Jim Maul said:
DP> We have a winner! Now if you put that in your startup script and log DP> rotation tool you'll have the job finished.
why is that? if i'll restart clamd it won't going to change the permissions of clamd.log. and by the way i don't need any log rotation because my clamd.log doesn't eveê become big or something like that.
Maybe thats because clamav couldnt write to it ;) Regardless, this is a workaround not a solution. The logfile should not be created with root owner to begin with.
-Jim
That would be a good trick if the directory it is found in is owned ro by root. I suppose it could be created by root then chowned to clam_user, but that too presumes much. To make it entirely turnkey the process should see if the user-selected log directory is readable by clam_user first, then it should see if the file already exists (or if a directory of the same name exists), and if it is writable by clam_user. If everything isn't perfect it could fail with a warning to the console. Now what to do about your log rotator? How should clam predict a misconfigured rotator? That seems like a lot of hand holding.
Call me old fashioned, but this is something I like to deal with myself. There's still a roll for the thinking admin.
No, dont get me wrong here, im not saying clamav should "predict" anything. Nor should it have to deal with misconfigured software. This is of course left up to the admin. However, it seems that it *creates* the logfile owned by root. And that..well..just isnt right.
-Jim
_______________________________________________ http://lurker.clamav.net/list/clamav-users.html
