|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: aliases pointed at commands, WAS: Re: MyDoom war front (Postfix + Vexira Antivirus)
From: Ray Anderson (rsa
rb-com.com)
Date: Mon Feb 02 2004 - 11:52:22 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
In the docs, it says if the command isn't launched with specific user
permissions, it becomes the owner of the file aliases.db.
I changed the owner of that file to postfix, and then gave postfix the
permissions to run the script.
-=Ray
---------------------------------------
Orders to protect fixed objects are very much disliked by fighter pilots.
Their element is to attack, to track, to hunt, and to destroy the enemy.
Only in this way can the eager and skillful fighter pilot display his
abilities to the full. Tie him to a narrow and confined task, rob him of his
initiative, and you take away from him the best and most valuable qualities
he possesses: aggressive spirit, joy of action, and the passion of the
hunter.
Lt. General Adolph Galland, Luftwaffe
> -----Original Message-----
> From: owner-postfix-userspostfix.org
> [mailto:owner-postfix-userspostfix.org] On Behalf Of Leeman Strout
> Sent: Monday, February 02, 2004 9:47 AM
> To: Postfix users
> Subject: aliases pointed at commands, WAS: Re: MyDoom war
> front (Postfix + Vexira Antivirus)
>
>
> Noel Jones wrote:
>
> > At 05:35 PM 1/29/04, Luca Berra wrote:
> >
> >> On Thu, Jan 29, 2004 at 01:15:42PM -0600, Noel Jones wrote:
> >>
> >>> Clamav released a definition (they call it Worm.SCO.A) at
> >>> 26-Jan-2004 20:23 GMT.
> >>>
> >>> My server downloaded the definitions at 20:35 GMT
> (download trigged by
> >>> an annoucement email).
> >
> >
> >> could you detail how you handle this?
> >
> >
> > Well, pretty simpleminded really.
> > I created a local "clamupdate" alias and signed it up for the
> > clamav-virusdb announcement mail list.
> > Then I added a local alias entry like:
> > clamupdate: |/usr/local/bin/freshclam.script
> >
> > The script then runs freshclam, and mails me what happened.
> >
> > (all on one line)
> > /usr/local/bin/freshclam --log-verbose
> --log=/var/log/clam-update.log
> > --on-error-execute='echo
> > freshclam.script FAILED | /usr/local/bin/mutt -s "freshclam.script
> > **FAILED**" postmasterlocalhost
> > ' --on-update-execute='echo freshclam.script update OK |
> > /usr/local/bin/mutt -s "freshclam.script upda
> > te success" postmasterlocalhost'
> >
> > If you use procmail, you could just create a filter that finds mail
> > containing:
> > Subject: [Clamav-virusdb] Update
> > and then runs the script. I don't know the procmail
> syntax, but I bet
> > it's pretty simple.
>
> I'm attempting to do the above with Sophos. My main problem is
> permissions as the script is executed as user nobody. What
> would be the
> "right" way to deal with this? I don't exactly like the idea
> of giving
> "nobody" permissions on removing/updating my AV setup.
>
>
> Thanks,
> Leeman
>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]