Re: [Clamav-users] Default clamscan tmp dir & custom uid/gid set during configure

Sat, 22 Sep 2007 12:31:24 -0700 

Bill Landry wrote the following on 9/22/2007 11:55 AM -0800:
> In a default configure (simply "./configure" without any config options
> set) and build of clamav, what temporary directory does clamav use by
> default - that is, the temporary directory that can be overridden with
> the following clamscan flag?:
>
>    --tempdir=DIRECTORY     Create temporary files in DIRECTORY

Sorry to be replying to my own message, but I just noticed that the
temporary file scanned by clamscan is placed in /tmp (at least on my
system) as the output from clamscan shows:

Checking /tmp/clamav-9888cddb0517d7e3c7f5fbb7d2ee8c88
Checking /tmp/clamav-d8ce4e79d0a224cbef2789b27f2101fd
Checking /tmp/clamav-a34ae98e798566b5bd3f98c979d499ca

I tried to set clamscan to leave the temp file by using the
"--leave-temps" flag, but it seems to ignore this flag and removes the
file from /tmp when done.  From strace:

strace clamscan --quiet --leave-temps -d /var/tmp/rsync/MSRBL-Images.hdb
- < /dev/null
[...]
open("/tmp/clamav-2da0d246a914e1e8d1735ec29c09ec4a", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
close(3)                                = 0
unlink("/tmp/clamav-2da0d246a914e1e8d1735ec29c09ec4a") = 0
gettimeofday({1190489085, 557979}, {420, 0}) = 0
exit_group(0)

Which looks identical to an strace without the "--leave-temps" flag set:

strace clamscan --quiet -d /var/tmp/rsync/MSRBL-Images.hdb - < /dev/null
[...]
open("/tmp/clamav-20a2c5c0fb9c81d980fda439094b86bb", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
close(3)                                = 0
unlink("/tmp/clamav-20a2c5c0fb9c81d980fda439094b86bb") = 0
gettimeofday({1190489147, 547472}, {420, 0}) = 0
exit_group(0)                           = ?

I wanted to see what permissions were set on the file, but like I said,
even with the "--leave-temps" flag set, clamscan deletes the temp file
after scanning.  I wanted to see if they were set to use the "clamav"
uid/gid, or the custom uid/gid used during "./configure".

Thoughts anyone...?

I would also still like to know if there is a way to determine the
uid/gid set during ./configure after clamav has been installed at the
original build directory deleted.

Thanks,

Bill
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

Reply via email to