On Fri, Feb 18, 2011 at 6:52 PM, Udo Hortian <udo_hortian(a)web.de> wrote:
Hello Gordon,
On Fri, Feb 18, 2011 at 10:07:31AM -0500, Gordon Dickens wrote:
That is quite strange especially since it only occurs sometimes. I can't say for sure but I suspect that this is most probably a ClamAV problem. Check to see if the clamd logs have any related entries that might yield a clue. I checked the clamav.log and when the error occurs I find lines like:
Tue Feb 15 22:20:42 2011 -> /var/spool/exim4/scan/XXXX/XXXX.eml: Can't create temporary directory ERROR
Just like in exim's paniclog.
I realize this is obvious but make sure that the Debian-exim user and clamav user both have read/write permission to the /var/spool/exim4/scan directory. In fact the permissions to this directory are as follows:
ls -l /var/spool/exim4/ | grep scan drwxr-x--- 2 Debian-exim Debian-exim 4096 Feb 18 12:54 scan
Before I checked this, but somehow was not noting the missing w for the group.
So the Debian-exim group has NO write-permission. On another system running exim4u (which I use as the primary MX) the permissions are identical and I do not have any errors of this kind there.
Probably here lies the problem. But since I do not have any problems on the other system, I would like to understand first, why I really need write access here. How does virus scanning actually works? Which process really needs access to this directory?
Then I would like to understand why there are no problems on my other system.
Things to check::: I run clamd as mailnull (the same user Exim runs as). Afterall, they both process the same mail. (20:20:25 <~>) 0 $ grep User /usr/local/etc/clamd.conf User mailnull (20:20:35 <~>) 0 $ exim -bP | grep exim_user exim_user = mailnull (20:20:49 <~>) 0 $ (20:20:49 <~>) 0 $ ls -al /var/spool/exim/ total 24 drwxr-x--- 7 mailnull mailnull 512 Oct 26 2009 . drwxr-xr-x 15 root wheel 512 Dec 27 15:17 .. drwxr-x--- 2 mailnull mailnull 512 Feb 18 18:18 db drwxr-x--- 13 mailnull mailnull 7680 Feb 18 20:13 input drwxr-x--- 2 mailnull mailnull 512 Oct 26 2009 log drwxr-x--- 17 mailnull mailnull 4096 Feb 18 20:13 msglog drwxr-x--- 3 mailnull mailnull 512 Feb 18 20:13 scan (20:21:16 <~>) 0 $ In clamd.conf: TemporaryDirectory /var/tmp -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Damn!!