On Mon, October 22, 2007 12:25 pm, Matthew Hannigan wrote:
> On Fri, Oct 19, 2007 at 05:03:00PM +1000, Voytek Eymont wrote:
> For that to work the log would have to be group-writeable.
> Is it?
Matthew, thanks
doesn't seem to be:
new server:
ls -al /var/log/clamav
total 120
drwxr-xr-x 2 clamav clamav 4096 Oct 21 04:02 .
drwxr-xr-x 15 root root 4096 Oct 21 04:02 ..
-rw-r--r-- 1 clamav clamav 0 Oct 21 04:02 clamd.log [1]
-rw-r--r-- 1 amavis amavis 11313 Oct 21 22:09 clamd.log.1
-rw-r--r-- 1 clamav clamav 11770 Oct 15 04:02 clamd.log.2
....
-rw-r--r-- 1 clamav clamav 1044 Oct 22 10:17 freshclam.log
old server
# ls -al /var/log/clamav
total 88
drwxr-xr-x 2 clamav clamav 4096 Oct 21 04:02 .
drwxr-xr-x 12 root root 4096 Oct 21 04:02 ..
-rw-r--r-- 1 clamav clamav 0 Oct 12 04:02 clamd.log
-rw-r--r-- 1 clamav clamav 4371 Oct 12 04:02 clamd.log.1
..
-rw-r--r-- 1 clamav clamav 842 Oct 22 04:02 freshclam.log
...
>
>
> And on your old server?
>
>
> Also check for selinux violations (/var/log/audit/audit.log) if
> everything else looks ok.
the /var/log/audit/ dir is empty...?
>
> Did you get amavis and clamav from the standard Fedora/Redhat
> repos? If so you should raise a bug with them or mention on their mailing
> lists.
it seems yes, but I'll need to check the logs though
[1]
and, yes, as the logs rolled, they reverted, and, after I stopped ,
restarting gives:
# service clamd start
Starting Clam AntiVirus Daemon: ERROR: Can't open
/var/log/clamav/clamd.log in append mode (check permissions!).
ERROR: Problem with internal logger. Please check the permissions on the
/var/log/clamav/clamd.log file.
[FAILED]
--
Voytek
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
