_USER='another_user'
AVAST_GROUP='another_group'
and change the owner of the avast data directory [i]/var/lib/avast[i]:
chown -R another_user:another_group /var/lib/avast
system
November 12, 2014, 2:23pm
10
Ok, Thanks a lot!
It works! For me It runs from ‘amavis’ user.
Also need to change the owner of the avast run directory /var/run/avast
#chown -R amavis:amavis /var/run/avast
Problem is solved.
Thanks!
tumic
November 13, 2014, 11:11pm
11
Yes, this is also required, I forgot this one.