Clamd and systemd

Arthur Dent misc.lists at blueyonder.co.uk
Wed Sep 19 14:24:19 UTC 2012 

>
> On 9/19/2012 5:47 AM, Arthur Dent wrote:
>>> "What tells it that it is a "scan" service? That bit of the puzzle
>>> seems
>>> to be missing..."
>>>
>>> Whatever is the parameter after the @ and before the dot  becomes %i in
>>> the service file.  Look at the service file:
>>> [Unit]
>>> Description = clamd scanner (%i) daemon
>>> After = syslog.target nss-lookup.target network.target
>>>
>>> [Service]
>>> Type = simple
>>> ExecStart = /usr/sbin/clamd -c /etc/clamd.d/%i.conf --nofork=yes
>>> Restart = on-failure
>>> PrivateTmp = true
>>>
>>> so clamd at scan.service invokes clamd with the scan.conf file as it's
>>> configuration file.
>>> This way you can have multiple clamd services each using a different
>>> config file.  Just create another config file in
>>> /etc/clamd.d/my_config.conf and:
>>> ln -s /lib/systemd/system/clamd at .service
>>> /etc/systemd/system/clamd at my_config.service
>>>
>>> You should have the /etc/clamd.d/scan.conf I think:
>>>
>>> [root at moses shorewall]# rpm -qf /etc/clamd.d/scan.conf
>>> clamav-scanner-0.97.5-1700.fc17.noarch
>> Thank you Bill for a helpful and, more importantly, informative reply. I
>> think this will not only help me to solve my problem but, even better,
>> help me to understand where I was going wrong.
>>
>> As before, I don't have access to the machine right now, so i will try
>> when I get home to work through this and get it right.
>>
>> I will once again report back later...
>>
>> Thanks again. Your help is much appreciated.
>>
>> Mark
>>
>>
>
> You mentioned scanning email.  I run clamav-milter and stop the virus at
> smtp time.  You may find this helpful:
>
[Snip of some very useful stuff]

Thanks (again!) Bill,

That is very interesting. I have to say however, that my machine is a
simple home system serving web and mail for me and my family only.

I collect mail from (several) ISPs using fetchmail and then procmail to
scan (clamd and spamd) and filter into folders.

I am on a dynamic IP address so, whilst I know it is not impossible,
running my own SMTP operation is more work than I wish to take on at this
time. I have thought about this, but I think it will have to be an
iteresting project for when I retire - in about 10yrs time... (unless you
can convice me otherwise!)

Thanks again

Mark

More information about the users mailing list