Jim Maul said:
Dennis Peterson wrote:
That would be a good trick if the directory it is found in is owned ro by root. I suppose it could be created by root then chowned to clam_user, but that too presumes much. To make it entirely turnkey the process should see if the user-selected log directory is readable by clam_user first, then it should see if the file already exists (or if a directory of the same name exists), and if it is writable by clam_user. If everything isn't perfect it could fail with a warning to the console. Now what to do about your log rotator? How should clam predict a misconfigured rotator? That seems like a lot of hand holding.
Call me old fashioned, but this is something I like to deal with myself. There's still a roll for the thinking admin.
No, dont get me wrong here, im not saying clamav should "predict" anything. Nor should it have to deal with misconfigured software. This is of course left up to the admin. However, it seems that it *creates* the logfile owned by root. And that..well..just isnt right.
Maybe I should have said "doughnut" :-) I meant role. I use syslog for the log files here because I want them available to a common remote logger server for processing. Ownership is not a problem, and it's one less issue the deal with. My underlying point is that a take-charge admin would have no problem dealing with this "bug".
Indeed. I was merely trying to clarify the exact issue that other admins were having. I am not experiencing this "problem" myself. Mainly because im still using 0.84 but thats another story ;)
-Jim _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
