Bill Landry wrote: > Tomasz Kojm wrote the following on 9/22/2007 2:29 PM -0800: >> On Sat, 22 Sep 2007 13:31:20 -0700 >> Bill Landry <[EMAIL PROTECTED]> wrote: >> >> >>> And yes, I did try: >>> >>> clamscan --debug --leave-temps -d /var/tmp/rsync/MSRBL-Images.hdb - < >>> /dev/null >>> >>> and still no temp file left. >>> >> And that's correct. The above command should not generate any temporary >> files. >> Instead of /dev/null scan some zip archive and you'll get a bunch of them. >> >> > Well, this works: > > clamscan --debug --leave-temps -d /var/tmp/rsync/MSRBL-Images.hdb > > and leave the following in the /tmp dir: > > drwx------ 3 root root 4096 2007-09-22 14:50 > clamav-3d155bb0cb8eeb7bcf98c999b52e2287 > > Guess I should have tried that first, however, I didn't think the > /dev/null would have any affect since it appeared that clamscan was > writing a temporary file to /tmp and then calling unlink to delete the > file when done. > > Now since I don't personally configure clamav to use a custom uid/gid > pair, rather just using the default (clamav:clamav), I am thinking that > if one configures a custom uid/gid, then those must be the same > permission clamav uses when attempting to write its tmp files, and since > tmp is owned by root:root, could this be the reason clamscan reports > "ERROR: Can't write to temporary directory" unless a new temporary > directory is created with access permission set to the custom uid/gid pair? > > If so, is there a way to determine what uid/gid was used to configure > clamav at build time, that is if the build directory no longer exists? > > Bill
What do you get when you run ls -ld /tmp The user id of the person who builds clamav does not affect the run-as user definition. It will be clamav:clamav unless you change it. What ever user you use, be it the default or what ever you choose, that user must exist. The important thing is that user is not used unless clam is run as root or as that user. There used to be a problem with clam when started by root. Files were created and owned by root and when the clam process su'd to the run-as user it could no longer work with those startup files. That problem was corrected. dp _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
