change permissions to allow MTAs running under management privileges to access the socket of the MILTER

clamav/clamav.spec

@@ -158,7 +158,7 @@ AutoReqProv:  no
     %{l_rpmtool} files -v -ofiles -r$RPM_BUILD_ROOT \
         %{l_files_std} \
         '%config %{l_prefix}/etc/clamav/*.conf' \
-        '%attr(755,%{l_rusr},%{l_rgrp}) %{l_prefix}/var/clamav' \
+        '%attr(755,%{l_rusr},%{l_mgrp}) %{l_prefix}/var/clamav' \
         '%attr(755,%{l_rusr},%{l_rgrp}) %{l_prefix}/share/clamav'
 
 %files -f files

clamav/rc.clamav

@@ -48,13 +48,15 @@
                 --config-file=$clamav_cfgfile \
                 $clamav_clamd_flags
         elif [ ".$daemon" = ".clamav-milter" -a -x @l_prefix@/sbin/clamav-milter ]; then
-            @l_prefix@/sbin/clamav-milter \
-                --config-file=$clamav_cfgfile \
-                --max-children=4 --outgoing --local \
-                --pidfile=$clamav_pidfile_clamav_milter \
-                --sendmail-cf=/dev/null \
-                $clamav_clamav_milter_flags \
-                local:@l_prefix@/var/clamav/clamav-milter.socket
+            ( umask 002
+              @l_prefix@/sbin/clamav-milter \
+                  --config-file=$clamav_cfgfile \
+                  --max-children=4 --outgoing --local \
+                  --pidfile=$clamav_pidfile_clamav_milter \
+                  --sendmail-cf=/dev/null \
+                  $clamav_clamav_milter_flags \
+                  local:@l_prefix@/var/clamav/clamav-milter.socket
+             ) || exit $?
         fi
     done