F-Secure and failure to start

Jyrki Tuohela Jyrki.Tuohela at cimo.fi
Tue Jun 28 09:33:01 CEST 2016


Hello,

In my experience F-secure works well in Debian based distros. You run the F-secure installation package, I prefer command line version in servers.
Then it installs everything under /opt (don't have right now server to check, but it is maybe /opt/f-secure/ ) Logs go under /var/opt/f-secure if i remember right.
F-secure configuration files are under /opt/f-secure/fssp (or fsav or ...)

F-secure works as daemon, too. If you define in amavis-configuration file F-secure work as daemon it just works. You should check user and group settings so, that F-secure can write to amavis-owned folders. Maybe adding F-secure to amavis group and giving write-rights to that group helps.

This should be the method to start with. In Fedora also might be some differences in configuring F-secure, but most likely it is possible to get it work with some work.

Kind regards

Jyrki
________________________________________
From: amavis-users [amavis-users-bounces+jyrki.tuohela=cimo.fi at amavis.org] On Behalf Of Alex [mysqlstudent at gmail.com]
Sent: Thursday, June 23, 2016 5:21
To: amavis-users at amavis.org
Subject: F-Secure and failure to start

Hi,
I've installed the downloadable trial version of F-Secure for Linux
(installed on fedora) and it appears to be running properly. However,
amavis doesn't seem to be able to control it.

Jun 22 22:17:56 mail01 amavis[4471]: (04471-01) (!)run_av (F-Secure
Linux Security) FAILED - unexpected exit 1, output="Something wrong in
initializing backend. Code:256\nFATAL: Failed to get configuration"
Jun 22 22:17:56 mail01 amavis[4471]: (04471-01) (!)F-Secure Linux
Security av-scanner FAILED: /usr/bin/fsav unexpected exit 1,
output="Something wrong in initializing backend. Code:256\nFATAL:
Failed to get configuration" at (eval 87) line 905.

Where is the configuration file it is referencing?

This doesn't appear to be using a socket like clamav or sophos use. Is
there a more optimized configuration available that uses the f-secure
socket?

I have the following configuration in my amavisd.conf:

  ### http://www.f-secure.com/ version 9.14
   ['F-Secure Linux Security',
    ['/usr/bin/fsav', 'fsav'],
    '--virus-action1=report --archive=yes --auto=yes '.
    '--list=no --nomimeerr {}', [0], [3,4,6,8],
    qr/(?:infection|Infected|Suspected|Riskware): (.+)/m ],
    # NOTE: internal archive handling may be switched off by '--archive=no'
    #   to prevent fsav from exiting with status 9 on broken archives

Can someone confirm for me that the above is the proper method of
invocation for the current version (11.0 build 79) of f-secure?


More information about the amavis-users mailing list