Date: Sat, 27 Aug 2022 10:18:31 +0300 From: Christos Chatzaras <chris@cretaforce.gr> To: FreeBSD User <freebsd@walstatt-de.de>, FreeBSD CURRENT <freebsd-current@freebsd.org>, FreeBSD Ports <freebsd-ports@freebsd.org>, yasu@freebsd.org Subject: Re: security/clamav: /ar/run on TMPFS renders the port broken by design Message-ID: <EA7AF8D6-E52F-47EF-BD3E-3757395A2237@cretaforce.gr> In-Reply-To: <20220827083042.73e7f439@thor.intern.walstatt.dynvpn.de> References: <20220827083042.73e7f439@thor.intern.walstatt.dynvpn.de>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, Maybe you can use a shell script that creates the directory with @reboot = at cron. If this doesn't work (not sure if clamav starts before cron), = then maybe you can use monit to create the directory and start clamav. Kind regards, Christos Chatzaras > On 27 Aug 2022, at 09:30, FreeBSD User <freebsd@walstatt-de.de> wrote: >=20 > Hello, >=20 > I'm referencing to Bug 259699 [2] and Bug 259585 [1]. >=20 > Port security/clamav is without doubt for many of FreeBSD users an = important piece of security > software so I assume a widespread usage. >=20 > It is also a not uncommon use case to use NanoBSD or any kind of = low-memory-footprint > installation schemes in which /var/run - amongst other system folders = - are created at boot > time as TMPFS and highly volatile. >=20 > In our case, the boxes running a small security appliance based upon = FreeBSD is rebooted every > 24 hours and so /var/run is vanishing. >=20 > To make the long story short: >=20 > The solution for this problem would be a check for existence and take = action addendum in > precmd() routine of the rc-script as sketched in Bug 259699. > The maintainer rejects such a workaround by arguing this would violate = POLA (see comment 4 in > PR 259699 [2]. The maintainer's argument regaring to mtree's files are = sound to me. >=20 > The question is: how can this issue be solved? >=20 > It is really hard to always chenge our local repository and patch = whenever clamav has been > patched and modified for what reason ever. >=20 > Tahanks for reading, >=20 > kind regards >=20 > O. Hartmann >=20 > [1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D259585 > [2] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D259699 >=20 >=20 > --=20 > O. Hartmann >=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?EA7AF8D6-E52F-47EF-BD3E-3757395A2237>