Tomasz Kojm wrote the following on 9/22/2007 2:29 PM -0800: > On Sat, 22 Sep 2007 13:31:20 -0700 > Bill Landry <[EMAIL PROTECTED]> wrote: > > >> And yes, I did try: >> >> clamscan --debug --leave-temps -d /var/tmp/rsync/MSRBL-Images.hdb - < >> /dev/null >> >> and still no temp file left. >> > > And that's correct. The above command should not generate any temporary files. > Instead of /dev/null scan some zip archive and you'll get a bunch of them. > > Well, this works:
clamscan --debug --leave-temps -d /var/tmp/rsync/MSRBL-Images.hdb and leave the following in the /tmp dir: drwx------ 3 root root 4096 2007-09-22 14:50 clamav-3d155bb0cb8eeb7bcf98c999b52e2287 Guess I should have tried that first, however, I didn't think the /dev/null would have any affect since it appeared that clamscan was writing a temporary file to /tmp and then calling unlink to delete the file when done. Now since I don't personally configure clamav to use a custom uid/gid pair, rather just using the default (clamav:clamav), I am thinking that if one configures a custom uid/gid, then those must be the same permission clamav uses when attempting to write its tmp files, and since tmp is owned by root:root, could this be the reason clamscan reports "ERROR: Can't write to temporary directory" unless a new temporary directory is created with access permission set to the custom uid/gid pair? If so, is there a way to determine what uid/gid was used to configure clamav at build time, that is if the build directory no longer exists? Bill _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
