On Thu, Jun 09, 2005 at 09:19:22AM +0100, Matt Fretwell said: > Steve Brown wrote: > > > It would appear that maybe privileges are being dropped too quickly > > because with today's cvs I'm getting permission denied on /dev/stderr > > with perms = rw------- root.root. It was fine (and still is) on cvs from > > a few days ago.
Yes, that is the problem. This does however fix the problem of clamav opening all it's descriptors (including the logfile) as root, breaking permissions for anything else that needs to write to the logfile. Try starting it as the user it runs as, e.g., su -c /usr/sbin/clamd - clamav Probably the correct fix for this is to close all descriptors just before dropping priviledges, and then reopen them after. > Unless I am very much mistaken, the perms on stderr should be 666. I doubt that - 0600 is much more reasonable. Why would you want your stderr stream (or root's) to be world writable? Some distros do use 640 $USER:tty, but I would be surprised if anybody sets it up as 666 by default. -- -------------------------------------------------------------------------- | Stephen Gran | Woman was God's second mistake. -- | | [EMAIL PROTECTED] | Nietzsche | | http://www.lobefin.net/~steve | | --------------------------------------------------------------------------
pgpEu2i72RwWS.pgp
Description: PGP signature
_______________________________________________ http://lurker.clamav.net/list/clamav-users.html