Jim Maul said: >> >> >> >> DP> We have a winner! Now if you put that in your startup script and log >> DP> rotation tool you'll have the job finished. >> >> why is that? if i'll restart clamd it won't going to change the >> permissions of clamd.log. and by the way i don't need any log rotation >> because my clamd.log doesn't eveê become big or something like that. >> > > Maybe thats because clamav couldnt write to it ;) Regardless, this is a > workaround not a solution. The logfile should not be created with root > owner to begin with. > > -Jim
That would be a good trick if the directory it is found in is owned ro by root. I suppose it could be created by root then chowned to clam_user, but that too presumes much. To make it entirely turnkey the process should see if the user-selected log directory is readable by clam_user first, then it should see if the file already exists (or if a directory of the same name exists), and if it is writable by clam_user. If everything isn't perfect it could fail with a warning to the console. Now what to do about your log rotator? How should clam predict a misconfigured rotator? That seems like a lot of hand holding. Call me old fashioned, but this is something I like to deal with myself. There's still a roll for the thinking admin. dp _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
