Enrique Verdes a écrit :
Jérôme Blion escribió:
Gordon Messmer a écrit :
Enrique Verdes wrote:
Gordon Messmer escribió:
clamd probably doesn't have access to the mail spool unless you run it
either as root, or as the same user that Courier uses.
I encourage you to use the clamav.py filter from the distribution. It
won't have that problem.
clamav.py from the distribution uses pyclamav. In the page of pyclamav
they encourage to use the new pyclamd.
So it does. I'm not sure why... the scanfile() function isn't affected,
and still works as it always has.
Also, pyclamav uses clamav and
libclamav 0.88 and I'm running clamav 0.90.3.
You can rebuild pyclamav 0.4.0 with clamav 0.90.3. It works.
No need...
Jun 8 18:29:42 jupiter courierfilter: File
"/usr/lib/python2.4/site-packages/pythonfilter/clamav.py", line 34, in
doFilter
Jun 8 18:29:42 jupiter courierfilter: if avresult[0]:
It's not sufficient to just replace pyclamav with pyclamd.
pyclamd.scan_file returns a different data type than pyclamav.scanfile
does. You might check the list archives, someone else was recently
using pyclamd.
Here is the clamd.py I use on 2 servers...
Thanks Jerome, I tried your file, only modifying the clamd socket
location.
That's what I get:
Jun 11 11:30:35 jupiter courierfilter: Debugging filter invoked:
Jun 11 11:30:35 jupiter courierfilter: PID: 19788
Jun 11 11:30:35 jupiter courierfilter: CWD: /usr/lib/courier
Jun 11 11:30:35 jupiter courierfilter: EUID: 200
Jun 11 11:30:35 jupiter courierfilter: EGID: 200
Jun 11 11:30:35 jupiter courierfilter: UID: 200
Jun 11 11:30:35 jupiter courierfilter: GID: 200
Jun 11 11:30:35 jupiter courierfilter: Additional groups: [200]
Jun 11 11:30:35 jupiter courierfilter: Body:
/usr/lib/courier/var/tmp/118157/D3594080
Jun 11 11:30:35 jupiter courierfilter: Raw stat: (33200, 3594081L,
2304L, 1, 200, 200, 37602L, 1181572234, 1181572235, 1181572235)
Jun 11 11:30:35 jupiter courierfilter: Control file:
/usr/lib/courier/var/tmp/118157/1181572234.30864.mail.uygroup.com.uy
Jun 11 11:30:35 jupiter courierfilter: Raw stat: (33200, 3594080L,
2304L, 1, 200, 200, 194L, 1181572234, 1181572234, 1181572234)
Jun 11 11:30:35 jupiter courierfilter: Uncaught exception in "clamav"
doFilter function: ScanError:lstat() failed. ERROR
Jun 11 11:30:35 jupiter courierfilter: File
"/usr/lib/courier/etc/filters/active/pythonfilter", line 180, in
processMessage
Jun 11 11:30:35 jupiter courierfilter: replyCode =
i_filter[1](bodyFile, controlFileList)
Jun 11 11:30:35 jupiter courierfilter: File
"/usr/lib/python2.4/site-packages/pythonfilter/clamav.py", line 31, in
doFilter
Jun 11 11:30:35 jupiter courierfilter: avresult =
pyclamd.contscan_file(bodyFile)
Jun 11 11:30:35 jupiter courierfilter: File
"/usr/lib/python2.4/pyclamd.py", line 328, in contscan_file
Jun 11 11:30:35 jupiter courierfilter: raise ScanError, virusname
Which user is running your clamd daemon?
Courier and clamd are working as root...
As the file is provided by pythonfilter to the clamd socket, I'm not
sure that's the problem.
What are the permissions on pythonfilter file?
You can try to run clamd as root, but I don't think it will solve anything.
BR.
Jerome Blion.
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
