Linux HOWTOs
ERROR: Slooooow dooooown... this page load was delayed.
HOWTO: sophie
Description: A anti-virus daemon that uses libsavi from Sophos
Click here for ChangeLog
NOTE: I use GNU tar >= 1.13.25 so it's -j for .tar.bz2 files,
it's safe to assume that make, gcc, binutils, fileutils/coreutils, gawk, sed, and grep are prerequisites for almost everything
# sophie # ====== # Sophie is a daemon that uses the libsavi library from Sophos (you have to # buy Sophos for it's virus database and engine). I haven't used it in a # few years since finishing with two clients that used it. I tried to # contact Sophos and a Sophos distributor about licensing it myself, but # didn't get any response. So, I have no plans for updating this in the # future, but I will try to at least keep the home page and download URLs set # to valid ones. # # HEY YOU - LOOK HERE: I don't use Sophie any more. This is for the # unbelievable number of people that have written to me about it after # supposedly reading the paragraph above. I'll be happy to fix broken URLs # and update notes to reflect new versions that are available, but I won't # be updating the sophos-update.pl script (except to fix bugs) or the # versions of Sophie that are covered below. # As of the last time I updated this, the latest version of Sophie is # 3.04 The last version that I have actually tried is 3.04rc1, which # is the version shown below. # Create the directories to put everything into mkdir -p -m 0700 ~/installed/sophie ~/src/sophie # Sophos SAVI # =========== # Go to www.sophos.com and download the evaluation of Sophos for Linux # (or of course the regular version if you've licensed it) and put it in ~ # Watch out for that incredibly vague filename: linux.intel.libc6.tar.Z... # (don't leave it there and forget what it is <g>) If you don't use # Linux, mentally adjust the filename accordingly. # Running the install script as shown below may not work with older versions # of sophos, it has added/changed some options recently. cd ~/src/sophie test -d ./sav-install && rm -r ./sav-install tar xzvf ~/linux.intel.libc6.tar.Z cd sav-install test $UID = 0 && chown -R root:root . # Become root to install it su test -d /usr/local/sav && ( cd /usr/local/sav ; rm -f *.ide vdl-*.dat ) find /usr/local/lib -type f -name "libsavi.so.*" -exec rm {} \; ./install.sh -ni -so ldconfig # Become yourself again exit cd mv -f linux.intel.libc6.tar.Z installed/sophie/ # sophie 3.04rc1 # ============== cd test -f installed/sophie/sophie-3.04rc1.tar.bz2 && mv installed/sophie/sophie-3.04rc1.tar.bz2 . test ! -f sophie-3.04rc1.tar.bz2 && wget http://www.vanja.com/tools/sophie/sophie-3.04rc1.tar.bz2 # Verify tarball w/ gpg: ( gpg --list-keys C13149EA > /dev/null 2>&1 || lynx -dump http://www.vanja.com/pgpkey.txt | gpg --import - ) && wget http://www.vanja.com/tools/sophie/sophie-3.04rc1.tar.bz2.asc && gpg --verify sophie-3.04rc1.tar.bz2.asc && rm sophie-3.04rc1.tar.bz2.asc cd sophie find -type d -maxdepth 1 -name "sophie-*" -exec rm -r {} \; tar xjvf ~/sophie-3.04rc1.tar.bz2 cd sophie-3.04rc1 test $UID = 0 && chown -R root:root . # Patch it to fix another bug: wget -nc http://englanders.cc/pub/linux/patches/notmine/sophie_scandir.diff && patch < sophie_scandir.diff ./configure make # Become root to install it su test ! -f /usr/local/etc/sophie.savi && cp etc/sophie.savi /usr/local/etc/ test ! -f /usr/local/etc/sophie.cfg && cp etc/sophie.cfg /usr/local/etc/ cp sophie.8 /usr/local/man/man8/ # If you're upgrading a version that's already running, kill sophie, cp it, # then start it. Something like this should do it: #killall sophie ; sleep 1 ; killall -9 sophie ; \ #cp sophie /usr/local/sbin/ ; /usr/local/sbin/sophie -D # If sophie is not running: cp sophie /usr/local/sbin/ # Become yourself again exit cd rm -f installed/sophie/sophie-*.tar.* mv sophie-3.04rc1.tar.bz2 installed/sophie/ # For a sample sophie.cfg that'll work with MIMEDefang (last updated for # version 3.03), look here: # http://englanders.cc/pub/misc/sophie.cfg # Skip down to the bottom for a script that'll download virus signatures # sophie 1.44 # =========== # Sophie uses the libsavi library that comes with the Sophos package above cd test -f installed/sophie/sophie-1.44.tar.bz2 && mv installed/sophie/sophie-1.44.tar.bz2 . test ! -f sophie-1.44.tar.bz2 && wget http://www.vanja.com/tools/sophie/sophie-1.44.tar.bz2 # Verify tarball w/ gpg: ( gpg --list-keys C13149EA > /dev/null 2>&1 || lynx -dump http://www.vanja.com/pgpkey.txt | gpg --import - ) && wget http://www.vanja.com/tools/sophie/sophie-1.44.tar.bz2.asc && gpg --verify sophie-1.44.tar.bz2.asc && rm sophie-1.44.tar.bz2.asc cd sophie find -type d -maxdepth 1 -name "sophie-*" -exec rm -r {} \; tar xjvf ~/sophie-1.44.tar.bz2 cd sophie-1.44 test $UID = 0 && chown -R root:root . # If you're _not_ going to run sophie with MIMEDefang just run a plain old # ./configure # If you are going to run sophie with MIMEDefang, something like this # should work. Replace /ram/MIMEDefang with your MD spool directory # (yours may be /var/spool/MIMEDefang) and --with-user/group should point # to the user that MD runs as (yours may be defang) ./configure \ --with-socketfile=/ram/MIMEDefang/sophie \ --with-pidfile=/ram/MIMEDefang/sophie.pid \ --with-user=mdefang \ --with-group=mdefang make # Become root to install it su # If you're upgrading a version that's already running, kill sophie, cp it, # then start it. Something like this should do it: #killall sophie ; sleep 1 ; killall -9 sophie ; \ #cp sophie /usr/local/sbin/ ; /usr/local/sbin/sophie -D # If sophie is not running: cp sophie /usr/local/sbin/ # Become yourself again exit cd rm -f installed/sophie/sophie-*.tar.* mv sophie-1.44.tar.bz2 installed/sophie/ # If you don't already have one, this Perl script (open it for settings) can # be used to update the virus signatures: # Become root to install it su cd /usr/local/sbin wget -N http://englanders.cc/pub/linux/misc/sophos-update.pl chmod 700 sophos-update.pl perl -MCPAN -e shell install Archive::Zip install LWP::Simple exit ## Sample cron job to run it at 3:02am # 2 3 * * * /usr/local/sbin/sophos-update.pl # If you run a recent version of Slackware, rather than adding something # like that line above to root's crontab you can create a /etc/cron.daily # script: cat <<EOF > /etc/cron.daily/sophos-update.sh #!/bin/sh /usr/local/sbin/sophos-update.pl EOF chmod 700 /etc/cron.daily/sophos-update.sh # Become yourself again exit
Last updated: Tue, 07 Aug 2018 12:06:17 -0400 Jason Englander <jason at englanders dot us> |
![]() ![]() ![]() |