[Avcheck] Monitoring [was: Running kavdaemon supervised]
Ralf Hildebrandt
Ralf.Hildebrandt@charite.de
Fri, 19 Oct 2001 15:33:54 +0200
On Fri, Oct 19, 2001 at 05:24:28PM +0400, Michael Tokarev wrote:
> The whole point (monitoring an antivirus) sounds interesting to me.
:)
> But instead of just monitor the presence of a daemon, I'd try to do
> more "clever" thing, that is to watch maillog for deferrals from
> avcheck/avscan/whatever transport. This approach is more general
> at least, and can help with other issues as well.
You mean: If there is a deferral due to the transport being unavailable,
check for kavdaemon's status?
> solution for the deferals was shown. Now I have an idea.
;-)
> How about adding small daemon that will watch the logfile for avcheck
> deferred patterns (similar to e.g. dracd and pop-before-smtp) or
> something like that (various different ways, e.g. modifying avcheck
> so it will do some actions itself in parallel to returning text
> back to MTA), that will take appropriate actions based on found
> conditions. Possible actions are, for example, restarting av
> daemon in case it dead, sending postmaster notifications about
> unexpected deferals and so on.
>
> Ummm... It looks too complicated, is it?
Yep.
> > cd /var/spool/avp
> > /usr/bin/env - HOME=/ \
> > /var/spool/avp/uchroot -u avpd /var/spool/avp \
> > ./kavdaemon -dl -f=/ctl /tst
>
> Just curious -- why you use `cd' here?
Because kavdaemon used to barf if it wasn't started from the directory in
which the binarie resides.
--
Ralf Hildebrandt Tel. +49 (0)30-450 570-155
Fax. +49 (0)30-450 570-916
To sysadmin or not to sysadmin... that is the question, whether tis
nobler in the minde to suffer the slings and arrowes of outragious
fortune, or climb to the top of the building with a fucking high-power
rifle and scope.