Re: [Clamav-users] Patching clamd to log to stderr (for use with multilog)
Dale Gallagher wrote: Hmmm... Did you patch clamav-0.70, or clamav-0.67? The patch I included, is for clamav-0.70 which is quite different to preceding versions. I'm guessing that you've patched clamav-0.67 which doesn't have the source files shared/output.c and shared/output.h which the patch also patches. The other file affected is clamd/clamd.c (3 in all). Don't forget the following in clamav.conf: LogFile stderr LogFileUnlock LogFileMaxSize 0 FixStaleSocket Foreground ... Hello Dave, I patched 0.70 ;) and yes I have those settings in my clamav.conf. I guess clamd should log to "stdout" and NOT to "stderr" for multilog to work - at least 0.67-1 did that. Or am I wrong? Thanks for your help and have a nice day, Andrej. --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Patching clamd to log to stderr (for use with multilog)
Andrej Trobentar wrote > Hello, > > I have aplied the appended patch and now I see all the > output of clam in "ps axwww|grep readpro" insted of > /var/log/clamd/current. Currently I'm using clamav 0.67-1 > with a patch that Tomasz Kojm send in Hmmm... Did you patch clamav-0.70, or clamav-0.67? The patch I included, is for clamav-0.70 which is quite different to preceding versions. I'm guessing that you've patched clamav-0.67 which doesn't have the source files shared/output.c and shared/output.h which the patch also patches. The other file affected is clamd/clamd.c (3 in all). Don't forget the following in clamav.conf: LogFile stderr LogFileUnlock LogFileMaxSize 0 FixStaleSocket Foreground ... --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Patching clamd to log to stderr (for use with multilog)
Dale Gallagher wrote: Hi everyone Anyone wishing to run clamd under daemontools http://cr.yp.to/daemontools.html can use the attached patch I hacked together, which is almost identical to Len Budney's patch: http://mysite.verizon.net/vze1ypud/software/qscanq/clamav-0.70-stderr.patch.gz I didn't notice Len had updated his previous patch, so I rolled my own based on his old patch, without checking first. Anyway, here it is if anyone is interested. > > [...] Hello, I have aplied the appended patch and now I see all the output of clam in "ps axwww|grep readpro" insted of /var/log/clamd/current. Currently I'm using clamav 0.67-1 with a patch that Tomasz Kojm send in http://www.mail-archive.com/[EMAIL PROTECTED]/msg07148.html and everything works. Any ideas what I have done wrong? -- Thanks for your help, Andrej. --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Patching clamd to log to stderr (for use with multilog)
Dale Gallagher wrote > I'm not using clamd, however I run Slackware 9.1 (kernel > 2.4.25), so in case > it helps, here are my ownerships/permissions on the > relevant device files: Antony Stone wrote > $ ls -al /dev/fd > lrwxrwxrwx1 root root 13 Apr 10 12:55 > /dev/fd -> > /proc/self/fd/ > > .. Thanks, no different to my setup; will stick to the patched clamd, as it works - it's not as if the patch is a large, potentially problematic one ;-) --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Patching clamd to log to stderr (for use with multilog)
On Saturday 01 May 2004 10:20 am, Antony Stone wrote: > On Saturday 01 May 2004 10:06 am, Dale Gallagher wrote: > > > > I'd appreciate a permission listing of those /dev entries > > on the Slack boxes that have it working. Thanks. > > I'm not using clamd, however I run Slackware 9.1 (kernel 2.4.25), so in > case it helps, here are my ownerships/permissions on the relevant device > files: > > $ ls -al /dev/fd > lrwxrwxrwx1 root root 13 Apr 10 12:55 /dev/fd -> > /proc/self/fd/ > > $ ls -al /proc/self/fd > total 0 > dr-x--2 punter users 0 May 1 10:14 ./ > dr-xr-xr-x3 punter users 0 May 1 10:14 ../ > lrwx--1 punter users 64 May 1 10:14 0 -> /dev/ttyp0 > lrwx--1 punter users 64 May 1 10:14 1 -> /dev/ttyp0 > lrwx--1 punter users 64 May 1 10:14 2 -> /dev/ttyp0 > lr-x--1 punter users 64 May 1 10:14 3 -> > /proc/13784/fd/ > > $ls -al /dev/ttyp0 > crwx-w1 punter tty3, 0 May 1 10:14 /dev/ttyp0 I guess I should also have included: $ ls -al /dev/stderr lrwxrwxrwx1 root root4 Apr 10 12:55 /dev/stderr -> fd/2 Regards, Antony. -- "Reports that say that something hasn't happened are always interesting to me, because as we know, there are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns - the ones we don't know we don't know." - Donald Rumsfeld, US Secretary of Defence Please reply to the list; please don't CC me. --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Patching clamd to log to stderr (for use with multilog)
On Saturday 01 May 2004 10:06 am, Dale Gallagher wrote: > Hi > > > you can use /dev/fd/2? > > /proc/self/fd/2 > > None of the suggestions incl. the above work > > Running Slack 9.1 boxes with Kernels 2.4.25 and others with > 2.6.4 > > Errors reported are consistent: > > ERROR: Can't open /dev/fd/2 in append mode. > ERROR: Problem with internal logger. >Please check the permissions on the /dev/fd/2 file. > > $ ls -la /dev/fd/2 > lrwx-- foo users . /dev/fd/2 -> /dev/pts/5 > > No change, even if I change the permissions on these device > files. Looks like I'm going to have to stick to the patch - > absolutely no problems, works like a charm. Also used on a > Debian Linux box (Linux 2.4.18 I think). > > Strange that others have no problems > > I'd appreciate a permission listing of those /dev entries > on the Slack boxes that have it working. Thanks. I'm not using clamd, however I run Slackware 9.1 (kernel 2.4.25), so in case it helps, here are my ownerships/permissions on the relevant device files: $ ls -al /dev/fd lrwxrwxrwx1 root root 13 Apr 10 12:55 /dev/fd -> /proc/self/fd/ $ ls -al /proc/self/fd total 0 dr-x--2 punter users 0 May 1 10:14 ./ dr-xr-xr-x3 punter users 0 May 1 10:14 ../ lrwx--1 punter users 64 May 1 10:14 0 -> /dev/ttyp0 lrwx--1 punter users 64 May 1 10:14 1 -> /dev/ttyp0 lrwx--1 punter users 64 May 1 10:14 2 -> /dev/ttyp0 lr-x--1 punter users 64 May 1 10:14 3 -> /proc/13784/fd/ $ls -al /dev/ttyp0 crwx-w1 punter tty3, 0 May 1 10:14 /dev/ttyp0 (This is with me logged in as username punter). If I do "echo stdout >/dev/fd/1; echo stderr >/dev/fd/2" it works as expected. Regards, Antony. -- The truth is rarely pure, and never simple. - Oscar Wilde Please reply to the list; please don't CC me. --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Patching clamd to log to stderr (for use with multilog)
Hi > you can use /dev/fd/2? > /proc/self/fd/2 None of the suggestions incl. the above work Running Slack 9.1 boxes with Kernels 2.4.25 and others with 2.6.4 Errors reported are consistent: ERROR: Can't open /dev/fd/2 in append mode. ERROR: Problem with internal logger. Please check the permissions on the /dev/fd/2 file. $ ls -la /dev/fd/2 lrwx-- foo users . /dev/fd/2 -> /dev/pts/5 No change, even if I change the permissions on these device files. Looks like I'm going to have to stick to the patch - absolutely no problems, works like a charm. Also used on a Debian Linux box (Linux 2.4.18 I think). Strange that others have no problems I'd appreciate a permission listing of those /dev entries on the Slack boxes that have it working. Thanks. cheers Dale --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Patching clamd to log to stderr (for use with multilog)
Nigel Horne wrote: On Fri, 2004-04-30 at 13:06, Dale Gallagher wrote: Nigel Horne wrote LogFile /dev/stderr will work on many systems Slackware Linux complains if one uses the above - hence the patch ;-) I'd be interested to know which OS's are ok with the above? Perhaps on slackware (a distribution of Linux for you non Linux people) you can use /dev/fd/2? -Nigel or /proc/self/fd/2? To demonstrate: echo "echo stdout > /proc/self/fd/1 ; echo stderr > /proc/self/fd/2" | sh --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Patching clamd to log to stderr (for use with multilog)
On Fri, 2004-04-30 at 13:06, Dale Gallagher wrote: > Nigel Horne wrote > > LogFile /dev/stderr will work on many systems > > Slackware Linux complains if one uses the above - hence the > patch ;-) I'd be interested to know which OS's are ok with > the above? Perhaps on slackware (a distribution of Linux for you non Linux people) you can use /dev/fd/2? -Nigel --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Patching clamd to log to stderr (for use with multilog)
Dale Gallagher wrote: Nigel Horne wrote LogFile /dev/stderr will work on many systems Slackware Linux complains if one uses the above - hence the patch ;-) I'd be interested to know which OS's are ok with the above? In my original post, I forgot to mention the use of the 'Foreground' config entry when using daemontools... Hi, I use /dev/stdout on all my Slackware and FreeBSD machines without problems. From Slackware 8.0 all the way up to Slackware current. Regards, Rick --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Patching clamd to log to stderr (for use with multilog)
Nigel Horne wrote > LogFile /dev/stderr will work on many systems Slackware Linux complains if one uses the above - hence the patch ;-) I'd be interested to know which OS's are ok with the above? In my original post, I forgot to mention the use of the 'Foreground' config entry when using daemontools... Dale Gallagher wrote >Recommended /etc/clamav/clamav.conf entries: > > LogFile stderr > LogFileMaxSize 0 > FixStaleSocket Foreground --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
Re: [Clamav-users] Patching clamd to log to stderr (for use with multilog)
On Thursday 29 Apr 2004 6:22 pm, Dale Gallagher wrote: > LogFile stderr LogFile /dev/stderr will work on many systems > Dale -- Nigel Horne. Arranger, Composer, Typesetter. NJH Music, Barnsley, UK. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk --- This SF.Net email is sponsored by: Oracle 10g Get certified on the hottest thing ever to hit the market... Oracle 10g. Take an Oracle 10g class now, and we'll give you the exam FREE. http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click ___ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
[Clamav-users] Patching clamd to log to stderr (for use with multilog)
Hi everyone Anyone wishing to run clamd under daemontools http://cr.yp.to/daemontools.html can use the attached patch I hacked together, which is almost identical to Len Budney's patch: http://mysite.verizon.net/vze1ypud/software/qscanq/clamav-0.70-stderr.patch.gz I didn't notice Len had updated his previous patch, so I rolled my own based on his old patch, without checking first. Anyway, here it is if anyone is interested. Patch like so: tar xzf clamav-0.70.tar.gz patch -p0 &1 exec setuidgid clamav /usr/sbin/clamd /service/clamd/log/run: #!/bin/sh exec setuidgid clamav \ multilog t s100 n20 /var/log/clamav The run files assume clamav is configured as follows: ./configure \ --prefix=/usr \ --datadir=/var/lib \ --sysconfdir=/etc/clamav \ --disable-clamuko cheers Dale clamav-0.70-stderr.patch Description: Binary data
