F-Secure and failure to start
Thomas Jarosch
thomas.jarosch at intra2net.com
Mon Jun 27 09:33:06 CEST 2016
Hi Alex,
On Sunday, 26. June 2016 19:48:24 Alex wrote:
> > I have the following configuration in my amavisd.conf:
> > ### http://www.f-secure.com/ version 9.14
> >
> > ['F-Secure Linux Security',
> >
> > ['/usr/bin/fsav', 'fsav'],
> > '--virus-action1=report --archive=yes --auto=yes '.
> > '--list=no --nomimeerr {}', [0], [3,4,6,8],
> > qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ],
> > # NOTE: internal archive handling may be switched off by
> > '--archive=no'
> > # to prevent fsav from exiting with status 9 on broken archives
> >
> > Can someone confirm for me that the above is the proper method of
> > invocation for the current version (11.0 build 79) of f-secure?
your invocation line looks ok to me, but the devil might be in the details.
Here's my invocation line:
--------------------------
@av_scanners = (
['F-Secure Antivirus', '/opt/f-secure/fssp/bin/fsav',
'--allfiles --mime --archive --usedaemon --nopass --nomimeerr --nomimepart --noinvalidmime --maxnested=20 {}',
[0,4,8],
[3,6],
qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ],
);
--------------------------
You can try the following:
Invoke fsav from the cmdline as root user. If you can scan an eicar test file with it,
try again after changing to the amavisd user. May be it's a permission problem
that when the fsav binary is invoked as the amavisd user,
it does not have access to the F-secure daemon socket.
Besides that I can't offer much help :)
Cheers,
Thomas
More information about the amavis-users
mailing list