[Slackbuilds-users] ClamAV logging inconsistencies
pyllyukko
pyllyukko at maimed.org
Wed Jan 16 18:04:48 UTC 2013
Hello.
On Sun, Oct 21, 2012 at 01:28:15PM +0300, pyllyukko wrote:
> I ran into more problems with ClamAV. Now that the script sends SIGHUP
> to both clamd and freshclam, it might be required to add 'sharedscripts'
> to the logrotate conf.
>
> Also, I received this from logrotate by mail:
> (I have 'create 0640 root adm' in /etc/logrotate.conf, hence the GID)
>
> error: error setting owner of /var/log/clamav/clamd.log to uid 0 and gid
> 4: Operation not permitted
> error: error setting owner of /var/log/clamav/freshclam.log to uid 0 and
> gid 4: Operation not permitted
>
> I noticed that the clamav logrotate script only has the 'su' option, and
> lacks 'create' completely. I believe this might be the reason.
>
>
> But, I still need to do more tests to make sure, and to find out how I
> can get it working perfectly.
After some testing, I've come to the conclusion that the "create"
configuration is also necessary, otherwise the logging from clamd stops
after rotation.
So here's my complete working conf:
/var/log/clamav/*.log {
su clamav clamav
weekly
rotate 5
compress
delaycompress
notifempty
missingok
create 0660 clamav clamav
sharedscripts
postrotate
/bin/kill -HUP `cat /var/run/clamav/clamd.pid 2>/dev/null` 2>/dev/null || true
/bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2>/dev/null` 2>/dev/null || true
endscript
}
Can someone update this to the SlackBuild?
--
pyllyukko
email: <pyllyukko at maimed.org>
pgp: 0xA1F32EAA
www: http://maimed.org/~pyllyukko/
twitter: https://twitter.com/pyllyukko
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20130116/265acb0d/attachment.asc>
More information about the SlackBuilds-users
mailing list