sure, that's fine, I used your script on a very busy production server,
all went fine
I just had to make a little change for compatibility with some of my scripts
I d suggest one thing, in scan.conf
I did change that to /var/run/clamd.scan/clamd.pid|clamd.sock
I changed it to keep it compatible with
extremeshok <https://github.com/extremeshok> / *clamav-unofficial-sigs
On 6/23/20 11:33 PM, Eric Broch wrote:
Yes, I decided to go with EPEL ClamAV because I don't see a reason not
to. It does the same thing with minor changes and someone else takes
care of the RPMS. And, updates are faster.
Other than the name of the service only the below user/group changes
chown clamscan:root /var/qmail/simscan
chown clamscan:root /var/qmail/bin/simscan
chown -R clamscan:clamscan /var/log/clamd
chown -R clamupdate:clamupdate /var/lib/clamav
The permissions do not change. I just put them in the script just to
make sure after update.
The signature library after QMT clamav is removed has owner 46 group
46 which is the deleted clamav user and group. Scanning works just
fine like this however I wanted things clean and changed user and
group to clamupdate for those signatures.
I have tested this on several production machines and all seems to
work well. I'd like to know if problems occur. If they do one could
revert; however, I don't foresee any issues.
On 6/23/2020 2:14 PM, Philip Nix Guru wrote:
so that's the new way to go for clamav ?
Script for upgrade looks simple, I am not too fond of changing user
and ownership (thank you epel)
if you use extra scripts for un official sigs it can lead to some
Who tested the move to epel clamav tree ?
On 6/23/20 5:01 PM, Eric Broch wrote:
On 6/22/2020 11:39 PM, ChandranManikandan wrote:
I received below two virus notifications in my logwatch report. How
do I protect from virus protection?
Eric: Any possible chances to update the latest clamav, have you
upload the latest clamav epel.
Please assist me.
Some few spam emails with the same subject with different email
addresses received everyday.
I have blocked on spamassassin and spamdyke. but still received.
Any further attacks happened.
I am running CSF & Fail2ban.
Anyone assist me.
Email.Phishing.VOF1-6297424-0: 1 Time(s)
Heuristics.Phishing.Email.SpoofedDomain: 3 Time(s)
Virus database reloaded 2 time(s) (last time with 7343939 viruses)