Clamd and systemd
Arthur Dent
misc.lists at blueyonder.co.uk
Wed Sep 19 14:24:19 UTC 2012
>
> On 9/19/2012 5:47 AM, Arthur Dent wrote:
>>> "What tells it that it is a "scan" service? That bit of the puzzle
>>> seems
>>> to be missing..."
>>>
>>> Whatever is the parameter after the @ and before the dot becomes %i in
>>> the service file. Look at the service file:
>>> [Unit]
>>> Description = clamd scanner (%i) daemon
>>> After = syslog.target nss-lookup.target network.target
>>>
>>> [Service]
>>> Type = simple
>>> ExecStart = /usr/sbin/clamd -c /etc/clamd.d/%i.conf --nofork=yes
>>> Restart = on-failure
>>> PrivateTmp = true
>>>
>>> so clamd at scan.service invokes clamd with the scan.conf file as it's
>>> configuration file.
>>> This way you can have multiple clamd services each using a different
>>> config file. Just create another config file in
>>> /etc/clamd.d/my_config.conf and:
>>> ln -s /lib/systemd/system/clamd at .service
>>> /etc/systemd/system/clamd at my_config.service
>>>
>>> You should have the /etc/clamd.d/scan.conf I think:
>>>
>>> [root at moses shorewall]# rpm -qf /etc/clamd.d/scan.conf
>>> clamav-scanner-0.97.5-1700.fc17.noarch
>> Thank you Bill for a helpful and, more importantly, informative reply. I
>> think this will not only help me to solve my problem but, even better,
>> help me to understand where I was going wrong.
>>
>> As before, I don't have access to the machine right now, so i will try
>> when I get home to work through this and get it right.
>>
>> I will once again report back later...
>>
>> Thanks again. Your help is much appreciated.
>>
>> Mark
>>
>>
>
> You mentioned scanning email. I run clamav-milter and stop the virus at
> smtp time. You may find this helpful:
>
[Snip of some very useful stuff]
Thanks (again!) Bill,
That is very interesting. I have to say however, that my machine is a
simple home system serving web and mail for me and my family only.
I collect mail from (several) ISPs using fetchmail and then procmail to
scan (clamd and spamd) and filter into folders.
I am on a dynamic IP address so, whilst I know it is not impossible,
running my own SMTP operation is more work than I wish to take on at this
time. I have thought about this, but I think it will have to be an
iteresting project for when I retire - in about 10yrs time... (unless you
can convice me otherwise!)
Thanks again
Mark
More information about the users
mailing list