Date: Sat, 27 Aug 2022 08:30:15 +0200 From: FreeBSD User <freebsd@walstatt-de.de> To: FreeBSD CURRENT <freebsd-current@freebsd.org>, FreeBSD Ports <freebsd-ports@freebsd.org> Cc: yasu@freebsd.org Subject: security/clamav: /ar/run on TMPFS renders the port broken by design Message-ID: <20220827083042.73e7f439@thor.intern.walstatt.dynvpn.de>
next in thread | raw e-mail | index | archive | help
Hello, I'm referencing to Bug 259699 [2] and Bug 259585 [1]. Port security/clamav is without doubt for many of FreeBSD users an important piece of security software so I assume a widespread usage. It is also a not uncommon use case to use NanoBSD or any kind of low-memory-footprint installation schemes in which /var/run - amongst other system folders - are created at boot time as TMPFS and highly volatile. In our case, the boxes running a small security appliance based upon FreeBSD is rebooted every 24 hours and so /var/run is vanishing. To make the long story short: The solution for this problem would be a check for existence and take action addendum in precmd() routine of the rc-script as sketched in Bug 259699. The maintainer rejects such a workaround by arguing this would violate POLA (see comment 4 in PR 259699 [2]. The maintainer's argument regaring to mtree's files are sound to me. The question is: how can this issue be solved? It is really hard to always chenge our local repository and patch whenever clamav has been patched and modified for what reason ever. Tahanks for reading, kind regards O. Hartmann [1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259585 [2] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259699 -- O. Hartmann
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20220827083042.73e7f439>