Hylton Conacher (ZR1HPC) wrote:
Joe Sloan wrote:
Hylton Conacher (ZR1HPC) wrote:
Hi,
Looking at the Alt-Ctrl-F10 tty I see that anavis is warning that 'all
primary virus scanners failed, considering backups'
What should I do to rectify this problem i.e. I assume update amavisd,
but how, at least via YAST?
You either don't have clamav installed, or have changed the
configuration so that it's not listening to the port or socket that
amavisd expects.
If you do have clamav installed there should be additional warnings,
something about a socket.
I have clamav installed, have not changed anything and there are no
socket warnings that I could see on the Alt-F10 list.
So, now what?
Now you get off you lazy butt and see for yourself how clam-av and amavisd-new
are configured. (^-^)
egrep -v "^#" /etc/clamd.conf | egrep -v "^$"
LogTime yes
LogSyslog yes
LogFacility LOG_MAIL
PidFile /var/lib/clamav/clamd.pid
# Same localSocket as in /etc/amavisd.conf!
LocalSocket /var/run/clamav/clamd
FixStaleSocket yes
TCPSocket 3310
TCPAddr 127.0.0.1
User vscan
Foreground no
ScanOLE2 yes
ScanPDF yes
ScanMail yes
PhishingSignatures yes
PhishingScanURLs yes
Some important parts of /etc/amavisd.conf:
$daemon_user = 'vscan'; # yes, same user as clamd!
$daemon_group = 'vscan';
@av_scanners = (
['Clam Antivirus-clamd',
\&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd"],
qr/\bOK$/, qr/\bFOUND$/,
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
['H+BEDV AntiVir or CentralCommand Vexira Antivirus',
['antivir'],
'--allfiles -noboot -nombr -rs -s -z {}', [0], qr/ALERT:|VIRUS:/,
qr/(?x)^\s* (?: ALERT: \s* (?: \[ | [^']* ' ) |
(?i) VIRUS:\ .*?\ virus\ '?) ( [^\]\s']+ )/ ],
);
@av_scanners_backup = (
['Clam Antivirus - clamscan', 'clamscan',
'--stdout --no-summary -r {}', [0], [1],
qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
['FRISK F-Prot Antivirus', ['f-prot','f-prot.sh'],
'-dumb -archive -packed {}', [0,8], [3,6],
qr/Infection: (.+)/ ],
['Trend Micro FileScanner', ['/etc/iscan/vscan','vscan'],
'-za -a {}', [0], qr/Found virus/, qr/Found virus (.+) in/ ],
['KasperskyLab kavscanner', ['/opt/kav/bin/kavscanner','kavscanner'],
'-i1 -xp {}', [0,10,15], [5,20,21,25],
qr/(?:CURED|INFECTED|CUREFAILED|WARNING|SUSPICION) (.*)/ ,
sub {chdir('/opt/kav/bin') or die "Can't chdir to kav: $!"},
sub {chdir($TEMPBASE) or die "Can't chdir back to $TEMPBASE $!"},
],
);
Check that clamd actually is running:
rcclamd status
and is set to start at boot:
chkconfig clamd on
and finally, that you call fresh-clam from cron.
--
Sandy
List replies only please!
Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
