Jim Maul said:
Dennis Peterson wrote:
To the program itself, no. If you tell it to log to / it will, however, it SHOULDNT. See what im saying? To say that clamav *has* to create the log file as root because only root can write to /var/log/ is irrelevant to the issue.
While you're out there making up rules can you think of any reason clamd needs to be started as user root if all you do is scan incoming email? I can't.
Um, where am i making up rules? Thanks for the accusation though. And no, i cant think of why you would want to or have to run clamd as root. I run clamd as user qscand, not root so im not sure what your implying here.
Thanks again,
-Jim
You said it shouldn't log to / and there's no reason it shouldn't if that is where one wishes it to log. There's lots of reasons why that would be a bad idea, but it's an admin decision, not an application issue.
Do you start clamd as root or as qscand? My point is there is, or at least can be no requirement that one start it as root and was trying to demonstrate additional administrative latitude for the reading public that isn't already put to sleep by this thread :-) If you su to qscand (in your case) it should still start and run just fine. It was just an injected factoid for thought. Many people just light things off as root and go on their way. It is frequently safer and managerially more convenient to write root scripts that su to the run-as user first, then fire off the proc (/usr/bin/su - qscand -c /usr/local/bin/blah_blah_blah). Imagine how it simplifies file ownerhips.
dp ... did I mention I'm anal?
Let me attempt to clear up any confusion (and hopefully put this thread to rest) by saying that I personally am not having any problems with clamav and i am not experiencing the logging issue that actually started this thread. I do and always have run clamav as qscand. My clamav logs are owned by qscand and everything works great. I simply joined the conversation somewhere in the middle because something caught my attention. The fact that clamav creates its log file as root if it doesnt already exist. Why create it at all if you cant write to it? Its just silly.
Im anal as well which is why i stated that one should not tell anything to log to / or /var/log directly for that matter. I like to have all programs logging in their own directories under /var/log/. clamav is /var/log/clamav/ apache is /var/log/apache/ and so on. That was the basis for my SHOULDNT statement above.
_______________________________________________ http://lurker.clamav.net/list/clamav-users.html
