[Pkg-clamav-devel] Bug#777219: Bug#777219: upgrade breaks when User != clamav

Andreas Cadhalpun andreas.cadhalpun at googlemail.com
Fri Feb 6 13:38:16 UTC 2015 

Hi Sebastian,

On 06.02.2015 13:49, Sebastian Andrzej Siewior wrote:
> After upgrade from previous version to the newer where fixed #775400 we
> break freshclam from upgrading the database if the owner was != clamav
> say Debian-Exim with:

How could the owner of /var/lib/clamav become something other than clamav?
clamav-base sets it to clamav and nothing ever changes it, even if one 
would manually change DatabaseOwner in freshclam.conf.
The only way I see is that someone manually chowned it. But I don't 
think that is supported, just as chowning e.g. /var/lib/apt isn't.

> |ERROR: Can't create temporary directory /var/lib/clamav/clamav-431a9586a36e125909ede027609c7aa7.tmp
> |Hint: The database directory must be writable for UID 101 or GID 103
>
> it affects s-p-u and unstable. This is the proposed (untested) fix.
>
> diff --git a/debian/clamav-base.postinst.in b/debian/clamav-base.postinst.in
> --- a/debian/clamav-base.postinst.in
> +++ b/debian/clamav-base.postinst.in
> @@ -28,7 +28,16 @@ case "$1" in
>
>     DATABASEDIR=/var/lib/clamav
>     LOGDIR=/var/log/clamav
> -  user=clamav
> +
> +  if [ -f /etc/clamav/freshclam.conf ]
> +  then
> +	  user=$(grep ^DatabaseOwner /etc/clamav/freshclam.conf | awk '{print $2}')
> +  elif [ -f /etc/clamav/clamd.conf ]
> +  then
> +	  user=$(grep ^User /etc/clamav/clamd.conf | awk '{print $2}')

Why this? It is the wrong user.

> +  else
> +	  user=clamav
> +  fi
>
>     # Set up the clamav user on new install
>     if [ -z "$2" ]; then
>
>
> I would test it & prepare s-p-u & unstable package later today. But since
> nobody noticed this breakage in unstable for a week it might not be that
> serious after all or is it?

I would even say it's not really a bug, given that manually chowning in 
/var/lib should not be done. That might also explain, why nobody complained.

However, if you think it's worth supporting, this patch (without the 
clamd.conf part) should be OK.

Best regards,
Andreas

More information about the Pkg-clamav-devel mailing list