amavis-new vs. clam-av (delsi)
Martin Calko
calko.martin na cpost.cz
Středa Květen 18 12:47:56 CEST 2005
Nasledujici text se tyka "ClamAV 0.85.1/885/Wed May 18 10:25:09 2005",
"amavisd-new-20030616-p9" a SuSE 9.1/i386/32bit.
Co mne trapi: amavisd nepreda fragmenty zasilky clamd k oskenovani.
Duvod naznacuje hlaska "ANTI-VIRUS code NOT loaded" z logu amavis-u. V
popisu na http://www200.pair.com/mecham/spam/clamav-amavisd-new.html se
zminuje, ze lokalni socket nasvaeny v konfiguraci clamd musi odpovidat
temuz nastavenemi amavisd. IMHO odpovida, ale amavis po startu (asi)
nerozpozna, ze tam je a nedojde k nacteni kodu pro antivirove funkce.
Oba demony shodne bezi pod uzivatelem vscan a prava na soketu by jim asi
prekazet nemela (srwxrwxrwx 1 65 101 0 May 18 12:29 clamd-socket=).
Budu rad za postrceni spravnym smerem.
--- amavisd.conf ---
@av_scanners = (
# ### http://www.clamav.net/
['Clam Antivirus-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/lib/clamav/clamd-socket"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# # NOTE: run clamd under the same user as amavisd; match the
socketamavisd-new-20030616-p9
# # name (LocalSocket) in clamav.conf to the socket name in this entry
# # When running chrooted one may prefer: ["CONTSCAN {}\n","$MYHOME/clamd"],
~~~ vynechano ~~~
@av_scanners_backup = (
### http://www.clamav.net/
['Clam Antivirus - clamscan', 'clamscan',
'--stdout --no-summary -r {}', [0], [1],
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
--- amavisd.conf ---
--- clamav.conf ---
# Path to a local socket file the daemon will listen on.
# Default: disabled
LocalSocket /var/lib/clamav/clamd-socket
# Remove stale socket after unclean shutdown.
# Default: disabled
FixStaleSocket
# TCP port address.
# Default: disabled
#TCPSocket 3310
# TCP address.amavisd-new-20030616-p9
# By default we bind to INADDR_ANY, probably not wise.
# Enable the following to provide some degree of protection
# from the outside world.
# Default: disabled
#TCPAddr 127.0.0.1
--- clamav.conf ---
# amavisd debug
May 18 12:30:45 charon amavisd[3284]: starting. amavisd at charon
amavisd-new-20030616-p9, Unicode aware, LC_CTYPE=cs_CZ.UTF-8
May 18 12:30:45 charon amavisd[3284]: Perl version 5.008003
May 18 12:30:45 charon amavisd[3284]: Module Amavis::Conf 1.15
May 18 12:30:45 charon amavisd[3284]: Module Archive::Tar 1.08
May 18 12:30:45 charon amavisd[3284]: Module Archive::Zip 1.09
May 18 12:30:45 charon amavisd[3284]: Module Compress::Zlib 1.33
May 18 12:30:45 charon amavisd[3284]: Module Convert::TNEF 0.17
May 18 12:30:45 charon amavisd[3284]: Module Convert::UUlib 1.0
May 18 12:30:45 charon amavisd[3284]: Module DB_File 1.808
May 18 12:30:45 charon amavisd[3284]: Module MIME::Entity 5.404
May 18 12:30:45 charon amavisd[3284]: Module MIME::Parser 5.406
May 18 12:30:45 charon amavisd[3284]: Module MIME::Tools 5.411
May 18 12:30:45 charon amavisd[3284]: Module Mail::Header 1.60
May 18 12:30:45 charon amavisd[3284]: Module Mail::Internet 1.6---
amavisd.conf ---0
May 18 12:30:45 charon amavisd[3284]: Module Mail::SpamAssassin 2.63
May 18 12:30:45 charon amavisd[3284]: Module Net::Cmd 2.24
May 18 12:30:45 charon amavisd[3284]: Module Net::DNS 0.46
May 18 12:30:45 charon amavisd[3284]: Module Net::SMTP 2.26
May 18 12:30:45 charon amavisd[3284]: Module Net::Server 0.87
May 18 12:30:45 charon amavisd[3284]: Module Time::HiRes 1.52
May 18 12:30:45 charon amavisd[3284]: Module Unix::Syslog 0.100
May 18 12:30:45 charon amavisd[3284]: Found myself: /usr/sbin/amavisd -c
/etc/amavisd.conf
May 18 12:30:45 charon amavisd[3284]: Lookup::SQL code NOT loaded
May 18 12:30:45 charon amavisd[3284]: Lookup::LDAP code NOT loaded
May 18 12:30:45 charon amavisd[3284]: AMCL-in protocol code loaded
May 18 12:30:45 charon amavisd[3284]: SMTP-in protocol code loaded
May 18 12:30:45 charon amavisd[3284]: ANTI-VIRUS code NOT loaded
May 18 12:30:45 charon amavisd[3284]: ANTI-SPAM code loaded
May 18 12:30:45 charon amavisd[3284]: Net::Server: 2005/05/18-12:30:45
Amavis (type Net::Server::PreForkSimple) starting! pid(3284)
May 18 12:30:45 charon amavisd[3284]: Net::Server: Binding to UNIX
socket file /var/spool/amavis/amavisd.sock using SOCK_STREAM
May 18 12:30:45 charon amavisd[3284]: Net::Server: Binding to TCP port
10024 on host 127.0.0.1
May 18 12:30:45 charon amavisd[3284]: Net::Server: Setting gid to "101 101"
May 18 12:30:45 charon amavisd[3284]: Net::Server: Setting uid to "65"
May 18 12:30:45 charon amavisd[3284]: Net::Server: Setting up
serialization via flock
May 18 12:30:45 charon amavisd[3284]: Found $file at /usr/bin/file
May 18 12:30:45 charon amavisd[3284]: Found $arc at /usr/bin/arc
May 18 12:30:45 charon amavisd[3284]: Found $gzip at /usr/bin/gzip
May 18 12:30:45 charon amavisd[3284]: Found $bzip2 at /usr/bin/bzip2
May 18 12:30:45 charon amavisd[3284]: No $lzop, not using it
May 18 12:30:45 charon amavisd[3284]: Found $lha at /usr/bin/lha
May 18 12:30:45 charon amavisd[3284]: Found $unarj at /usr/bin/unarj
May 18 12:30:45 charon amavisd[3284]: Found $uncompress at
/usr/bin/uncompress
May 18 12:30:45 charon amavisd[3284]: No $unfreeze, not using it
May 18 12:30:45 charon amavisd[3284]: Found $unrar at /usr/bin/rar
May 18 12:30:45 charon amavisd[3284]: Found $zoo at /usr/bin/zoo
May 18 12:30:45 charon amavisd[3284]: Found $cpio at /usr/bin/cpio
May 18 12:30:45 charon amavisd[3284]: SpamControl: initializing
Mail::SpamAssassin
May 18 12:30:45 charon amavisd[3284]: SpamControl: done
May 18 12:30:45 charon amavisd[3284]: Net::Server: Beginning prefork (2
processes)
May 18 12:30:45 charon amavisd[3284]: Net::Server: Starting "2" children
May 18 12:30:45 charon amavisd[3284]: Net::Server: Parent ready for
children.
May 18 12:30:45 charon amavisd[3285]: Net::Server: Child Preforked (3285)
May 18 12:30:45 charon amavisd[3286]: Net::Server: Child Preforked (3286)
May 18 12:31:00 charon amavisd[3285]: Net::Server: 2005/05/18-12:31:00
CONNECT UNIX Socket: "/var/spool/amavis/amavisd.sock"
May 18 12:31:00 charon amavisd[3285]: prolong_timer after new request -
timer reset: remaining time = 300 s
---
Další informace o konferenci Linux