Scalix Forums

OK...I got Scalix 10 installed just fine on my OpenSuse 10 server, but after configuring ClamAV the Service Router won't start.

I've added vscan to the scalix group...
scalix:!:107:vscan

I chowned and chmoded the omvscan.map file as shown below...

/var/opt/scalix/rules # ls -l
total 49
drwxrwx--- 2 scalix scalix 176 2006-02-14 22:05 .
drwxrwxr-x 50 scalix scalix 1288 2006-02-14 19:12 ..
-rw-r--r-- 1 root root 351 2006-02-14 21:07 ALL-ROUTES
-rw-r--r-- 1 root root 154 2006-02-14 22:02 ALL-ROUTES.VIR
-rw-r--r-- 1 root root 100 2006-02-14 22:04 ndninfo.txt
-r-xr-xr-x 1 root scalix 35644 2006-02-14 22:05 omvscan.map

I enabled debug logging in the omvscan.cfg file and this is the error that appears in the omvscan.log file.

2006-02-14 23:36:37:PID=8096:[Reply]:503 "ClamAV" cannot scan Scalix-owned file2006-02-14 23:36:37:PID=8096:[Reply]: Access denied. ERROR

What am I doing wrong? I thought I'd followed all the instructions correctly.

Thanks for the help...
Matt

I too have the same problem. I traced it to a CLAMAV permission problem. I double checked all permission and they seem to be set up according to the manual.

Does anyone have any ideas?

Here is the output of "omshowlog -p 5 -s router"

ERROR Service Router(Service Router) 02.26.06 14:31:09
[OM 5181] Reply timed out or invalid - Mapper protocol problem.
Command sent: <none - expect greeting reply>
Reply received: 503 "ClamAV" cannot scan Scalix-owned file Access denied. ERROR


ERROR Service Router(Service Router) 02.26.06 14:31:09
[OM 5181] Reply timed out or invalid - Mapper protocol problem.
Command sent: QUIT Please Close This Session
Reply received: 220 Virus Scanning Client Ready


ERROR Service Router(Service Router) 02.26.06 14:31:09
[OM 5183] A Mapper error has been detected.
-> rsl_CheckRuleValue
<- rsl_CheckRuleValue
-> rsl_CheckRuleValue
-> cvc_ConvertString2
<- cvc_ConvertString2
<- rsl_CheckRuleValue
<- rsl_GetRuleValue
<- rsl_GetRuleSet
<- sr_CheckForVirusRule
-> vs_ScanInit
-> vs_ScanActive
<- vs_ScanActive
-> vs_omScanInit
-> vs_GenericScanInit
<- /build/10.0.0.175/src/lib/rsl/rsl_match.c:243[100,5183]
<- /build/10.0.0.175/src/lib/rsl/rsl_match.c:243[100,5183]


SERIOUS ERROR Service Router(Service Router) 02.26.06 14:31:09
[OM 5183] A Mapper error has been detected.
<- rsl_CheckRuleValue
-> rsl_CheckRuleValue
-> cvc_ConvertString2
<- cvc_ConvertString2
<- rsl_CheckRuleValue
<- rsl_GetRuleValue
<- rsl_GetRuleSet
<- sr_CheckForVirusRule
-> vs_ScanInit
-> vs_ScanActive
<- vs_ScanActive
-> vs_omScanInit
-> vs_GenericScanInit
<- /build/10.0.0.175/src/lib/rsl/rsl_match.c:243[100,5183]
<- /build/10.0.0.175/src/lib/rsl/rsl_match.c:755[100,5183]

Thanks,
Bob

It sometimes helps to set the default group of the clamav user (or in your case vscan) to the same group id as scalix (see /etc/passwd):

Thanks. That worked.

I had even changed the default group under YAST to the recommeded setting and it didn't work. I wonder what the difference is between changing it at the command line and thru the YAST USER panel?

I also had just gotten it working before reading your email by changing the "clamd.conf" file to use the "scalix" user as the default user and restarted all services that required it. It worked but I was worried about other ramifications. Would it have hurt anything to leave the clamd.cof user set to the "scalix" user? (I plan on only running Scalix on this server.)

Thanks,
Bob

Frankly I don't know. I just read about my solution somewhere here, I think it was the Knowledge base.

Can someone tell me what to do to get this working. I have tried all the suggestions here, but still running into the same problem.

Fedora Core 4 (clean installation)
ClamAV (confirmed working using the clamd daemon)

Running into the same error :

You need to make sure that the clamav user is part of the Scalix group. You should check that clamd is able to scan a file in /var/opt/scalix/data somewhere without reporting a permissions error.

Cheers

Dave