Summary: | sys-apps/openrc-0.11.5 - /var/run/clamav has incorrect permissions. | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Robert S <robert.spam.me.senseless> |
Component: | Current packages | Assignee: | Net-Mail Packages <net-mail+disabled> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | antivirus |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Robert S
2012-11-26 08:05:56 UTC
1. Which version of clamav are you using? 2. When did you emerge clamav (eix clamav)? 3. Are you sure you have only changed openrc and have not changed clamav? (In reply to comment #1) > 1. Which version of clamav are you using? > 2. When did you emerge clamav (eix clamav)? > 3. Are you sure you have only changed openrc and have not changed clamav? 1. clamav is the latest stable version: 0.97.5-r1 2. $ eix clamav -I [I] app-antivirus/clamav Available versions: 0.97.3^t ~0.97.4^t ~0.97.5^t 0.97.5-r1^t ~0.97.6^t {{bzip2 clamdtop iconv ipv6 milter selinux static-libs}} Installed versions: 0.97.5-r1^t(08:23:00 18/08/12)(bzip2 iconv milter -clamdtop -ipv6 -selinux -static-libs) Homepage: http://www.clamav.net/ Description: Clam Anti-Virus Scanner 3. Yes The init script comes from /usr/portage/app-antivirus/clamav/files/clamd.initd and contains the following: checkpath --quiet \ --owner $(get_config clamd User clamav):root \ --directory `dirname ${clamd_socket}` I suspect that openrc creates an empty /run directory and this init script creates the directory for the clamav socket, as set out in the default /etc/clamd.conf (which contains: LocalSocket /var/run/clamav/clamd.sock), with group writable permissions. I am assigning this to the klamav maintainers since the issue is with their init script. The issue is /var/run is now linked to /run, and their init script needs to create the subdirectory correctly as pointed out in the above comments. If the daemon itself creates the directory, you will want to be sure it creates the directory with the correct permissions. Otherwise, the init script should use checkpath to do so. Thanks, William +*clamav-0.97.6-r1 (06 Dec 2012) + + 06 Dec 2012; Eray Aslan <eras@gentoo.org> +clamav-0.97.6-r1.ebuild, + +files/clamd.initd-r1: + Fix run directory permissions - bug #444766. Fix building on uclibc - bug + #317635 + |