On Thu 21/Mar/2019 15:05:59 +0100 Bowie Bailey wrote: > > $ pkg-config --atleast-version=0.101.0 libclamav --print-errors > Package libclamav was not found in the pkg-config search path. > Perhaps you should add the directory containing `libclamav.pc' > to the PKG_CONFIG_PATH environment variable > No package 'libclamav' found > > Once I found that file (in /usr/local/lib64/pkgconfig) and added the > directory to the > config path, I was able to complete the configure and make without any > further errors.
Hm.. that way pkg-config couldn't find itself? > When I ran "make check", it failed on 11 of 12 tests. I was able to fix most > of the > tests by adding '/usr/local/lib64' to the LD_LIBRARY_PATH so it could find > libclamav.so. I assume I'll need to make a similar change somewhere when I > add the > filter to Courier. Or you might add it to ld.so.conf? Otherwise, you may try building with CFLAGS=-Wl,-rpath,/usr/local/lib64 and check ldd. The issue is the ability to have libraries of different versions simultaneously installed on the same system. See e.g.: https://unix.stackexchange.com/questions/356624/why-isnt-usr-local-lib-on-the-library-path-by-default > Now, it's only failing the per-virus behavior test. The relevant section of > the > testsuite.log looks like this: > > 9. testsuite.at:540: testing per-virus behavior ... > ./testsuite.at:551: unset DEBUG_FILTER; $VALGRIND_AND_OPTS $AVFILTEREXEC -f > avtest.conf -t two.mail > ./testsuite.at:561: unset DEBUG_FILTER; $VALGRIND_AND_OPTS $AVFILTEREXEC -f > avtest.conf -t two.mail > ./testsuite.at:571: unset DEBUG_FILTER; $VALGRIND_AND_OPTS $AVFILTEREXEC -f > avtest.conf -t two.mail > ./testsuite.at:582: unset DEBUG_FILTER; $VALGRIND_AND_OPTS $AVFILTEREXEC -f > avtest.conf -t two.mail > ./testsuite.at:593: unset DEBUG_FILTER; $VALGRIND_AND_OPTS $AVFILTEREXEC -f > avtest.conf -t two.mail Well, the above is my laziness of including multiple tests into one. > ./testsuite.at:606: unset DEBUG_FILTER; $VALGRIND_AND_OPTS $AVFILTEREXEC -f > avtest.conf -t eicar.mail > ./testsuite.at:612: egrep '^ClamAV-Found: Eicar' eicar.mail | $WC -l > --- - 2019-03-21 09:56:42.104212351 -0400 > +++ /home/bowieb/source/avfilter-3.5/tests/testsuite.dir/at-groups/9/stdout > > 2019-03-21 09:56:42.100299898 -0400 > @@ -1,2 +1,2 @@ > -1 > +0 That last test tests the following config setting: action_default drop virus_header ClamAV-Found pass Eicar-Test* That is, drop infected messages, but if the virus is named "Eicar-Test*" just add a header field and pass the message. The test message, eicar.mail, should actually be infected: ale@pcale:~/tmp/courier/avfilter/svn/tests/testsuite.dir/09$ clamscan -i -d ../../small eicar.mail eicar.mail: Eicar-Test-Signature.UNOFFICIAL FOUND ----------- SCAN SUMMARY ----------- Known viruses: 1 Engine version: 0.101.1 Scanned directories: 0 Scanned files: 1 Infected files: 1 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 0.008 sec (0 m 0 s) Running avfilter on that should add a header field: ale@pcale:~/tmp/courier/avfilter/svn/tests/testsuite.dir/09$ ../../../src/tavfilter -f avtest.conf -t eicar.mail 250 Ok. More verbosely: ale@pcale:~/tmp/courier/avfilter/svn/tests/testsuite.dir/09$ sed -i '/^verbose/s/0/4/' avtest.conf ale@pcale:~/tmp/courier/avfilter/svn/tests/testsuite.dir/09$ ../../../src/tavfilter -f avtest.conf -t eicar.mail ERR: avfilter[12341]: unwritable pid dir directory /var/run/courier: Permission denied avfilter[12341]: Virus engine version: 0.101.1 (f=102) avfilter[12341]: Virus data version: 0 avfilter[12341]: Virus data date: 1 Jan 1970 avfilter[12341]: No. of viruses: 1 avfilter: running test on 1 files avfilter[12341]: waiting for 1 child(ren) INFO: avfilter: found virus "Eicar-Test-Signature.UNOFFICIAL"; specific action: pass INFO: avfilter: found virus "Eicar-Test-Signature.UNOFFICIAL"; specific action: pass INFO: avfilter: found virus Eicar-Test-Signature.UNOFFICIAL; final action pass; not saved 250 Ok. At that point, the top of the header should be plenty of virus_header's (one for each invocation): ale@pcale:~/tmp/courier/avfilter/svn/tests/testsuite.dir/09$ head eicar.mail ClamAV-Found: Eicar-Test-Signature.UNOFFICIAL Eicar-Test-Signature.UNOFFICIAL Old-ClamAV-Found: Eicar-Test-Signature.UNOFFICIAL Eicar-Test-Signature.UNOFFICIAL Old-ClamAV-Found: Eicar-Test-Signature.UNOFFICIAL Eicar-Test-Signature.UNOFFICIAL Eicar-Test-Signature.UNOFFICIAL From: aut...@example.com To: vic...@example.net Subject: test message Virus-Header: what does this mean? MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=_1_1553193777_12188" And hence: ale@pcale:~/tmp/courier/avfilter/svn/tests/testsuite.dir/09$ egrep '^ClamAV-Found: Eicar' eicar.mail | wc -l 1 Instead, at yours wc wrote "0". Why? > 9. testsuite.at:540: 9. per-virus behavior (testsuite.at:540): FAILED > (testsuite.at:612) > > Suggestions? > I'd guess something must have gone wrong in the testsuite script. In the testsuite, wc is $WC, after a definition in tests/atlocal, but egrep was not checked during configure, so maybe it should have been grep -E or similar. Is that the culprit? Best Ale -- _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
