Your message dated Sat, 03 May 2008 18:17:14 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#475729: fixed in p3scan 2:2.3.2-4
has caused the Debian Bug report #475729,
regarding p3scan crash when using 'scanner = /usr/bin/clamdscan --no-summary -i'
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
475729: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=475729
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: p3scan
Version: 2:2.3.2-1
Severity: important
When p3scan is configured with 'scannertype = basic' and 'scanner =
/usr/bin/clamdscan --no-summary
-i' pop3 transactions (downloading and scanning of email) are not able to
complete and p3scan crashes
with the following errors (taken from syslog):
Apr 10 06:54:27 <host> p3scan[20293]: WARNING: Your scanner returned neither 0,
a viruscode, nor a
good viruscode, but 2
Apr 10 06:54:27 <host> p3scan[20293]: ERR: We can't say if it is a virus! So we
have to give the
client the mail! You should check your configuration/system
Apr 10 06:54:27 <host> p3scan[20293]: ERR: Scanner returned unexpected error
code. You should check
your configuration/system.
Apr 10 06:54:27 <host> p3scan[20293]: ERR: Exiting now...
Apr 10 06:54:27 <host p3scan[20293]: ERR: Unable to free memory not previously
allocated:
^H5Է^H5Է��^K^H��^K^H��
Apr 10 06:54:27 <host> kernel: p3scan[20293]: segfault at 00000004 eip 0804dd92
esp bf9da4a0 error 4
Apr 10 06:54:27 <host> p3scan[20127]: ERR: Attention: child with pid 20293 died
with abnormal
termsignal (11)! This is probably a bug. Please report to the author. numprocs
is now 0
After investigation it became clear that the root cause was an "ACCESS DENIED"
error by clamdscan
yielding a return code of 2. I have added the clamav user (the user clamd runs
as) to the p3scan
group and I have activated Supplementary Groups (AllowSupplementaryGroups true)
in clamd.conf.
The problem is that p3scan is creating temporary files with group root and not
group p3scan so that
the group access configuration to allow clamav (and hence clamd) to read the
p3scan temp files is
rendered useless. Clearly when p3scan drops root privileges at start-up, it
doesn't change the group
it is running under.
I got p3scan to work with clamdscan by adding '--group p3scan' to the
start-stop-daemon commands in
/etc/init.d/p3scan thus allowing the temp files to be created with the correct
group and allowing
clamd to access them.
Please note while p3scan does not allow us to configure it's runtime group or
it doesn't change it
appropriately when root privileges are dropped, more serious is the fact that
p3scan crashes when an
unexpected returncode comes back from the scanner!
Thanks in advance
Regards
Os
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.24
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages p3scan depends on:
ii adduser 3.107 add and remove users and groups
ii libc6 2.7-10 GNU C Library: Shared libraries
ii libpcre3 7.4-1+lenny1 Perl 5 Compatible Regular Expressi
ii libssl0.9.8 0.9.8g-8 SSL shared libraries
p3scan recommends no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: p3scan
Source-Version: 2:2.3.2-4
We believe that the bug you reported is fixed in the latest version of
p3scan, which is due to be installed in the Debian FTP archive:
p3scan_2.3.2-4.diff.gz
to pool/main/p/p3scan/p3scan_2.3.2-4.diff.gz
p3scan_2.3.2-4.dsc
to pool/main/p/p3scan/p3scan_2.3.2-4.dsc
p3scan_2.3.2-4_i386.deb
to pool/main/p/p3scan/p3scan_2.3.2-4_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mats Rynge <[EMAIL PROTECTED]> (supplier of updated p3scan package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 03 May 2008 06:38:45 -0400
Source: p3scan
Binary: p3scan
Architecture: source i386
Version: 2:2.3.2-4
Distribution: unstable
Urgency: low
Maintainer: Mats Rynge <[EMAIL PROTECTED]>
Changed-By: Mats Rynge <[EMAIL PROTECTED]>
Description:
p3scan - transparent POP3-proxy with virus- and spam-scanning
Closes: 475729
Changes:
p3scan (2:2.3.2-4) unstable; urgency=low
.
* Added user/group to start-stop-daemon start line in order to force
what group the daemon is run under. This is important when using
p3scan together with clamav. (Closes: #475729)
Checksums-Sha1:
4be472144823470acbe0f63806557eb987ae6ac8 954 p3scan_2.3.2-4.dsc
5bf61196b586b2bee7a2d0434e4a59f08e5ba0ba 16218 p3scan_2.3.2-4.diff.gz
cad5799cb2940a5e9fa94d7fe434abf1af3a0028 178780 p3scan_2.3.2-4_i386.deb
Checksums-Sha256:
2c6a0f8d0eb809a2f66bfd690aca17760fdbb53c25a82dffbb0041e4e957b324 954
p3scan_2.3.2-4.dsc
05f6a06066eb8b53b1bc58289032e9e3bdff259fc0a9bfe95bcff5fed1ab46d1 16218
p3scan_2.3.2-4.diff.gz
7f13baf4edda9b4bd1b40b7b8a367946432ed53387ef8317c37b53f9b3fdc725 178780
p3scan_2.3.2-4_i386.deb
Files:
a9d4e04ec94bf780f518f64d25745577 954 mail optional p3scan_2.3.2-4.dsc
6938d5dc5f7a9bfeff7a08998bbf01c0 16218 mail optional p3scan_2.3.2-4.diff.gz
6c72a4e745556d8204002e81e1729f0a 178780 mail optional p3scan_2.3.2-4_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIHEFa9cFp3aBpFaMRAmZjAJ95uhjXfT6e84eMrAz9MJy0flZbbQCgg1r7
P+3Pl3ZjTkhO6An1epboWWg=
=ME/e
-----END PGP SIGNATURE-----
--- End Message ---
