Bug 170739 - app-antivirus/clamav with logrotate = broken perm for log files
|
Bug#:
170739
|
Product: Gentoo Linux
|
Version: unspecified
|
Platform: All
|
|
OS/Version: Linux
|
Status: CLOSED
|
Severity: normal
|
Priority: P2
|
|
Resolution: TEST-REQUEST
|
Assigned To: antivirus@gentoo.org
|
Reported By: bor@univ.kiev.ua
|
|
Component: Ebuilds
|
|
|
URL:
|
|
Summary: app-antivirus/clamav with logrotate = broken perm for log files
|
|
Keywords:
|
|
Status Whiteboard:
|
|
Opened: 2007-03-13 14:44 0000
|
Yesterday my mail don't received
and I see in log
Mar 13 09:01:45 gameinside X-Qmail-Scanner-1.25st:
[gameinside.ua117376930571811663] clamdscan: corrupt or unknown clamd scanner
error or memory/resource/perms problem - exit status 512/2
Mar 13 09:03:04 gameinside X-Qmail-Scanner-1.25st:
[gameinside.ua117376938371811829] clamdscan: corrupt or unknown clamd scanner
error or memory/resource/perms problem - exit status 512/2
After discover the problem I found that clamav logrotate file contain
create 640 clamav clamav
and after this
-rw-r----- 1 clamav clamav 0 2007-03-13 14:46 clamd.log
before I have
-rw-r----- 1 qscand qscand 1813 2007-03-13 14:28 clamd.log
# /etc/init.d/clamd start
* Starting clamd ...
Running as user qscand (UID 210, GID 210)
ERROR: Can't open /var/log/clamav/clamd.log in append mode (check
permissions!).
ERROR: Problem with internal logger. Please check the permissions on the
/var/log/clamav/clamd.log file.
* Failed to start clamd
[ !! ]
* Starting freshclam ...
ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check
permissions!).
ERROR: Problem with internal logger (UpdateLogFile =
/var/log/clamav/freshclam.log).
* Failed to start freshclam
[ !! ]
and strange status set
# /etc/init.d/clamd start
* WARNING: clamd has already been started.
clamav init.d script try chown log file only in milter mode (why not for all ?)
so in logrotate file put code like
local clamav_user=`awk '$1 == "User" { print $2 }' /etc/clamd.conf`
from init.d script
or
in this init.d script try fix perms always
You're right. In the past, the initscript changed owner of both log files to
user clamav (hardcoded). Then the code was removed. I guess I never thought of
that because I never hit the bug you describe.
Anyway, the initscript now changes ownership of both logs to correct user
(parsed from config files). Thanks for suggestion!
I also suggest
in logrotate file change
postrotate
/bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null`
2>/dev/null || true
to
postrotate
/etc/init.d/clamd restart 2>/dev/null || true
because before it
create 640 clamav clamav
and log files create under clamav clamav
or remove this string anywhere
I think - I must reopen bug for pay attention my previous comment
problem still exists unless fix logrotate file
Ok, I moved permission/ownership fix to a separate logfix() function in the
initscript, which is called from start(), as well as from the logrotate script.
How does that sound?
permission now ok
but you not reload clamav :(
so clamd use old open pipe
lsof show
clamd 16701 qscand 3w REG 8,3 30511 267443
/var/log/clamav/clamd.log.1 (deleted)
please change (in clamav.logrotate)
/etc/init.d/clamd logfix
to
/etc/init.d/clamd restart
A better idea is to reload clamd/freshclam using SIGHUP, just like before. This
time, however it is after permissions are fixed, so all should be peachy.
Changes committed.
