From owner-freebsd-ports@FreeBSD.ORG Fri Feb 27 07:45:02 2004 Return-Path: Delivered-To: freebsd-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BFF0316A4CE for ; Fri, 27 Feb 2004 07:45:02 -0800 (PST) Received: from smtp-out5.xs4all.nl (smtp-out5.xs4all.nl [194.109.24.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id C96CA43D2F for ; Fri, 27 Feb 2004 07:45:01 -0800 (PST) (envelope-from mhellwig@xs4all.nl) Received: from xs4all.nl (xinagnet.xs4all.nl [80.126.243.229]) by smtp-out5.xs4all.nl (8.12.10/8.12.10) with ESMTP id i1RFixn1044936; Fri, 27 Feb 2004 16:44:59 +0100 (CET) Message-ID: <403F660C.7040304@xs4all.nl> Date: Fri, 27 Feb 2004 16:45:16 +0100 From: "Martin P. Hellwig" User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.6) Gecko/20040218 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Marius Strobl References: <403A7649.20306@xs4all.nl> <20040223234640.A48708@newtrinity.zeist.de> In-Reply-To: <20040223234640.A48708@newtrinity.zeist.de> Content-Type: multipart/mixed; boundary="------------060003030301030600070803" cc: freebsd-ports@freebsd.org Subject: Re: security/antivir-milter won't start correctly X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Feb 2004 15:45:02 -0000 This is a multi-part message in MIME format. --------------060003030301030600070803 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Marius Strobl wrote: >This is a known problem, also to the vendor, see: >www.free-av.de/cgi-bin/ubb/ultimatebb.cgi?ubb=get_topic&f=20&t=000089 >(mainly in German, but also some English). >I'm not aware of a reliable workaround and as this is a binary port >there's unfortunately not that much that can be done in the port about >it. > > > I've got a workaround :-), check the attachement for more info. But I'm curios if this also works on other machines then my own. I will post it on there forum too. Mit freundlischen gruss, Martin P. Hellwig --------------060003030301030600070803 Content-Type: text/plain; name="antivir-milter.sh" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="antivir-milter.sh" #! /bin/sh ################################################################################################################################# #Scriptversion 0.05 %2004-02-27:M.P.Hellwig% # # This scripts is targeted for FreeBSD 5.x (build and tested on current cvsup build 2004 FEB 23 14:55) # It is based upon the script from the port /security/antivir-milter by marius@alchemy.franken.de and the original scripts from # H+EDV Datentechnik GmbH, a german company which owns, builds, maintains and sells AntiVir. # The reason I build this script was to debug the odd behaviour that the socket seems to be only created if the script was run # after boot time. # I discoverd with the help of this script that the socket actually is created at boot time but is deleted after the boot shell # detaches from the script. This script runs the start in the background which seems to resolve that behaviour. # WARNING! # I assumed in this script that all files which are needed by the binaries avmiller and antivir are in one and the same directory # and that sendmail is the default installation configured at /etc/mail/. # The default port installation places the antivir.conf and the avmilter.conf in /usr/local/etc and the other files in # /usr/local/AntiVir (notice the capitalization), I advice to put all files in /usr/local/AntiVir and create a symbolic link back # if you really can't get used to the place of the configuration files, overwrite the original rc.d script with this one. # # With this said it rests me to point out that there are some variables to set , just keep reading on,it explains itself ,I hope. # Also be sure to adapt the AntiVir configuration files too, if done adapting those files and this script you can run this script # with the options "vars" and "test" to look for the obvious errors. # The options "status" checks if there is a PID and a socket, do use "update" often and reguluar for obvious reasons. # If you still have to configure sendmail checkout the option "mc" which is by the way the recommend way to configure sendmail. # However the option "cf" provided is for the easy way out. # For both ways of configuring be carefull ,you can whipe your'e entire sendmail config with a single "clicker-de-click-click" ################################################################################################################################# # DISCLAIMER DISCLAIMER DISCLAIMER DISCLAIMER DISCLAIMER DISCLAIMER DISCLAIMER DISCLAIMER DISCLAIMER DISCLAIMER ################################################################################################################################# # Which reminds me to remind you that I'm not responisble if this scripts ruins your'e sendmail/server/day/job/life/etc. etc. # And by the way I am NOT associated with H+BEDV Datentechnik GmbH in any way, neither with FreeBSD, just a happy user. # # like always, have fun! # # Martin P. Hellwig # mhellwig@xs4all.nl (private) # martin at huygenslyceum dot nl (work didn't recieve to much spam ,wanna keep it that way) ################################################################################################################################# # set the variables (those values between " and " ) # NAME is set to whatever you wan't to see it in the messages # AVMSBINBATH should be set to were the avmilter binary is, do the same for ANTIVIRBIN # the only reason I need to know the location of ANTIVIRBIN is to support update in this script ################################################################################################################################# NAME="antivir-milter"; export NAME AVMSBINPATH="/usr/local/sbin/avmilter"; export AVMSBINPATH ANTIVIRBIN="/usr/local/AntiVir/antivir"; export ANTIVIRBIN ################################################################################################################################# # these variables are all about what you fill in after "PATH/avmilter -C ..." ################################################################################################################################# AVCONFPATH="/usr/local/AntiVir"; export AVCONFPATH AVMINCFILE="avmilter.conf"; export AVMINCFILE ################################################################################################################################# # these variable is all about what you fill in after "PATH/antivir -C ..." # if you didn't know, the antivir binary is a CLI file scan console which can also be used to scan files on your'e drives, # if you did know well sorry then ################################################################################################################################# ANTIVIRCONF="/usr/local/AntiVir/antivir.conf"; export ANTIVIRCONF ################################################################################################################################# # these variables are quite important because they dictate your'e socket which is used to communicate with sendmail, # (FWIK) there are 2 options for AVMINP (local|inet) and depending on what you choose the other variables are set accordingly # ############################################################################################################################## # if you choose (local) then SOCKHOSTPATH must be set to the directory where you place the sock and # SOCKNAMEPORT must be set to the file name, DO NOT fill in trailing slash in SOCKHOSTPATH or a beginning slash at SOCKNAMEPORT # ############################################################################################################################## # if you choose (inet) then SOCKHOSTPATH should be set to the name of the system, filling in "localhost" is probably the best # option, SOCKNAMEPORT is set to the port , for some reason H+BEDV uses port number 3333 in there scripts, another best option ################################################################################################################################# AVMINP="local"; export AVMINP SOCKHOSTPATH="/usr/local/AntiVir"; export SOCKHOSTPATH SOCKNAMEPORT="avmilter.sock"; export SOCKNAMEPORT ################################################################################################################################# # if you wish you can stop now and save the changes, only silly jokes and internal stuff following # don't change things after this line , exept if you know what your'e doing (that excludes me) ################################################################################################################################# ################################################################################################################################# AVKEY="hbedv.key"; export AVKEY AVVDF="antivir.vdf"; export AVVDF ################################################################################################################################# # internal variables, if your'e still reading I figure you can figure out yourself what the variable do ################################################################################################################################# AVMINC="$AVCONFPATH/$AVMINCFILE"; export AVMINC AVKEYP="$AVCONFPATH"/"$AVKEY"; export AVKEYP AVVDFP="$AVCONFPATH"/"$AVVDF"; export AVVDFP SLEEPK="2"; export SLEEPT ################################################################################################################################# # even some more internal variables, but the export variable depends of what type of socket port you wish to use ################################################################################################################################# case "$AVMINP" in local) AVSOCK="$AVMINP:$SOCKHOSTPATH/$SOCKNAMEPORT"; export AVSOCK SOCKPATH="$SOCKHOSTPATH/$SOCKNAMEPORT"; export SOCKPATH ;; inet) AVSOCK="$AVMINP:$SOCKNAMEPORT@$SOCKHOSTPATH"; export AVSOCK ;; *) echo "WARNING port type not correctly defined, Usage: {local|inet}" exit 1 esac ################################################################################################################################# # exporting the full avmilter start command because I'm to lazy to type it ################################################################################################################################# STARTAV="$AVMSBINPATH -C $AVMINC -p $AVSOCK"; export STARTAV AVUPBIN="$ANTIVIRBIN -C $ANTIVIRCONF"; export AVUPBIN ################################################################################################################################# # this variables is set to test if avmilter is running already, variable will be refreshed at "killAvmilter" where it loops with # a pause (SLEEPK) till all instances of avmilter are dead, this could result in an infinite loop if avmilter doesn't die ################################################################################################################################# AVPIDX=`ps -axw | grep -v "grep" | grep "$AVMSBINPATH"`X; export AVPIDX ################################################################################################################################# # and here starts the actually script ################################################################################################################################# ################################################################################################################################# case "$1" in start) echo -n $NAME && "$0" silentStart & ;; stop) echo "Stopping "$NAME "$0" silentStop ;; restart) echo $NAME "restart " "$0" silentStart && "$0" status ;; update) $AVUPBIN --update ;; silentStart) "$0" nonVerboseTest #"$0" silentStop $STARTAV ;; silentStop) "$0" killAvmilter "$0" removeSocket ;; status) case "$AVPIDX" in X) echo "WARNING "$NAME" is not started " exit 1 ;; *) echo $NAME "is running" case "$AVMINP" in local) echo "Socket type is configured as "$AVSOCK if [ -S $SOCKPATH ] then echo "Socket was created succesfully! " exit 0 else echo "WARNING! no socket found!" exit 1 fi ;; inet) echo "Socket type is configured as a network socket at "$AVSOCK NETSOCKTEST=`netstat -f inet -p tcp -n | grep $SOCKNAMEPORT`X; export NETSOCKTEST case $NETSOCKTEST in X) echo "WARNING! no socket found!" exit 1 ;; *) echo "Socket was created succesfully! " exit 0 esac ;; *) echo "WARNING port type not correctly defined, Usage: {local|inet}" exit 1 esac ;; esac ;; vars) echo echo " NAME= "$NAME echo "AVMSBINPATH= "$AVMSBINPATH echo " ANTIVIRBIN= "$ANTIVIRBIN echo "ANTIVIRCONF= "$ANTIVIRCONF echo " AVMINC= "$AVMINC echo " AVSOCK= "$AVSOCK echo " AVKEYP= "$AVKEYP echo " AVVDFP= "$AVVDFP echo " STARTAV= "$STARTAV echo " AVUPBIN= "$AVUPBIN exit 0 ;; test) TESTFAILURE="EMPTY"; export TESTFAILURE echo echo "####### AntiVir Checklist ####################################################" if [ -x $AVMSBINPATH ] then echo "Milter binary is in the path and is executable----------------------------[OK]" else echo "Milter binary is in the path and is executable-----------------------[FAILURE]" TESTFAILURE="FAILED"; export TESTFAILURE fi if [ -x $ANTIVIRBIN ] then echo "Scanner binary is in the path and is executable---------------------------[OK]" else echo "Scanner binary is in the path and is executable----------------------[FAILURE]" TESTFAILURE="FAILED"; export TESTFAILURE fi if [ -f $AVMINC ] then echo "Milter configuration file exists -----------------------------------------[OK]" else echo "Milter configuration file exists ------------------------------------[FAILURE]" TESTFAILURE="FAILED"; export TESTFAILURE fi if [ -f $ANTIVIRCONF ] then echo "Scanner configuration file exists ----------------------------------------[OK]" else echo "Scanner configuration file exists -----------------------------------[FAILURE]" TESTFAILURE="FAILED"; export TESTFAILURE fi if [ -e $AVKEYP ] then echo "License key exists -------------------------------------------------------[OK]" else echo "License key exists --------------------------------------------------[FAILURE]" TESTFAILURE="FAILED"; export TESTFAILURE fi if [ -e $AVVDFP ] then echo "Antivirus definition file exists -----------------------------------------[OK]" else echo "Antivirus definition file exists ------------------------------------[FAILURE]" TESTFAILURE="FAILED"; export TESTFAILURE fi if [ $TESTFAILURE = "FAILED" ] then echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" echo "!---------------- Test FAILED check your'e configuration --------------------!" echo "!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!" exit 1 else echo "##############################################################################" echo "Files appear to exists like set in this script, so the test is succesfull :-) " echo " But remember this test is far from complete! " echo "##############################################################################" exit 0 fi ;; nonVerboseTest) TESTFAILURE="EMPTY"; export TESTFAILURE if [ -x $AVMSBINPATH ] then else TESTFAILURE="FAILED"; export TESTFAILURE fi if [ -x $ANTIVIRBIN ] then else TESTFAILURE="FAILED"; export TESTFAILURE fi if [ -f $AVMINC ] then else TESTFAILURE="FAILED"; export TESTFAILURE fi if [ -f $ANTIVIRCONF ] then else TESTFAILURE="FAILED"; export TESTFAILURE fi if [ -e $AVKEYP ] then else TESTFAILURE="FAILED"; export TESTFAILURE fi if [ -e $AVVDFP ] then else TESTFAILURE="FAILED"; export TESTFAILURE fi if [ $TESTFAILURE = "FAILED" ] then echo "Pre-start AntiVir checkup failed, AntiVir miller,failed to start, run test" exit 1 else fi ;; removeSocket) case "$AVMINP" in local) if [ -S $AVSOCK ] then rm -f $AVSOCK else fi ;; *) esac ;; killAvmilter) case "$AVPIDX" in X) ;; *) until test "$AVPIDX" = "X" do killall avmilter sleep $SLEEPK AVPIDX=`ps -axw | grep -v "grep" | grep "$AVMSBINPATH"`X; export AVPIDX done esac ;; mc) case "$AVMINP" in local) echo echo "INPUT_MAIL_FILTER(\`$NAME',S=unix:$SOCKPATH, F=T, T=S:10m;R:10m;E:5m')" echo echo "# put the above line (its only _one_single_ line, don't spread it)" echo "# in your'e /etc/mail/"`hostname`".mc" echo "# execute \"make cf\" in /etc/mail/ " echo "# then \"cp /etc/mail/"`hostname`".cf /etc/mail/sendmail.cf\"" echo "# if you cant't find /etc/mail/"`hostname`".mc then " echo "# read /etc/mail/README first do the thing it says and return" ;; inet) echo echo "INPUT_MAIL_FILTER(\`$NAME',S=$AVSOCK, F=T, T=S:10m;R:10m;E:5m')" echo echo "# put the above line (its only _one_single_ line, don't spread it)" echo "# in your'e /etc/mail/"`hostname`".mc" echo "# execute \"make cf\" in /etc/mail/ " echo "# then \"cp /etc/mail/"`hostname`".cf /etc/mail/sendmail.cf\"" echo "# if you cant't find /etc/mail/"`hostname`".mc then " echo "# read /etc/mail/README first do the thing it says and return" ;; *) esac ;; cf) case "$AVMINP" in local) echo echo "O InputMailFilters=$NAME" echo "X"$NAME", S=unix:$SOCKPATH, F=T, T=S:10m;R:10m;E:5m'" echo echo "# put the above 2 lines (only 2 single lines , don't spread it)" echo "# in your'e /etc/mail/sendmail.cf and then restart sendmail" ;; inet) echo echo "O InputMailFilters=$NAME" echo "X"$NAME", S=$AVSOCK, F=T, T=S:10m;R:10m;E:5m'" echo echo "# put the above 2 lines (only 2 single lines , don't spread it)" echo "# in your'e /etc/mail/sendmail.cf and then restart sendmail" ;; *) esac ;; *) echo "Usage: `basename $0` {start|stop|restart|update|status|vars|test|mc|cf}" >&2 exit 1 esac exit 0 --------------060003030301030600070803--