ESET integration

General E.F.A. discussion
Post Reply
gregecslo
Posts: 6
Joined: 09 Sep 2018 17:55

ESET integration

Post by gregecslo » 09 Sep 2018 18:01

Hi all!

I have EFA latest running with CLAMD and Sophos just fine.
Now I wanted to integrate ESET as well, because we have license for it.
I added "esets" to scanners and installed ESET just fine.

It works, but not with EFA unfortunatley.

Probably because EFA starts it with postfix user and eset denies permission for that.

LOG:
OK SCAN WITH ROOT:

sudo -u root /usr/lib/MailScanner/wrapper/esets-wrapper /opt/eset/esets/sbin /tmp

ESET Command-line scanner, version 4.5.11, (C) 1992-2018 ESET, spol. s r.o.
Using license: LIC HERE (/etc/opt/eset/esets/license/esets_xxxxx.lic)
Module loader, version 1072 (20180813), build 1118
Module perseus, version 1542.1 (20180821), build 1989
Module scanner, version 18023 (20180909), build 38665
Module archiver, version 1277 (20180727), build 1353
Module advheur, version 1189 (20180806), build 1167
Module cleaner, version 1165 (20180824), build 1233

Command line: /tmp

Scan started at: Sun 09 Sep 2018 07:51:52 PM CEST

Scan completed at: Sun 09 Sep 2018 07:52:21 PM CEST
Scan time: 29 sec (0:00:29)
Total: files - 38, objects 53413
Infected: files - 0, objects 0
Cleaned: files - 0, objects 0



FAILED SCANNER INITIALIZATION WHEN RUNNING AS POSTFIX
sudo -u postfix /usr/lib/MailScanner/wrapper/esets-wrapper /opt/eset/esets/sbin /tmp

ESET Command-line scanner, version 4.5.11, (C) 1992-2018 ESET, spol. s r.o.
Using license: LIC HERE (/etc/opt/eset/esets/license/esets_xxxxx.lic)
Scanner initialization failed.
I tried fast test, set EFA to run Mailscanner as root and then esets worked. Sureley I don`t want MailScanner to run as root.
So how to tell MailScanner to run esets with root instead of postfix user?


Second issue is same as here: viewtopic.php?t=1218#p11713
Mailwatch does not recognise eset at all.

Thanks for all help, I`m willing to produce logs, share config etc to make this fine product even better!

User avatar
shawniverson
Posts: 2611
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: ESET integration

Post by shawniverson » 09 Sep 2018 21:08

A workaround for now would be to edit the esets-wrapper to exec the esets using sudo and to make an entry in the sudoers file based on the command issued in the wrapper. That way MailScanner is not elevated to root.
Version 3.0.2.6 released! Update now to keep your eFa secure!

gonzalezroda
Posts: 7
Joined: 17 Dec 2016 22:03

Re: ESET integration

Post by gonzalezroda » 09 Nov 2018 22:46

Hi gregecslo,
Can you share how do you make EFA run as root? I'm stuck on the same thing.

Post Reply