rc.local question/problem
Cameron Simpson
cs at zip.com.au
Sun Jul 3 04:45:39 UTC 2011
On 02Jul2011 20:40, Paul Allen Newell <pnewell at cs.cmu.edu> wrote:
| I am trying to run clamav from rc.local so it happens whenever I power
| on and/or reboot. Script fails as though it can't open anything. Running
| the script as root works like a champ. Am I mistaken in thinking that I
| can run any *.sh file in ~root in rc.local and it will be run as root
| (meaning no permission problems).
That should be the case. (Of course, SELinux can break anything - if you
run out of ideas you could turn it off to see if the behaviour changes.)
| Line in /etc/rc.d/rc.local:
| /root/virus-scan.sh > /dev/null 2>&1
Throwing away the output will not help your diagnosis. Try this:
/root/virus-scan.sh >/root/rc-local-virus.out 2>/root/rc-local-virus.err
and see what shows up.
| Summary of version in ~root/virus-scan.sh
| #!/bin/sh
| COMMON_DIRS="/home /tmp" # skipping all /bin /sbin et al for this test
| /usr/bin/clamscan -ri $COMMON_DIRS --log="/var/log/clamscan.log"
|
| Contents of log show /home as "can't open" and certain files in /tmp as
| "Permission denied"
Weird.
Try putting some stuff at the start of virus-scan.sh:
set -x
pwd
id
You can then verify that it is running as root and where.
The -x will let you check the command line of clamscan is correct.
Thought: is clamscan setuid or something?
If you get nowhere there, try stracing the clamscan run:
strace -e trace=file /usr/bin/clamscan ...args..here... 2>/root/strace.out
and you should get to see exactly what clamscan is doing, filewise.
Cheers,
--
Cameron Simpson <cs at zip.com.au> DoD#743
http://www.cskk.ezoshosting.com/cs/
We are all agreed that your theory is crazy. The question that divides us is
whether it is crazy enough to have a chance of being correct.
- Niels Bohr (to Wolfgang Pauli), 1958
More information about the users
mailing list