Jim Maul said: > Dennis Peterson wrote: >>> >>>To the program itself, no. If you tell it to log to / it will, however, >>>it SHOULDNT. See what im saying? To say that clamav *has* to create >>>the log file as root because only root can write to /var/log/ is >>>irrelevant to the issue. >> >> >> While you're out there making up rules can you think of any reason clamd >> needs to be started as user root if all you do is scan incoming email? I >> can't. >> >> > > Um, where am i making up rules? Thanks for the accusation though. > And no, i cant think of why you would want to or have to run clamd as > root. I run clamd as user qscand, not root so im not sure what your > implying here. > > Thanks again, > > -Jim
You said it shouldn't log to / and there's no reason it shouldn't if that is where one wishes it to log. There's lots of reasons why that would be a bad idea, but it's an admin decision, not an application issue. Do you start clamd as root or as qscand? My point is there is, or at least can be no requirement that one start it as root and was trying to demonstrate additional administrative latitude for the reading public that isn't already put to sleep by this thread :-) If you su to qscand (in your case) it should still start and run just fine. It was just an injected factoid for thought. Many people just light things off as root and go on their way. It is frequently safer and managerially more convenient to write root scripts that su to the run-as user first, then fire off the proc (/usr/bin/su - qscand -c /usr/local/bin/blah_blah_blah). Imagine how it simplifies file ownerhips. dp ... did I mention I'm anal? _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
