Re: [Clamav-users] upgrading clamav changes permissions on directories?

2004-05-12 Thread Kritof Petr 
Jim Maul wrote:

Jim Maul wrote:

   

I just upgraded my clamav RPMs from 0.70rc to 0.70 (from
http://crash.fce.vutbr.cz/crash-hat/1/clamav/)
Since i am running qmail with qmail-scanner, i run clamav as
 

user qscand and
   

have to change /var/run/clamav, /var/log/clamav and /var/lib/clamav to be
owned by qscand.  While upgrading to 0.70 i noticed that all
 

three of these
   

directories have changed back to clamav.clamav.   Would it be possible to
NOT change ownership back to clamav during an upgrade?
Its not that big of a deal, just sorta annoying.

 

Hello Jim,

thanks for feedback.

RPM has ability to enforce file/directory permissions and owners. This
is usualy
used for security reason on critical directories/files as a protection
against
inexperienced admins.
But your request is valid.

I will try to change package behaviour to
- first instance of package on system will install these directories
with clamav user
- all next pieces will respect the actual setting, so if you changed
owner, your
setting will be untouched.
Does it meet your needing?

Petr

   

Sounds very good to me.  The only time i see this behavior being a problem
is if someone wants to reinstall the rpm to fix a permission problem.  In
that case i suppose they would have to delete the directories and then
reinstall so even that wouldnt be too bad.
 

As promised before, I spent time to play with it.

Rpm always install files with root ownership until you name explicit user
in spec file. No way to ignore file owner or leave it untouched.
Only solution is to make %post install script and run it after each upgrade
to check actual clamav user and turn it back - look at code below.
There is new package at

http://crash.fce.vutbr.cz/crash-hat/testing/1/clamav/

%changelog
* Mon May 10 2004 Petr Kritof Petr|Kristof_CZ 0.70-2
- Update to clamav-logwatch 0.30
- Add %post check for non clamav user file ownership
- Add freshclam cron script by Milan Kerlger kerslage|linux_cz
- Remove --noreject option to clamav-milter
Test it and let me know.

Petr

Post install script is:

# Change back file owner for systems with non clamav user
CLAMUSER=`grep ^User /etc/clamav.conf | cut -d ' ' -f2`
if [ -z $CLAMUSER ] ; then
CLAMUSER=clamav
fi
if [ $CLAMUSER != clamav -a `/usr/bin/id $CLAMUSER  /dev/null 21 ; 
echo $?` = 0 ] ; then
chown root:$CLAMUSER %{_sysconfdir}/clamav.conf
chown root:$CLAMUSER %{_sysconfdir}/freshclam.conf
chown -R $CLAMUSER:$CLAMUSER %{_localstatedir}/lib/clamav/
chown -R $CLAMUSER:$CLAMUSER %{_localstatedir}/log/clamav/
chown -R $CLAMUSER:$CLAMUSER %{_localstatedir}/run/clamav/
fi
#





---
This SF.Net email is sponsored by Sleepycat Software
Learn developer strategies Cisco, Motorola, Ericsson  Lucent use to 
deliver higher performing products faster, at low TCO.
http://www.sleepycat.com/telcomwpreg.php?From=osdnemail3
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] upgrading clamav changes permissions on directories?

2004-04-21 Thread Kritof Petr 
Jim Maul wrote:

I just upgraded my clamav RPMs from 0.70rc to 0.70 (from
http://crash.fce.vutbr.cz/crash-hat/1/clamav/)
Since i am running qmail with qmail-scanner, i run clamav as user qscand and
have to change /var/run/clamav, /var/log/clamav and /var/lib/clamav to be
owned by qscand.  While upgrading to 0.70 i noticed that all three of these
directories have changed back to clamav.clamav.   Would it be possible to
NOT change ownership back to clamav during an upgrade?
Its not that big of a deal, just sorta annoying.
 

Hello Jim,

thanks for feedback.

RPM has ability to enforce file/directory permissions and owners. This 
is usualy
used for security reason on critical directories/files as a protection 
against
inexperienced admins.

But your request is valid.

I will try to change package behaviour to
- first instance of package on system will install these directories 
with clamav user
- all next pieces will respect the actual setting, so if you changed 
owner, your
setting will be untouched.

Does it meet your needing?

Petr



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

Re: [Clamav-users] upgrading clamav changes permissions on directories?

2004-04-21 Thread Trog 
On Wed, 2004-04-21 at 10:58, Dilip M wrote:
 On Wed, 21 Apr 2004 11:02:02 +0200, Kritof Petr [EMAIL PROTECTED] 
 wrote:
 
  Jim Maul wrote:
 
  I just upgraded my clamav RPMs from 0.70rc to 0.70 (from
  http://crash.fce.vutbr.cz/crash-hat/1/clamav/)
 
  Since i am running qmail with qmail-scanner, i run clamav as user 
  qscand and
  have to change /var/run/clamav, /var/log/clamav and /var/lib/clamav to 
  be
  owned by qscand.  While upgrading to 0.70 i noticed that all three of 
  these
  directories have changed back to clamav.clamav.   Would it be possible 
  to
  NOT change ownership back to clamav during an upgrade?
 
  Its not that big of a deal, just sorta annoying.
 
 
 Same things happened in my case..!! i'm running clamav as mailnull user !
 So i need to change all clamav owned files to mailnull users :)

then RTFM and tell configure which user you are running clamd as.

-trog



signature.asc
Description: This is a digitally signed message part

Re: [Clamav-users] upgrading clamav changes permissions on directories?

2004-04-21 Thread Odhiambo Washington 
* Dilip M [EMAIL PROTECTED] [20040421 14:32]: wrote:
 On Wed, 21 Apr 2004 11:02:02 +0200, Kritof Petr [EMAIL PROTECTED] 
 wrote:
 
 Jim Maul wrote:
 
 I just upgraded my clamav RPMs from 0.70rc to 0.70 (from
 http://crash.fce.vutbr.cz/crash-hat/1/clamav/)
 
 Since i am running qmail with qmail-scanner, i run clamav as user 
 qscand and
 have to change /var/run/clamav, /var/log/clamav and /var/lib/clamav to 
 be
 owned by qscand.  While upgrading to 0.70 i noticed that all three of 
 these
 directories have changed back to clamav.clamav.   Would it be possible 
 to
 NOT change ownership back to clamav during an upgrade?
 
 Its not that big of a deal, just sorta annoying.
 
 
 Same things happened in my case..!! i'm running clamav as mailnull user !
 So i need to change all clamav owned files to mailnull users :)


There is a configure option --with-user=SOME_USER_TO_RUN_AS, I think.
./configure --help 



cheers
   - wash 
+--+-+
Odhiambo Washington . WANANCHI ONLINE LTD (Nairobi, KE)  |
wash at wananchi dot com  . 1ere Etage, Loita Hse, Loita St.,  |
GSM: (+254) 722 743 223 . # 10286, 00100 NAIROBI |
GSM: (+254) 733 744 121 . (+254) 020 313 985 - 9 |
+-+--+
Oh My God! They killed init! You Bastards!  
 --from a /. post


---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70alloc_id638op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users

RE: [Clamav-users] upgrading clamav changes permissions on directories?

2004-04-21 Thread Jim Maul 


 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] Behalf Of Kristof
 Petr
 Sent: Wednesday, April 21, 2004 5:02 AM
 To: [EMAIL PROTECTED]
 Subject: Re: [Clamav-users] upgrading clamav changes permissions on
 directories?


 Jim Maul wrote:

 I just upgraded my clamav RPMs from 0.70rc to 0.70 (from
 http://crash.fce.vutbr.cz/crash-hat/1/clamav/)
 
 Since i am running qmail with qmail-scanner, i run clamav as
 user qscand and
 have to change /var/run/clamav, /var/log/clamav and /var/lib/clamav to be
 owned by qscand.  While upgrading to 0.70 i noticed that all
 three of these
 directories have changed back to clamav.clamav.   Would it be possible to
 NOT change ownership back to clamav during an upgrade?
 
 Its not that big of a deal, just sorta annoying.
 
 

 Hello Jim,

 thanks for feedback.

 RPM has ability to enforce file/directory permissions and owners. This
 is usualy
 used for security reason on critical directories/files as a protection
 against
 inexperienced admins.

 But your request is valid.

 I will try to change package behaviour to
 - first instance of package on system will install these directories
 with clamav user
 - all next pieces will respect the actual setting, so if you changed
 owner, your
 setting will be untouched.

 Does it meet your needing?

 Petr


Sounds very good to me.  The only time i see this behavior being a problem
is if someone wants to reinstall the rpm to fix a permission problem.  In
that case i suppose they would have to delete the directories and then
reinstall so even that wouldnt be too bad.

Thanks for the help.

Jim



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
___
Clamav-users mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/clamav-users