From: "Leon Kolchinsky"

> Stupid question, but $MYHOME = /var/amavis ?


Yes

> Also you can try to debug it with strace.
> Look for all the files you're missing in the jail and copy them into it.
> (here is a little example on how to use strace to find requirements
> outside the jail -
> http://olivier.sessink.nl/jailkit/ho...bug_jails.html ) Best Regards,
> Leon Kolchinsky


I run amavisd/SA/clamav successfully on OpenBSD for years now but the same
config does not work with FreeBSD.

I put 'host' and 'nslookup' into the jail:

[root@BSDHelmut ~]# chroot -u vscan -g vscan /var/amavis/ /usr/bin/host
www.google.de
www.google.de is an alias for www.google.com.
www.google.com is an alias for www.l.google.com.
www.l.google.com has address 209.85.135.104
www.l.google.com has address 209.85.135.147
www.l.google.com has address 209.85.135.99
www.l.google.com has address 209.85.135.103
[root@BSDHelmut ~]# chroot -u vscan -g vscan /var/amavis/ /usr/bin/nslookup
www.google.de
Server: 192.168.0.90
Address: 192.168.0.90#53

Non-authoritative answer:
www.google.de canonical name = www.google.com.
www.google.com canonical name = www.l.google.com.
Name: www.l.google.com
Address: 209.85.135.104
Name: www.l.google.com
Address: 209.85.135.147
Name: www.l.google.com
Address: 209.85.135.99
Name: www.l.google.com
Address: 209.85.135.103

[root@BSDHelmut ~]#


But amavisd debug-sa says:

[...]
[7930] dbg: util: final PATH set to: /usr/local/sbin:/usr/local/bin:/usr/bin
[7930] dbg: dns: no ipv6
[7930] dbg: dns: is Net:NS::Resolver available? yes
[7930] dbg: dns: Net:NS version: 0.60
[...]
[7930] dbg: dns: is_dns_available() last checked 1184065522 seconds ago;
re-checking
[7930] dbg: dns: name server: 192.168.0.90, LocalAddr: 0.0.0.0
Error creating a DNS resolver socket: No such file or directory at
/usr/local/lib/perl5/site_perl/5.8.8/Mail/SpamAssassin/DnsResolver.pm line
227.
[7930] dbg: dns: testing resolver nameservers: 192.168.0.90, 192.168.0.80
[7930] dbg: dns: trying (3) ebay.com...
[7930] dbg: dns: looking up NS for 'ebay.com'
[7930] dbg: dns: NS lookup of ebay.com using 192.168.0.90 failed, no results
found
[7930] dbg: dns: trying (2) motorola.com...
[7930] dbg: dns: looking up NS for 'motorola.com'
[7930] dbg: dns: NS lookup of motorola.com using 192.168.0.90 failed, no
results found
[7930] dbg: dns: trying (1) yahoo.com...
[7930] dbg: dns: looking up NS for 'yahoo.com'
[7930] dbg: dns: NS lookup of yahoo.com using 192.168.0.90 failed, no
results found
[7930] dbg: dns: NS lookups failed, removing nameserver 192.168.0.90 from
list
[7930] dbg: dns: trying (3) google.com...
[7930] dbg: dns: looking up NS for 'google.com'
[7930] dbg: dns: NS lookup of google.com using 192.168.0.80 failed, no
results found
[7930] dbg: dns: trying (2) kernel.org...
[7930] dbg: dns: looking up NS for 'kernel.org'
[7930] dbg: dns: NS lookup of kernel.org using 192.168.0.80 failed, no
results found
[7930] dbg: dns: trying (1) linux.org...
[7930] dbg: dns: looking up NS for 'linux.org'
[7930] dbg: dns: NS lookup of linux.org using 192.168.0.80 failed, no
results found
[7930] dbg: dns: NS lookups failed, removing nameserver 192.168.0.80 from
list
[7930] dbg: dns: all NS queries failed => DNS unavailable (set dns_available
to override)
[7930] dbg: dns: is DNS available? 0

What would a perl command look like to resolve a host? Because I think it is
a perl issue.

Helmut