Bill Shupp wrote:
Not sure if you're following the clamav list at all, but.. 0.85 seems to have introduced what some people are calling a bug. Prior releases created the clamd.log and freshclam.log files with owner and group of root. Even though clam was running with the clamav user (or whatever you specified) it was still able to write to the files. (I suspect that was actually the bug, and the current behaviour is more correct, although not perfect.. the files should be created with the clam user, not root) .. Now, if the files are owned by root, and permissions are not world writeable, clam can't write to the logs.
So, the long and short of it is that I would recommend specifiying the owner and group in the rotate config, as well as the modes for the files.. I use this here :
/var/log/clamav/clamd.log { missingok nocompress create 644 clamav clamav postrotate /sbin/service clamd reload 2> /dev/null 2> /dev/null || true endscript }
/var/log/clamav/freshclam.log { missingok nocompress create 644 clamav clamav postrotate /sbin/service freshclam reload 2> /dev/null 2> /dev/null || true endscript }
Ah, ok. I'll check this out before adding it and run some tests.
Incidentally, 0.85.1 came out to address some bugs in 0.85, perhaps this was one of them.
Regards,
Bill
