Author Topic: avast4linux with avast4mail on gentoo - permission problem?  (Read 11690 times)

0 Members and 1 Guest are viewing this topic.

tohen

  • Guest
Hi,

I installed avast4linux and avst4mail (and libavastengine) on a gentoo-machine with qmail an like to integrate it into qmail.
I followed the instructions in the INSTALL file but I get the following error when starting avastd:
Code: [Select]
May 04 15:07:51 avastd[25301]: info: Starting avast! daemon
May 04 15:07:51 avastd[25301]: info: using this configuration for section 'mail'
May 04 15:07:51 avastd[25301]: info:   daemons count: default=3, maximum=10
May 04 15:07:51 avastd[25301]: info:   avast! interface: /var/run/avastmail/mailscanner.sock (timeout: 300s)
May 04 15:07:51 avastd[25301]: info:   user: avmail
May 04 15:07:51 avastd[25301]: info:   group: avmail
May 04 15:07:51 avastd[25301]: info:   rootdir: /var
May 04 15:07:51 avastd[25301]: info:   datadir: /var/lib/avast4
May 04 15:07:51 avastd[25301]: info:   tempdir: /var/tmp/avast4
May 04 15:07:51 avastd[25301]: info:   licensefile: /var/lib/avast4/License.dat
May 04 15:07:51 avastd[25301]: info:   scan subdirectories: no
May 04 15:07:51 avastd[25301]: info:   avast! engine flags: testall
May 04 15:07:51 avastd[25301]: info:   packers: types=A, maxdepth=32, summary archives=no
May 04 15:07:51 avastd[25301]: info:   packers bombs: maxfilesize=500000, maxcompressratio=50, compresscheckthre
shold=10000
May 04 15:07:51 avastd[25301]: info:                  maxtotalcompressratio=100, totalcompresscheckthreshold=100
0
May 04 15:07:51 avastd[25301]: info:   log scan results: loginfected logscanerrors
May 04 15:07:51 avastd[25301]: info: listenning on unix socket /var/run/avastmail/mailscanner.sock
May 04 15:07:51 avastd[25302]: warning: can't set group name to 'avmail', Operation not permitted
May 04 15:07:51 avastd[25302]: warning: can't change program root directory to '/var', Operation not permitted
May 04 15:07:51 avastd[25301]: info: started new 'mail' process (pid=25302)
May 04 15:07:51 avastd[25303]: warning: can't set group name to 'avmail', Operation not permitted
May 04 15:07:51 avastd[25303]: warning: can't change program root directory to '/var', Operation not permitted
May 04 15:07:51 avastd[25301]: info: started new 'mail' process (pid=25303)
May 04 15:07:51 avastd[25304]: warning: can't set group name to 'avmail', Operation not permitted
May 04 15:07:51 avastd[25304]: warning: can't change program root directory to '/var', Operation not permitted
May 04 15:07:51 avastd[25301]: info: started new 'mail' process (pid=25304)
But the avastd seems to run.

When sending a mail I get the following error:
Code: [Select]
May 04 15:09:47 avastd[23278]: info: new avast! socket connection at /var/run/avastmail/mailscanner.sock
May 04 15:09:47 avastd[23278]: warning: mail[23279]: /var/lib/avastmail/tmp/msg131675372  [E]     Permission denied
May 04 15:09:47 avastd[23278]: info: closing avast! connection

In the header of the send mail I get the following:
Code: [Select]
X-Antivirus: avast! (VPS 100226-0, 26.02.2010)
X-Antivirus-Status: Unscanned, scan failed

Yes, I know, the VPS is not up to date but its only on a seperated virtual machine for testing the basic funtionallity.

Any help would be nice. I can give more info if one needs it.

Regards

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: avast4linux with avast4mail on gentoo - permission problem?
« Reply #1 on: May 05, 2010, 11:40:28 AM »
Hi,

I installed avast4linux and avst4mail (and libavastengine) on a gentoo-machine with qmail an like to integrate it into qmail.
I followed the instructions in the INSTALL file but I get the following error when starting avastd:
Code: [Select]
May 04 15:07:51 avastd[25301]: info: Starting avast! daemon
May 04 15:07:51 avastd[25301]: info: using this configuration for section 'mail'
May 04 15:07:51 avastd[25301]: info:   daemons count: default=3, maximum=10
May 04 15:07:51 avastd[25301]: info:   avast! interface: /var/run/avastmail/mailscanner.sock (timeout: 300s)
May 04 15:07:51 avastd[25301]: info:   user: avmail
May 04 15:07:51 avastd[25301]: info:   group: avmail
May 04 15:07:51 avastd[25301]: info:   rootdir: /var
May 04 15:07:51 avastd[25301]: info:   datadir: /var/lib/avast4
May 04 15:07:51 avastd[25301]: info:   tempdir: /var/tmp/avast4
May 04 15:07:51 avastd[25301]: info:   licensefile: /var/lib/avast4/License.dat
May 04 15:07:51 avastd[25301]: info:   scan subdirectories: no
May 04 15:07:51 avastd[25301]: info:   avast! engine flags: testall
May 04 15:07:51 avastd[25301]: info:   packers: types=A, maxdepth=32, summary archives=no
May 04 15:07:51 avastd[25301]: info:   packers bombs: maxfilesize=500000, maxcompressratio=50, compresscheckthre
shold=10000
May 04 15:07:51 avastd[25301]: info:                  maxtotalcompressratio=100, totalcompresscheckthreshold=100
0
May 04 15:07:51 avastd[25301]: info:   log scan results: loginfected logscanerrors
May 04 15:07:51 avastd[25301]: info: listenning on unix socket /var/run/avastmail/mailscanner.sock
May 04 15:07:51 avastd[25302]: warning: can't set group name to 'avmail', Operation not permitted
May 04 15:07:51 avastd[25302]: warning: can't change program root directory to '/var', Operation not permitted
May 04 15:07:51 avastd[25301]: info: started new 'mail' process (pid=25302)
May 04 15:07:51 avastd[25303]: warning: can't set group name to 'avmail', Operation not permitted
May 04 15:07:51 avastd[25303]: warning: can't change program root directory to '/var', Operation not permitted
May 04 15:07:51 avastd[25301]: info: started new 'mail' process (pid=25303)
May 04 15:07:51 avastd[25304]: warning: can't set group name to 'avmail', Operation not permitted
May 04 15:07:51 avastd[25304]: warning: can't change program root directory to '/var', Operation not permitted
May 04 15:07:51 avastd[25301]: info: started new 'mail' process (pid=25304)
But the avastd seems to run.

When sending a mail I get the following error:
Code: [Select]
May 04 15:09:47 avastd[23278]: info: new avast! socket connection at /var/run/avastmail/mailscanner.sock
May 04 15:09:47 avastd[23278]: warning: mail[23279]: /var/lib/avastmail/tmp/msg131675372  [E]     Permission denied
May 04 15:09:47 avastd[23278]: info: closing avast! connection

In the header of the send mail I get the following:
Code: [Select]
X-Antivirus: avast! (VPS 100226-0, 26.02.2010)
X-Antivirus-Status: Unscanned, scan failed

Yes, I know, the VPS is not up to date but its only on a seperated virtual machine for testing the basic funtionallity.

Any help would be nice. I can give more info if one needs it.

Regards

hallo,
just make sure that those groups exist, and the detination directories have the proper rights. this is usually distribution-dependent.

regards,
pc
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)

tohen

  • Guest
Re: avast4linux with avast4mail on gentoo - permission problem?
« Reply #2 on: May 05, 2010, 04:30:28 PM »

hallo,
just make sure that those groups exist, and the detination directories have the proper rights. this is usually distribution-dependent.

regards,
pc

Hello,

thank you for your answer. Which directories do you mean exactly?
Here are my user:group configs:

Code: [Select]
# grep avmail /etc/passwd
avmail:x:412:412:avastmail:/var/run/avastmail:/sbin/nologon
# grep avmail /etc/group
avmail:x:412:
# groups avmail
avmail

Permissions of directories:
Code: [Select]
# ls -al /var/lib/avastmail/
insgesamt 1
drwxrwxr-x  4 avmail avmail  104  5. Mai 15:30 .
drwxr-xr-x 41 root   root   1136  5. Mai 15:30 ..
drwxrwxr-x  2 avmail avmail   88  5. Mai 15:30 notification
drwxrwx---  2 avmail avmail   48  5. Mai 15:40 tmp
# ls -al /var/run/avastmail/
insgesamt 1
drwxrwx--T  2 avmail avmail  80  5. Mai 16:01 .
drwxr-xr-x 16 root   root   824  5. Mai 16:01 ..
srw-rw----  1 avmail avmail   0  5. Mai 16:01 mailscanner.sock

Thank you for your help!

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: avast4linux with avast4mail on gentoo - permission problem?
« Reply #3 on: May 06, 2010, 02:29:03 PM »

hallo,
just make sure that those groups exist, and the detination directories have the proper rights. this is usually distribution-dependent.

regards,
pc

Hello,

thank you for your answer. Which directories do you mean exactly?
Here are my user:group configs:

Code: [Select]
# grep avmail /etc/passwd
avmail:x:412:412:avastmail:/var/run/avastmail:/sbin/nologon
# grep avmail /etc/group
avmail:x:412:
# groups avmail
avmail

Permissions of directories:
Code: [Select]
# ls -al /var/lib/avastmail/
insgesamt 1
drwxrwxr-x  4 avmail avmail  104  5. Mai 15:30 .
drwxr-xr-x 41 root   root   1136  5. Mai 15:30 ..
drwxrwxr-x  2 avmail avmail   88  5. Mai 15:30 notification
drwxrwx---  2 avmail avmail   48  5. Mai 15:40 tmp
# ls -al /var/run/avastmail/
insgesamt 1
drwxrwx--T  2 avmail avmail  80  5. Mai 16:01 .
drwxr-xr-x 16 root   root   824  5. Mai 16:01 ..
srw-rw----  1 avmail avmail   0  5. Mai 16:01 mailscanner.sock

Thank you for your help!

do you run avastd as root, to be able to switch to the proper uid/gid?

regards,
pc
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)

tohen

  • Guest
Re: avast4linux with avast4mail on gentoo - permission problem?
« Reply #4 on: May 06, 2010, 03:20:43 PM »
do you run avastd as root, to be able to switch to the proper uid/gid?

regards,
pc

Yes, I start it as root. Its the same result if I start it with /etc/init.d/avastd or directly with /usr/sbin/avastd
Here's  the ps output from a running process. As you see, the gid is not changed:
Code: [Select]
# ps -eo uid,gid,args | grep avast
    0     0 avastd
  412     0 avastd
  412     0 avastd
  412     0 avastd

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: avast4linux with avast4mail on gentoo - permission problem?
« Reply #5 on: May 06, 2010, 04:50:47 PM »
do you run avastd as root, to be able to switch to the proper uid/gid?

regards,
pc

Yes, I start it as root. Its the same result if I start it with /etc/init.d/avastd or directly with /usr/sbin/avastd
Here's  the ps output from a running process. As you see, the gid is not changed:
Code: [Select]
# ps -eo uid,gid,args | grep avast
    0     0 avastd
  412     0 avastd
  412     0 avastd
  412     0 avastd

then, run avastd under strace -f , to get clue why are the system calls for setuid/setgid/chdir failing (why is the returned value -EPERM). doesn';t make sense for me, when the software runs under root-account.

regards,
pc
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)

tohen

  • Guest
Re: avast4linux with avast4mail on gentoo - permission problem?
« Reply #6 on: May 10, 2010, 11:35:06 AM »
do you run avastd as root, to be able to switch to the proper uid/gid?

regards,
pc

Yes, I start it as root. Its the same result if I start it with /etc/init.d/avastd or directly with /usr/sbin/avastd
Here's  the ps output from a running process. As you see, the gid is not changed:
Code: [Select]
# ps -eo uid,gid,args | grep avast
    0     0 avastd
  412     0 avastd
  412     0 avastd
  412     0 avastd

then, run avastd under strace -f , to get clue why are the system calls for setuid/setgid/chdir failing (why is the returned value -EPERM). doesn';t make sense for me, when the software runs under root-account.

regards,
pc

I have run avastd under strace -f but do not find a reason for my problem. The log is to big to attach it. Here is the link to it. Would be nice if you could have a look at it.
http://dl.dropbox.com/u/712194/avastd-strace.txt

regards and thank you

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: avast4linux with avast4mail on gentoo - permission problem?
« Reply #7 on: May 10, 2010, 06:58:30 PM »
do you run avastd as root, to be able to switch to the proper uid/gid?

regards,
pc

Yes, I start it as root. Its the same result if I start it with /etc/init.d/avastd or directly with /usr/sbin/avastd
Here's  the ps output from a running process. As you see, the gid is not changed:
Code: [Select]
# ps -eo uid,gid,args | grep avast
    0     0 avastd
  412     0 avastd
  412     0 avastd
  412     0 avastd

then, run avastd under strace -f , to get clue why are the system calls for setuid/setgid/chdir failing (why is the returned value -EPERM). doesn';t make sense for me, when the software runs under root-account.

regards,
pc

I have run avastd under strace -f but do not find a reason for my problem. The log is to big to attach it. Here is the link to it. Would be nice if you could have a look at it.
http://dl.dropbox.com/u/712194/avastd-strace.txt

regards and thank you

Seems like there's bad ordering of id-changes, where uid-change preceedes groupid-change - i'll forward it to my colleague who's responsible for this piece of code, test build will be available tommorow.

regards,
pc
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: avast4linux with avast4mail on gentoo - permission problem?
« Reply #8 on: May 11, 2010, 10:45:36 AM »
do you run avastd as root, to be able to switch to the proper uid/gid?

regards,
pc

Yes, I start it as root. Its the same result if I start it with /etc/init.d/avastd or directly with /usr/sbin/avastd
Here's  the ps output from a running process. As you see, the gid is not changed:
Code: [Select]
# ps -eo uid,gid,args | grep avast
    0     0 avastd
  412     0 avastd
  412     0 avastd
  412     0 avastd

then, run avastd under strace -f , to get clue why are the system calls for setuid/setgid/chdir failing (why is the returned value -EPERM). doesn';t make sense for me, when the software runs under root-account.

regards,
pc

I have run avastd under strace -f but do not find a reason for my problem. The log is to big to attach it. Here is the link to it. Would be nice if you could have a look at it.
http://dl.dropbox.com/u/712194/avastd-strace.txt

regards and thank you

Seems like there's bad ordering of id-changes, where uid-change preceedes groupid-change - i'll forward it to my colleague who's responsible for this piece of code, test build will be available tommorow.

regards,
pc

Hallo,
here's the test-build, the issue should be gone - please, let me know:

http://public.avast.com/~cimbal/avastd_fix.tar.gz

regards,
pc
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)

tohen

  • Guest
Re: avast4linux with avast4mail on gentoo - permission problem?
« Reply #9 on: May 11, 2010, 02:01:23 PM »

Hallo,
here's the test-build, the issue should be gone - please, let me know:

http://public.avast.com/~cimbal/avastd_fix.tar.gz

regards,
pc

It works! Thanks a lot!

Offline zilog

  • Avast team
  • Advanced Poster
  • *
  • Posts: 957
  • or #f0; daa; add a,#a0; adc a,#40
Re: avast4linux with avast4mail on gentoo - permission problem?
« Reply #10 on: May 11, 2010, 06:52:29 PM »

Hallo,
here's the test-build, the issue should be gone - please, let me know:

http://public.avast.com/~cimbal/avastd_fix.tar.gz

regards,
pc

It works! Thanks a lot!

ok, fixed release is built right now..
pc
May's Law: Software efficiency halves every 18 months, compensating Moore's Law. (David May, INMOS)