Re: security/clamav: /ar/run on TMPFS renders the port broken by design
- In reply to: FreeBSD User : "security/clamav: /ar/run on TMPFS renders the port broken by design"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 27 Aug 2022 11:16:43 UTC
> On 27. Aug 2022, at 08:30, FreeBSD User <freebsd@walstatt-de.de> wrote: > > Hello, > > I'm referencing to Bug 259699 [2] and Bug 259585 [1]. > > Port security/clamav is without doubt for many of FreeBSD users an important piece of security > software so I assume a widespread usage. > > It is also a not uncommon use case to use NanoBSD or any kind of low-memory-footprint > installation schemes in which /var/run - amongst other system folders - are created at boot > time as TMPFS and highly volatile. > > In our case, the boxes running a small security appliance based upon FreeBSD is rebooted every > 24 hours and so /var/run is vanishing. Why are you rebooting every 24 hours? Best regards Michael > > To make the long story short: > > The solution for this problem would be a check for existence and take action addendum in > precmd() routine of the rc-script as sketched in Bug 259699. > The maintainer rejects such a workaround by arguing this would violate POLA (see comment 4 in > PR 259699 [2]. The maintainer's argument regaring to mtree's files are sound to me. > > The question is: how can this issue be solved? > > It is really hard to always chenge our local repository and patch whenever clamav has been > patched and modified for what reason ever. > > Tahanks for reading, > > kind regards > > O. Hartmann > > [1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259585 > [2] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259699 > > > -- > O. Hartmann >