search

yo8192 / fcron

fcron is an advanced cron for Linux/Unix systems
http://fcron.free.fr
GNU General Public License v2.0
131 stars 12 forks source link

clamav: Could not chdir to HOME dir '/dev/null' #25

Open Massimo-B opened 5 months ago

Massimo-B commented 5 months ago

Hi,

I have a fcron job for clamav:

# fcrontab -u clamav -l
2024-03-19 08:09:00  INFO listing clamav's fcrontab
%daily,first(45m)       * 05-10,14-17   fangfrisch -c /etc/fangfrisch.conf refresh

However in the logs I find a message about wrong HOME:

[fcron] Could not chdir to HOME dir '/dev/null'. Trying to chdir to '/'.: Not a directory
[fcron] Job 'fangfrisch -c /etc/fangfrisch.conf refresh' started for user clamav (pid 4977)

Indeed, HOME is set to /dev/null:

# grep clamav /etc/passwd
clamav:x:130:969:System user; clamav:/dev/null:/sbin/nologin

The cronjob seems to work anyway. Should I fix the HOME and file a bug report? Should fcron provide a bugfix?

yo8192 commented 5 months ago

It does seem wrong to me to have a user with home dir /dev/null: that's not even a dir!

It looks like fcron falls back to '/' so it all seems fine from fcron's point of view?

If clamav created that user with this /dev/null homedir you may want to raise a bug against them to use an actual directory for their home dir.

On Thu, 21 Mar 2024, 09:19 Massimo-B, @.***> wrote:

Hi,

I have a fcron job for clamav:

fcrontab -u clamav -l

2024-03-19 08:09:00 INFO listing clamav's fcrontab %daily,first(45m) * 05-10,14-17 fangfrisch -c /etc/fangfrisch.conf refresh

However in the logs I find a message about wrong HOME:

[fcron] Could not chdir to HOME dir '/dev/null'. Trying to chdir to '/'.: Not a directory [fcron] Job 'fangfrisch -c /etc/fangfrisch.conf refresh' started for user clamav (pid 4977)

Indeed, HOME is set to /dev/null:

grep clamav /etc/passwd

clamav:x:130:969:System user; clamav:/dev/null:/sbin/nologin

The cronjob seems to work anyway. Should I fix the HOME and file a bug report? Should fcron provide a bugfix?

— Reply to this email directly, view it on GitHub https://github.com/yo8192/fcron/issues/25, or unsubscribe https://github.com/notifications/unsubscribe-auth/ABPHBIWIHWFECTNKNU35SBLYZKQ2RAVCNFSM6AAAAABFBBPNMWVHI2DSMVQWIX3LMV43ASLTON2WKOZSGE4TSNRRG44DGMY . You are receiving this because you are subscribed to this thread.Message ID: @.***>

Massimo-B commented 5 months ago

Coming from https://forums.gentoo.org/viewtopic-t-1167928.html ...

It seems, clamav is not the only one doing that. Maybe it's up to the distribution setting this kind of home directories. Only nologin-accounts are affected, maybe for double-securing that this account can't be used for logins and is only used for background processes:

# grep null /etc/passwd
man:x:13:15:System user; man:/dev/null:/sbin/nologin
fcron:x:101:247:A user for sys-process/fcron:/dev/null:/sbin/nologin
messagebus:x:102:246:System user; messagebus:/dev/null:/sbin/nologin
distcc:x:240:240:User used to run distcc daemon:/dev/null:/sbin/nologin
ntp:x:123:123:user for ntp daemon:/dev/null:/sbin/nologin
mysql:x:60:60:MySQL program user; user account removed @ 2022-07-26:/dev/null:/sbin/nologin
gkrellmd:x:103:102:user for gkrellm daemon; user account removed @ 2023-01-31:/dev/null:/sbin/nologin
tcpdump:x:104:101:added by portage for tcpdump:/dev/null:/sbin/nologin
dnsmasq:x:106:997:User for net-dns/dnsmasq:/dev/null:/sbin/nologin
vnstat:x:109:993:User for vnstat network monitoring:/dev/null:/sbin/nologin
hsqldb:x:110:992:added by portage for hsqldb:/dev/null:/bin/sh
ddclient:x:112:990:added by portage for ddclient:/dev/null:/sbin/nologin
systemd-bus-proxy:x:115:984:added by portage for systemd:/dev/null:/sbin/nologin
systemd-network:x:116:983:added by portage for systemd:/dev/null:/sbin/nologin
systemd-resolve:x:117:982:added by portage for systemd:/dev/null:/sbin/nologin
systemd-timesync:x:118:981:added by portage for systemd:/dev/null:/sbin/nologin
nullmail:x:88:88:added by portage for nullmailer:/var/nullmailer:/sbin/nologin
saned:x:120:979:User for media-gfx/sane-backends:/dev/null:/sbin/nologin
dhcp:x:122:977:user for dhcp daemon; user account removed @ 2022-07-26:/dev/null:/sbin/nologin
sockd:x:125:214:A user for net-proxy/dante:/dev/null:/sbin/nologin
at:x:25:25:user for at daemon:/dev/null:/sbin/nologin
tss:x:126:973:Trusted Software Stack for TPMs user:/dev/null:/sbin/nologin
rtkit:x:127:972:User for the Realtime Policy and Watchdog Daemon; user account removed @ 2022-11-04:/dev/null:/sbin/nologin
clamav:x:130:969:System user; clamav:/dev/null:/sbin/nologin
davfs2:x:420:999:System user; davfs2:/dev/null:/sbin/nologin
openvpn:x:999:966:User for net-vpn/openvpn:/dev/null:/sbin/nologin
nm-openvpn:x:998:965:A user for net-vpn/networkmanager-openvpn:/dev/null:/sbin/nologin
pcap:x:377:377:User for capturing network traffic:/dev/null:/sbin/nologin
avahi:x:61:61:user for avahi:/dev/null:/sbin/nologin
svn:x:399:399:System user; svn:/dev/null:/sbin/nologin
yo8192 commented 3 months ago

To be honest I'm not convinced /dev/null is a valid home dir. As it stands it feels to me that fcron is doing the right thing here.

However if we find an official standard or reference documentation saying that yes /dev/null HOMEs are expected, or more precedents showing that it's not just Gentoo doing that, then we could remove fcron's warning on this.