Page 1 of 1

ESET integration

Posted: 09 Sep 2018 18:01
by gregecslo
Hi all!

I have EFA latest running with CLAMD and Sophos just fine.
Now I wanted to integrate ESET as well, because we have license for it.
I added "esets" to scanners and installed ESET just fine.

It works, but not with EFA unfortunatley.

Probably because EFA starts it with postfix user and eset denies permission for that.

LOG:
OK SCAN WITH ROOT:

sudo -u root /usr/lib/MailScanner/wrapper/esets-wrapper /opt/eset/esets/sbin /tmp

ESET Command-line scanner, version 4.5.11, (C) 1992-2018 ESET, spol. s r.o.
Using license: LIC HERE (/etc/opt/eset/esets/license/esets_xxxxx.lic)
Module loader, version 1072 (20180813), build 1118
Module perseus, version 1542.1 (20180821), build 1989
Module scanner, version 18023 (20180909), build 38665
Module archiver, version 1277 (20180727), build 1353
Module advheur, version 1189 (20180806), build 1167
Module cleaner, version 1165 (20180824), build 1233

Command line: /tmp

Scan started at: Sun 09 Sep 2018 07:51:52 PM CEST

Scan completed at: Sun 09 Sep 2018 07:52:21 PM CEST
Scan time: 29 sec (0:00:29)
Total: files - 38, objects 53413
Infected: files - 0, objects 0
Cleaned: files - 0, objects 0



FAILED SCANNER INITIALIZATION WHEN RUNNING AS POSTFIX
sudo -u postfix /usr/lib/MailScanner/wrapper/esets-wrapper /opt/eset/esets/sbin /tmp

ESET Command-line scanner, version 4.5.11, (C) 1992-2018 ESET, spol. s r.o.
Using license: LIC HERE (/etc/opt/eset/esets/license/esets_xxxxx.lic)
Scanner initialization failed.
I tried fast test, set EFA to run Mailscanner as root and then esets worked. Sureley I don`t want MailScanner to run as root.
So how to tell MailScanner to run esets with root instead of postfix user?


Second issue is same as here: viewtopic.php?t=1218#p11713
Mailwatch does not recognise eset at all.

Thanks for all help, I`m willing to produce logs, share config etc to make this fine product even better!

Re: ESET integration

Posted: 09 Sep 2018 21:08
by shawniverson
A workaround for now would be to edit the esets-wrapper to exec the esets using sudo and to make an entry in the sudoers file based on the command issued in the wrapper. That way MailScanner is not elevated to root.

Re: ESET integration

Posted: 09 Nov 2018 22:46
by gonzalezroda
Hi gregecslo,
Can you share how do you make EFA run as root? I'm stuck on the same thing.

Re: ESET integration

Posted: 02 Jan 2019 12:01
by nicola.piazzi
vi /usr/lib/MailScanner/wrapper/esets-wrapper
change this :
exec ${PackageDir}/$Prog "$@"
with this :
exec sudo ${PackageDir}/$Prog "$@"

vi /etc/sudoers.d/Postfix (new file)
Insert this line and save :
postfix ALL=(ALL) NOPASSWD: /opt/eset/esets/sbin/esets_scan


now MailScanner --lint

Re: ESET integration

Posted: 05 Jan 2019 18:43
by shawniverson