Date: Sat, 27 Aug 2022 16:26:15 +0100 From: Jamie Landeg-Jones <jamie@catflap.org> To: grembo@FreeBSD.org, freebsd@oldach.net Cc: yasu@FreeBSD.org, freebsd@walstatt-de.de, freebsd-ports@FreeBSD.org, freebsd-current@FreeBSD.org Subject: Re: security/clamav: /ar/run on TMPFS renders the port broken by design Message-ID: <202208271526.27RFQF3U071257@donotpassgo.dyslexicfish.net> In-Reply-To: <E3110EFB-EF59-40C3-ACBF-496C7F309B49@freebsd.org> References: <202208271318.27RDI9Jd044045@nuc.oldach.net> <E3110EFB-EF59-40C3-ACBF-496C7F309B49@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Michael Gmelin <grembo@FreeBSD.org> wrote: > I like the idea of having something like tmpfiles.d, it would also help port maintainers (could also be done as a port). I use tmpfs for /var/run and already have such a script for this very reason (although not clamav) I would have thought each port startup script should ensure it's file/directory exists before attempting to launch - having "tmpfiles.d" would still require some changes for the port maintainer to make to their port, but I guess it may help to keep things centralised. I'm willing to "standardise" my script if it would help, but as it stands, you can see it here: http://freebsd.dyslexicfish.net/src/ 15:47 (71) "~/x" jamie@newbie% cat /usr/common/etc/var_run.mtree # File/Directory User Group Perms # distccd.pid distcc distcc 640 ntop/ ntop ntop 750 nsd/ nsd nsd 750 netdata/ netdata netdata 750 screens/ root wheel 1777 sshdbanner/ sshdbanner sshdbanner 755 spamd/ spamd spamd 750 symon.pid _symon _symon 640 symux.pid _symon _symon 640 vnstat/ vnstat vnstat 750
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202208271526.27RFQF3U071257>