ESET integration

General eFa discussion
Post Reply
gregecslo
Posts: 52
Joined: 09 Sep 2018 17:55

ESET integration

Post by gregecslo »

Hi all!

I have EFA latest running with CLAMD and Sophos just fine.
Now I wanted to integrate ESET as well, because we have license for it.
I added "esets" to scanners and installed ESET just fine.

It works, but not with EFA unfortunatley.

Probably because EFA starts it with postfix user and eset denies permission for that.

LOG:
OK SCAN WITH ROOT:

sudo -u root /usr/lib/MailScanner/wrapper/esets-wrapper /opt/eset/esets/sbin /tmp

ESET Command-line scanner, version 4.5.11, (C) 1992-2018 ESET, spol. s r.o.
Using license: LIC HERE (/etc/opt/eset/esets/license/esets_xxxxx.lic)
Module loader, version 1072 (20180813), build 1118
Module perseus, version 1542.1 (20180821), build 1989
Module scanner, version 18023 (20180909), build 38665
Module archiver, version 1277 (20180727), build 1353
Module advheur, version 1189 (20180806), build 1167
Module cleaner, version 1165 (20180824), build 1233

Command line: /tmp

Scan started at: Sun 09 Sep 2018 07:51:52 PM CEST

Scan completed at: Sun 09 Sep 2018 07:52:21 PM CEST
Scan time: 29 sec (0:00:29)
Total: files - 38, objects 53413
Infected: files - 0, objects 0
Cleaned: files - 0, objects 0



FAILED SCANNER INITIALIZATION WHEN RUNNING AS POSTFIX
sudo -u postfix /usr/lib/MailScanner/wrapper/esets-wrapper /opt/eset/esets/sbin /tmp

ESET Command-line scanner, version 4.5.11, (C) 1992-2018 ESET, spol. s r.o.
Using license: LIC HERE (/etc/opt/eset/esets/license/esets_xxxxx.lic)
Scanner initialization failed.
I tried fast test, set EFA to run Mailscanner as root and then esets worked. Sureley I don`t want MailScanner to run as root.
So how to tell MailScanner to run esets with root instead of postfix user?


Second issue is same as here: viewtopic.php?t=1218#p11713
Mailwatch does not recognise eset at all.

Thanks for all help, I`m willing to produce logs, share config etc to make this fine product even better!
User avatar
shawniverson
Posts: 3644
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: ESET integration

Post by shawniverson »

A workaround for now would be to edit the esets-wrapper to exec the esets using sudo and to make an entry in the sudoers file based on the command issued in the wrapper. That way MailScanner is not elevated to root.
gonzalezroda
Posts: 7
Joined: 17 Dec 2016 22:03

Re: ESET integration

Post by gonzalezroda »

Hi gregecslo,
Can you share how do you make EFA run as root? I'm stuck on the same thing.
nicola.piazzi
Posts: 388
Joined: 23 Apr 2015 09:45

Re: ESET integration

Post by nicola.piazzi »

vi /usr/lib/MailScanner/wrapper/esets-wrapper
change this :
exec ${PackageDir}/$Prog "$@"
with this :
exec sudo ${PackageDir}/$Prog "$@"

vi /etc/sudoers.d/Postfix (new file)
Insert this line and save :
postfix ALL=(ALL) NOPASSWD: /opt/eset/esets/sbin/esets_scan


now MailScanner --lint
User avatar
shawniverson
Posts: 3644
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: ESET integration

Post by shawniverson »

Post Reply