Browse code
Added note about notification
| ... | ... |
@@ -1,6 +1,10 @@ |
| 1 |
+Mon Apr 9 04:43:54 BST 2007 (njh) |
|
| 2 |
+---------------------------------- |
|
| 3 |
+ * clamav-milter: EXPERIMENTAL: Added not about notifications from |
|
| 4 |
+ the jail |
|
| 1 | 5 |
Mon Apr 9 04:26:56 BST 2007 (njh) |
| 2 | 6 |
---------------------------------- |
| 3 |
- * clamav-milter: EXPERIMENAL: added --chroot |
|
| 7 |
+ * clamav-milter: EXPERIMENTAL: added --chroot |
|
| 4 | 8 |
|
| 5 | 9 |
Fri Apr 6 18:02:02 BST 2007 (njh) |
| 6 | 10 |
---------------------------------- |
| ... | ... |
@@ -373,7 +373,12 @@ need to update the manual page and possibly the usage message as well. |
| 373 | 373 |
|
| 374 | 374 |
6. CHROOT JAIL |
| 375 | 375 |
|
| 376 |
-The instructions will differ for you, but these will give you an idea |
|
| 376 |
+The instructions will differ for you, but these will give you an idea. |
|
| 377 |
+You will have to do a lot of fiddling if you want notifications to work, |
|
| 378 |
+since clamav-milter calls sendmail to handle the notifications and sendmail |
|
| 379 |
+will run of out the same jail. I've not disabled the notifications, but I |
|
| 380 |
+may in the future - for the moment handling notifications in the jail is an |
|
| 381 |
+excercise for the reader. |
|
| 377 | 382 |
|
| 378 | 383 |
mkdir /var/run/clamav-root |
| 379 | 384 |
chown clamav:clamav /var/run/clamav-root |
| ... | ... |
@@ -394,6 +399,14 @@ The instructions will differ for you, but these will give you an idea |
| 394 | 394 |
mkdir usr/local |
| 395 | 395 |
mkdir usr/local/share |
| 396 | 396 |
ln -s ../../../../../../usr/local/share/clamav . |
| 397 |
+ mkdir usr/lib |
|
| 398 |
+ cd usr/lib |
|
| 399 |
+ ln -s ../../../../../usr/lib/sendmail . |
|
| 400 |
+ cd ../.. |
|
| 401 |
+ mkdir dev |
|
| 402 |
+ cd dev |
|
| 403 |
+ mknod null c 1 3 |
|
| 404 |
+ chown clamav:clamav null |
|
| 397 | 405 |
|
| 398 | 406 |
In sendmail.mc: |
| 399 | 407 |
INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav-root/var/run/clamav/clamav.sock, F=T, T=S:4m;R:4m;C:30s;E:10m')dnl |
| ... | ... |
@@ -3594,7 +3594,7 @@ clamfi_eom(SMFICTX *ctx) |
| 3594 | 3594 |
|
| 3595 | 3595 |
cli_dbgmsg("Waiting for %s to finish\n", cmd);
|
| 3596 | 3596 |
if(pclose(sendmail) != 0) |
| 3597 |
- logg(_("%s: Failed to notify clamAV interception - see dead.letter"), sendmailId);
|
|
| 3597 |
+ logg(_("%s: Failed to notify clamAV interception - see dead.letter\n"), sendmailId);
|
|
| 3598 | 3598 |
} else |
| 3599 | 3599 |
logg(_("^Can't execute '%s' to send virus notice"), cmd);
|
| 3600 | 3600 |
} |
| ... | ... |
@@ -6013,7 +6013,8 @@ black_hole(const struct privdata *privdata) |
| 6013 | 6013 |
} |
| 6014 | 6014 |
} |
| 6015 | 6015 |
} |
| 6016 |
- pclose(sendmail); |
|
| 6016 |
+ if(pclose(sendmail) != 0) |
|
| 6017 |
+ must_scan = 1; |
|
| 6017 | 6018 |
} else {
|
| 6018 | 6019 |
logg(_("^Can't execute '%s' to expand '%s'"),
|
| 6019 | 6020 |
cmd, *to); |
| ... | ... |
@@ -51,6 +51,10 @@ Print the version number and exit. |
| 51 | 51 |
.TP |
| 52 | 52 |
\fB-C DIR, \-\-chroot=DIR\fR |
| 53 | 53 |
Run in chroot jail DIR. |
| 54 |
+.IP |
|
| 55 |
+You will have to do a lot of fiddling if you want notifications to work, |
|
| 56 |
+since clamav-milter calls \fBsendmail(8)\fR to handle the notifications and |
|
| 57 |
+sendmail will run of out the same jail. |
|
| 54 | 58 |
.TP |
| 55 | 59 |
\fB\-c FILE, \-\-config\-file=FILE\fR |
| 56 | 60 |
By default clamav\-milter uses a default configuration file, this option allows you to specify another one. |