Permission problems with Clamfs

Question

been trying to get clamfs working on Ubuntu 10.4. It seems like everything is working, clamfs locates infected files and prevents me from opening these.

But I am having permission troubles with a share that I have created.

My folder structure looks like this:

/.sharedfiles (this is the root directory for clamfs)

/sharedfiles (this is the actual shared folder on the server that my windows clients connect to).

When clamfs is NOT running, I can create and delete folders etc within ../sharedfiles from a windows client.

But when I turn clamfs ON I can only create files and folder immediately within ../sharedfiles.

ie I can create ../sharedfiles/newdirectory

But I can not create ../sharedfiles/newdirectory/somefile

I have played around with the permissions and ACLs but something is just not working. I should mention that the windows clients are logging into the shared directory without a user. ie they are"nobody" and in the "nogroup" group.

I have set the ACL for both .sharedfiles and sharedfiles as below:

getfacl .sharedfiles/
# file: .sharedfiles/
# owner: administrator
# group: administrator
user::rwx
group::rwx
other::rwx
default:user::rwx
default:user:clamav:rwx
default:group::rwx
default:mask::rwx
default:other::rwx

getfacl sharedfiles/
# file: sharedfiles/
# owner: administrator
# group: administrator
user::rwx
group::rwx
other::rwx
default:user::rwx
default:user:clamav:rwx
default:group::rwx
default:mask::rwx
default:other::rwx

This is how I have configured my clamfs .xml file:

<filesystem root="/home/administrator/.sharedfiles" mountpoint="/home/administrator/sharedfiles" public="yes" readonly="no" nonempty="yes" />

Any idea on where I am going wrong? I would really like to get this working. Thanks.

UPDATE 1:

Looking at this problem further, what is happening is that the ACL permission for "other" is somehow altered when I run clamfs.

example: I have set the ACL for both the root directory and mount point to give "other" rwx permissions. I have also set the default ACL the same way so that each folder created inherits the same ACL.

When clamfs is NOT running, everything works as expected - I am able to write in subdirectories.

When clamfs IS running, any newly created sub directories lose the w permission on "other".

I don't understand why.

It seems to be a similar situation to the problem posted here .

UPDATE 2:

Ok I just found that when I run clamfs in sudo, I have no permission problems. I guess my only question now is, should I be running it in sudo mode? I wonder what was actually being denied that sudo is now allowing?

Answer 1

Ok, this may not be the exact answer to the problems I was running into, but it did solve the problem for me.

I have resolved to running clamfs as root which handled the permission problems I was running into.

I have setup clamfs as a startup script (which is run as root). To create the script and not have to manually do this each time I followed the tutorial here.

I do not know all the implications here and maybe this is not correct. But I have a shared file now on a Ubuntu server that is accessible by all windows computers on the network without a user name or password, and has on-access scanning which prevents spreading viruses on the network (of which there are a ton right now). I like to think it is a sort of venus-fly trap =).

Hope this helps someone.