Re: [Clamav-users] clamav + proftpd
Yavuz Maşlak schrieb: cat clamd.conf LocalSocket /var/run/clamav/clamd.sock FixStaleSocket no TCPSocket 3310 TCPAddr 127.0.0.1 ... cat proftpd.conf IfModule mod_clamav.c ClamAV on ClamServer 127.0.0.1 ClamPort 3310 ClamLocalSocket /var/run/clamav/clamd.sock /IfModule ls -l /var/run/clamav/clamd.sock srwxrwxrwx 1 clamav clamav 0 Aug 26 11:02 /var/run/clamav/clamd.sock But when I upload a file via ftp, I get an error as following; Aug 13 23:30:56 proftpd[93135] (192.168.12.248[192.168.12.248]): mod_clamav/0.11rc: error: Cannot connect to Clamd (2): No such file or directory Is your proftpd running chrooted? In that case you'll have to put clamd.sock somewhere inside its chroot jail, and strip the chroot path from the ClamLocalSocket parameter. HTH T. -- Tilman Schmidt Phoenix Software GmbH Bonn, Germany signature.asc Description: OpenPGP digital signature ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Configuring SkipAuthenticated users in clamav-milter
Jerry wrote: If not, would this syntax work in the clamav-milter.conf file? SkipAuthenticated ^(m...@hostname.mydomain.net \ y...@hostname.mydomain.net \ ot...@hostname.mydomain.net)$ Unfortunately not. The feature was requested by a single person (who also provided a draft patch to whitelist *all* auth'ed users). I took the idea and made it use a regex as i thought it would allow to whitelist things like @domain with ease. If this doesn't work for you (i can certainly see why) then please open a ticket on the bugzilla to optionally make it read entries from a file. When time permits I'll work on that. -aCaB ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] clamav + proftpd
Is your proftpd running chrooted? Yes I running proftpd as chrooted. when I remove chrooted, proftpd will run with clamd. In that case you'll have to put clamd.sock somewhere inside its chroot jail, and strip the chroot path from the ClamLocalSocket parameter. I have some virtual users. Could you give an example how I will have to put clamd.sock and other needed jobs. ? Thanks ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Freshclam error
I don't think this posted to the list: Well I figured it out, apparmor is on the box, and I'd really rather not disable it. I've currently got CLAMAV 0.95.1 installed (its the most recent backport) but I think it 0.95.2 that fixes this problem, but I can't find a repository for it anywhere. Is there a repository (or .deb files) that I could download and install? ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Configuring SkipAuthenticated users in clamav-milter
On Fri, 28 Aug 2009 12:06:45 +0200 aCaB aca...@digitalfuture.it wrote: Jerry wrote: If not, would this syntax work in the clamav-milter.conf file? SkipAuthenticated ^(m...@hostname.mydomain.net \ y...@hostname.mydomain.net \ ot...@hostname.mydomain.net)$ Unfortunately not. The feature was requested by a single person (who also provided a draft patch to whitelist *all* auth'ed users). I took the idea and made it use a regex as i thought it would allow to whitelist things like @domain with ease. If this doesn't work for you (i can certainly see why) then please open a ticket on the bugzilla to optionally make it read entries from a file. When time permits I'll work on that. -aCaB Thanks, I will do that. I certainly would not want to white-list all authenticated users, so using @domain would probably be overkill, although I can see the usefulness of the concept for other users. The option to white-list all authenticated uses without listing each user individually might be a good option for the milter. Personally, I would prefer to maintain a separate file to make maintaining the list easier. How clamav-milter would handle an external file is also a concern. Would it read it only upon start up, or reread it whenever it is modified? The latter method would eliminate the need to restart the milter if the file is modified making system management easier. Perhaps having it reread the file a preset interval like clamd does with it's definition files would be acceptable. -- Jerry ges...@yahoo.com Where you stand depends on where you sit. -- Rufus Miles, HEW ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Configuring SkipAuthenticated users in clamav-milter
Jerry wrote: How clamav-milter would handle an external file is also a concern. Would it read it only upon start up, or reread it whenever it is modified? The latter method would eliminate the need to restart the milter if the file is modified making system management easier. Perhaps having it reread the file a preset interval like clamd does with it's definition files would be acceptable. That would not be the unix way. The unix way is to read config files on startup and on HUP or USR. However signaling in the milter is problematic because libmilter does its own signal catching; that's braindead, if you ask me, but that's the way it is. -aCaB ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Configuring SkipAuthenticated users in clamav-milter
On Fri, 28 Aug 2009 18:56:59 +0200 aCaB aca...@digitalfuture.it wrote: [snip] That would not be the unix way. The unix way is to read config files on startup and on HUP or USR. However signaling in the milter is problematic because libmilter does its own signal catching; that's braindead, if you ask me, but that's the way it is. Thanks, I was not aware of the problem with libmilter. -- Jerry ges...@yahoo.com Imitation is the sincerest form of television. Fred Allen ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Configuring SkipAuthenticated users in clamav-milter
On Fri, 28 Aug 2009, aCaB wrote: Jerry wrote: How clamav-milter would handle an external file is also a concern. Would it read it only upon start up, or reread it whenever it is modified? The latter method would eliminate the need to restart the milter if the file is modified making system management easier. Perhaps having it reread the file a preset interval like clamd does with it's definition files would be acceptable. That would not be the unix way. The unix way is to read config files on startup and on HUP or USR. However signaling in the milter is problematic because libmilter does its own signal catching; that's braindead, if you ask me, but that's the way it is. -aCaB The sendmail way would be to add these whitelist entries into the access database. This method would only require re-hashing the berkeley database. Ted ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
Re: [Clamav-users] Configuring SkipAuthenticated users in clamav-milter
On Fri, 28 Aug 2009 12:32:49 -0500 (CDT) Ted Hatfield t...@pat.io.com wrote: [snip] The sendmail way would be to add these whitelist entries into the access database. This method would only require re-hashing the berkeley database. That is similar to how Postfix handles databases that are frequently modified. I concur that it would seem like excellent solution to the problem. -- Jerry ges...@yahoo.com What is irritating about love is that it is a crime that requires an accomplice. Charles Baudelaire ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml