Re: [Clamav-users] Clamav-milter 0.91.2 problems on FreeBSD 6.2

2007-10-22 Thread Wyle Coyote 
Al
Take the C out for starting unless you are jailing the
process. It should start fine.



--- al [EMAIL PROTECTED] wrote:

 After building the FreeBSD 0.91.2 port to replace
 0.88.5, the milter 
 shuts down as soon as it starts. Here is the
 forground output:
 
 blackwidow# /usr/local/sbin/clamav-milter -CNqlo
 /var/run/clmilter.sock
 WARNING: /usr/local/sbin/clamav-milter: running as
 root is not 
 recommended (check User in /etc/clamd.conf)
 Loaded ClamAV 0.91.2/4546/Sat Oct 20 07:46:40 2007
 ClamAV: Protecting against 159880 viruses
 Nqlo: No such file or directory
 LibClamAV debug: watchdog sleeps
 Stopping ClamAV version 0.91.2, clamav-milter
 version 0.91.2
 LibClamAV debug: Cleaning up phishcheck
 LibClamAV debug: Phishcheck cleaned up
 
 This is the tail of the debug output:
 Loaded ClamAV 0.91.2/4546/Sat Oct 20 07:46:40 2007
 ClamAV: Protecting against 159880 viruses
 LibClamAV debug: Database loaded
 LibClamAV debug: Stat()ing files in /var/db/clamav
 LibClamAV debug: Making
 /var/tmp//clamav-520fc365946e1325ee44c2a88ed7f909
 Nqlo: No such file or directory
 LibClamAV debug: watchdog sleeps
 Stopping ClamAV version 0.91.2, clamav-milter
 version 0.91.2
 LibClamAV debug: Cleaning up phishcheck
 LibClamAV debug: Phishcheck cleaned up
 
 The Nqlo: No such file or directory is the only
 error I can see, but
 I don't know what it refers to. Can some one point
 me in the right 
 direction?
 
 Thanks, Al
 
 ___
 Help us build a comprehensive ClamAV guide: visit
 http://wiki.clamav.net
 http://lurker.clamav.net/list/clamav-users.html
 


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Clamav-milter 0.91.2 problems on FreeBSD 6.2

2007-10-22 Thread Nigel Horne 

al wrote:
After building the FreeBSD 0.91.2 port to replace 0.88.5, the milter 
shuts down as soon as it starts. Here is the forground output:


blackwidow# /usr/local/sbin/clamav-milter -CNqlo /var/run/clmilter.sock
WARNING: /usr/local/sbin/clamav-milter: running as root is not 



The Nqlo: No such file or directory is the only error I can see, but
I don't know what it refers to. Can some one point me in the right 
direction?


It refers to the name of the directory you gave it to chroot to with the -C 
option.


The right direction is man clamav-milter.



Thanks, Al


-Nigel
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

[Clamav-users] Signature precedence

2007-10-22 Thread Karsten Bräckelmann 
I seem to recall I have come across this before, but I just can't find
it. Maybe someone knows off-hand. :)

When using additional, third party signatures, is there any particular
order in the signatures? If both, the official as well as the third
party sigs match, which one is being reported?

  karsten


-- 
char *t=[EMAIL PROTECTED];
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1:
(c=*++x); c128  (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}

___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

[Clamav-users] Moving Infected Files When Clamuko Is In Use

2007-10-22 Thread Sean McGlynn 
It appears that if clamuko is configured to scan a particular directory on 
access, then clamscan does not actually identify the file as an infected file.  
The results of the clamscan show Infected files: 0, even though the directory 
has an infected file (in this case, eicar for testing).  In addition, the move 
option does not work.  It seems that since clamuko is identifying the file as 
infected, clamscan cannot open the file to do its scan, nor can it move the 
file.

Is there some way to correct this?

Thank you.

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Signature precedence

2007-10-22 Thread Noel Jones 
At 12:37 PM 10/22/2007, Karsten Bräckelmann wrote:
When using additional, third party signatures, is there any particular
order in the signatures?

No particular order.

If both, the official as well as the third
party sigs match, which one is being reported?

One or the other will be reported, but not both.  The one actually 
reported is unpredictable.

-- 
Noel Jones 

___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] possible GPG verify problem

2007-10-22 Thread Todd Lyons 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Sun, Oct 21, 2007 at 08:50:17AM -0700, P T wrote:

I downloaded clam av from the clam av site.  However when I check the 
signature I get that basically it isn't a trusted signature.  How am I doing 
this wrong?
# to get the key
 gpg --keyserver random.sks.keyserver.penguin.de --recv-keys 985A444B
# to verifiy the clam file.
  gpg --verify clamav-0.91.2.tar.gz.sig 
  gpg: Signature made Mon 20 Aug 2007 06:21:05 PM CDT using DSA key ID 
 985A444B
 gpg: Good signature from Tomasz Kojm [EMAIL PROTECTED]
 gpg: aka Tomasz Kojm [EMAIL PROTECTED]
 gpg: aka Tomasz Kojm [EMAIL PROTECTED]

See the signature matches (ie the math works to verify that the package
has not been changed since the person with key 985a444b signed it).

 gpg: WARNING: This key is not certified with a trusted signature!   
 gpg:  There is no indication that the signature belongs to the owner.

This just means that *YOU* have not signed the key saying you trust it.
That's normal, you should *NOT* just sign every key you come across.
You should only sign keys of people you have personally met or worked
with.
- -- 
Regards...  Todd
They that can give up essential liberty to obtain a little temporary 
safety deserve neither liberty nor safety.   --Benjamin Franklin
Linux kernel 2.6.22.9-desktop-1mdv   3 users,  load average: 1.00, 0.90, 0.70
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFHHQGpY2VBGxIDMLwRAkDxAJ9KIm68nYxeaxVr4/+t1sC5+RQa3ACdHvLB
AYN26AlEspG7B5GTUIwRRdY=
=xFWv
-END PGP SIGNATURE-
___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

Re: [Clamav-users] Signature precedence

2007-10-22 Thread Karsten Bräckelmann 
On Mon, 2007-10-22 at 14:43 -0500, Noel Jones wrote:
 At 12:37 PM 10/22/2007, Karsten Bräckelmann wrote:
 When using additional, third party signatures, is there any particular
 order in the signatures?
 
 No particular order.
 
 If both, the official as well as the third
 party sigs match, which one is being reported?
 
 One or the other will be reported, but not both.  The one actually 
 reported is unpredictable.

Thanks, Noel. That's exactly what I needed, though I did hope for
another answer. ;)  Guess my logs are just that -- logs. No way to turn
them into half-decent stats, unless I rerun per signature set.

  guenther


-- 
char *t=[EMAIL PROTECTED];
main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;il;i++){ i%8? c=1:
(c=*++x); c128  (s+=h); if (!(h=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}

___
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html