Yuri Nosyrev wrote:
I'm guarded with the output of kavscanner:
Just
'Kaspersky Virus Scanner for linux. Version 5.0.2.0/RELEASE build #1
Copyright (C) Kaspersky Lab. 1998-2003.'
is not enough, there are no any words about licence or AV-base
which always appear in the output while running kavscanner from command line (under qscand user too)
More over about kavscanner's output, i.e $avp_binary output:
the output of
# setuidgid qscand /usr/bin/kavscanner /var/spool/qmail-scanner
(options are set in conf-file) is:
########################################################################
[04-08-2004 09:45:16 I] Copyright (C) Kaspersky Lab. 1998-2003.
[04-08-2004 09:45:46 I] Kaspersky Virus Scanner for linux. Version 5.0.2.0/RELEASE build #1
[04-08-2004 09:45:46 I] Copyright (C) Kaspersky Lab. 1998-2003.
[04-08-2004 09:45:48 I] There are 1 Kaspersky license keys found:
[04-08-2004 09:45:48 I] License file 00068B01.key, serial 0286-000416-00068B01, "юМРХБХПСЯ йЮЯОЕПЯЙНЦН Business Optimal (LP) for Linux File Serv
er", expires 24-03-2005 in 234 days
[04-08-2004 09:45:48 I] There are 95131 records loaded, the latest update 03-08-2004
[04-08-2004 09:45:48 I] Config file: /etc/kav/5.0/kav4unix.conf
[04-08-2004 09:45:48 I] The scan path: /var/spool/qmail-scanner/
[04-08-2004 09:45:48 D] Configuration options:
...
[04-08-2004 09:45:48 A] /var/spool/qmail-scanner/quarantine.log OK
[04-08-2004 09:45:48 A] /var/spool/qmail-scanner/quarantine.log OK
[04-08-2004 09:45:48 A] /var/spool/qmail-scanner/mailstats.csv OK
[04-08-2004 09:45:48 A] /var/spool/qmail-scanner/quarantine-attachments.txt OK
[04-08-2004 09:45:49 A] /var/spool/qmail-scanner/qmail-queue.log OK
[04-08-2004 09:45:49 A] /var/spool/qmail-scanner/quarantine-attachments.db OK
[04-08-2004 09:45:49 A] /var/spool/qmail-scanner/refresh_db OK
[04-08-2004 09:45:49 A] /var/spool/qmail-scanner/qmail-scanner-queue-version.txt OK
[04-08-2004 09:45:49 I] Scan summary: Files=8 Folders=9 Archives=0 Packed=0 Infected=0 Warnings=0 Suspicios=0 Cured=0 CureFailed=0 Corrupted=0 P
rotected=0 Error=0 ScanTime=00:00:01 ScanSpeed=99.009 Kb/s
########################################################################
ok, let us look at qmail-scanner + kavscanner output:
$DD=`$avp_binary $ENV{'TMPDIR'} 2>&1` shows just this:
************************************************************************
[04-08-2004 09:45:16 I] Copyright (C) Kaspersky Lab. 1998-2003.
[04-08-2004 09:45:46 I] Kaspersky Virus Scanner for linux. Version 5.0.2.0/RELEASE build #1
************************************************************************
the same as command
# kavscanner -v
:) very interesting... the whole calling of kavscanner is above, there's no "-v" option in it indeed.
ok, follow me... what if we change string "$DD=`$avp_binary $ENV{'TMPDIR'} 2>&1`" to something, say "$DD=`ls -l $ENV{'TMPDIR'}`"???
...done:
$DD=`ls -l $ENV{'TMPDIR'}` and its output:
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Wed, 04 Aug 2004 10:05:29 YAKST:28416: --output of avp was:
total 84
-rw------- 1 qscand vchkpw 79 Aug 4 10:05 1091577929.28420-0.phoenix.slavel.ru
-rw------- 1 qscand vchkpw 420 Aug 4 10:05 1091577929.28420-1.phoenix.slavel.ru
-rw------- 1 qscand vchkpw 28978 Aug 2 05:48 file.zip
-rw------- 2 qscand vchkpw 42050 Aug 4 10:05 orig-phoenix.slavel.ru109157792847928416
--
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
It works correct for sure...
Does it help somehow?
Group owner of files above is vchkpw because of smtp-auth over vpopmail's accounts, but I guess it doesn't matter: chmod=600
-- ------------- Best Regards, Yuri Nosyrev mailto: nua at slavel dot ru
------------------------------------------------------- This SF.Net email is sponsored by OSTG. Have you noticed the changes on Linux.com, ITManagersJournal and NewsForge in the past few weeks? Now, one more big change to announce. We are now OSTG- Open Source Technology Group. Come see the changes on the new OSTG site. www.ostg.com _______________________________________________ Qmail-scanner-general mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/qmail-scanner-general
