On Fri, Jan 12, 2007 at 01:01:29AM +0000, Stephen Gran wrote: > > start) > > + mkdir -p /var/run/clamav > > + chmod 0775 /var/run/clamav > > + chown root:clamav /var/run/clamav > > OPTIND=1 > > I have so far stayed away from this issue, since it is quite possible to > have clamd and freshclam run as seperate users, but they share both > /var/log/clamav and /var/run/clamav. The packaging so far tries very
hm, ok - right now both daemons run as clamav:clamav, so above just works - it might be needed to replicate them into freshclam's init script, as either may be disabled, so both need to refresh the volatile dir. But should they run as different users, there's still no problem with above as long as they are in same group. Else, either 1. both log/clamav and run/clamav are 777 2. use separate dirs, log/clamd run/clamd run/freshclam log/freshclam While I can see reasons to use different users, I see no point in *not* having both daemon members of group clamav, so above added line would still apply. BTW man clam(d)scan don't stress the point that such util run as user clamav, hence won't be able to access file/dirs not a+r/a+rx. > hard to stay out of the way of local admin changes. Making this change > reverses that, and I am not comfortable with it. > > If you can come up with a good way to reconcile this, I'm happy to merge same problem with other pkgs - on ML it's said that it's each pkgs' init / admin script responsability to check for and in case make/adjust its own admin stuf under /var, as that's undoable elsewhere. So afaikt other pkgs have been / are going to be adjusted to refresh their dir trees under /var on (re)start. So I see no problem to keep those lines in both init scripts. But likely should be moved up, @top of script after *.conf is read, which then should keep both uid gid of daemon. thanks -- paolo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
