[rsbac] Dazuko
Amon Ott
ao at rsbac.org
Wed May 4 15:21:37 CEST 2005
On Mittwoch 04 Mai 2005 14:24, Andrea Pasquinucci wrote:
> Sorry for my usual dumb question, I would like to add dazuko+clamav
to
> my rsbac setup, where can I find some instructions on how to do it?
Well, enable DAZ module, create a char device special file /dev/dazuko
with the major given in RSBAC DAZ config and minor 0.
Compile Clamav with Dazuko ("Clamuko") support, install, add Clamuko
directives to clamd.conf. Mark /usr/sbin/clamd as daz_scanner for the
RSBAC DAZ module to allow it to register with the Dazuko interface
and start clamd.
You will see that it is working, if clamd spits out messages about
registration and /proc/rsbac-info/stats shows a growing number of FD
DAZ attribute objects.
> PS. Clamv docs say "you shouldn't run Dazuko on production systems"
is
> it so unstable or ???
Clamav with RSBAC DAZ works very stable on our server systems. I think
the Clamav people have security concerns with standard Dazuko, which
are quite valid. With RSBAC the concerns are no longer valid, because
you can control the whole system.
Amon.
--
http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
More information about the rsbac
mailing list