These are the permission in /var/local/

2 /var/local # ls -al
total 48
drwxr-xr-x 9 root root 4096 Jul 27 08:01 .
drwxr-xr-x 14 root root 4096 Oct 1 15:39 ..
drwx------ 2 root root 4096 Oct 4 05:24 aide
drwsrws--- 3 clamav clamav 4096 Oct 3 12:53 clamav
drwx------ 3 root root 4096 Jun 22 17:29 lib
drwxr-xr-x 2 root root 4096 Jul 25 06:24 log
drwx------ 2 root root 16384 Jun 20 23:27 lost+found
drwx------ 2 root root 4096 Jul 21 11:17 lynis
drwx------ 2 root root 4096 Jul 21 07:12 nacctd
2 /var/local #

I use a separate file system to keep private data away from the root partition. I use ClamAV for general malware scanning.

Unfortunately my email app insists on quoting previous replies. Sorry about that.

name=Matthew%20Campbell&email=trenix25%40pm.me





-------- Original Message --------
On Oct 3, 2020, 4:42 PM, G.W. Haywood via clamav-users < clamav-users@lists.clamav.net> wrote:

Hi there,

On Sat, 3 Oct 2020, Matthew Campbell via clamav-users wrote:

> I've had this problem since I started using Debian Linux months ago. I'm using Debian Linux 10.6.
>
> /var/local/clamav # freshclam -v --debug -F --user clamav
> ERROR: Can't open /var/local/clamav/freshclam.log in append mode (check permissions!).
> ...
> Directory permisions for /var/local/clamav are 06770 owned by clamav:clamav.

Is there any particular reason for using the /var/local/ directory?
I thought Debian maintainers tended to use /var/lib/ more often.

Anyway, either you've done something strange to the system or those
aren't the permissions. Please could you paste the output of

ls -l /var/local/

into a message and let us see what you've got? Here's an example from
one of my systems. You'll see that there is an 'x' in the fourth
column of every line. If you don't have that, then that might be a
problem - but it might not be the only one.

$ ls -l /var
total 48
drwxr-xr-x 2 root root 4096 Oct 3 06:47 backups
drwxr-xr-x 12 root root 4096 Dec 23 2019 cache
drwxr-xr-x 43 root root 4096 Jul 29 12:12 lib
drwxrwsr-x 2 root staff 4096 Aug 30 2019 local
lrwxrwxrwx 1 root root 9 Sep 19 2019 lock -> /run/lock
drwxr-xr-x 18 root root 12288 Oct 2 13:34 log
drwxrwsrwt 2 root mail 4096 Oct 2 05:36 mail
drwxr-xr-x 2 root root 4096 Sep 19 2019 opt
lrwxrwxrwx 1 root root 4 Sep 19 2019 run -> /run
drwxr-xr-x 5 root root 4096 Oct 8 2019 spool
drwxrwxrwt 2 root root 4096 Oct 3 06:47 tmp
drwxr-xr-x 3 root root 4096 Dec 23 2019 www

> File permissions for /var/local/clamav/freshclam.log are 0660 owned by clamav:clamav.

That should be OK if clamav is the UID that's running freshclam.

> I get my copies of ClamAV as a Debian package. I used apt install
> clamav. I just upgraded everything to Debian 10.6 two days ago.
> I can't seem to get the malware database started. How do I fix this?

You could remove all the clamav packages (there's more than one) and
purge them, then reinstall. But if you've done really strange things
to some directory permissions you might need to do a bit more work.

What do you plan to use ClamAV for?

--

73,
Ged.

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users

Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml