hege wrote:
While you have some points, I don't really get why you have a problem? Not trying to be too harsh, but you sound a somewhat too theoretical unix geek.
I guess that's due to having far more experience writing software (mainly compilers and operating systems) in a research/experimental environment (IBM Research) than my mere 8 years of commercial Unix software development (video servers at DEC and telephone switches at a startup bought by Lucent). In any case, I prefer to analyze the possible problems before the software is put into service.
hege wrote:
First of all, if this works with all the 8 scanners that HAVP supports, why would there suddently be a differently behaving one?
I don't know how these scanners all behave, but if I were writing a scanner, I wouldn't have it hang on a locked file, as that would mean that daily batch scans would be difficult to manage. (I think most Windows scanners skip locked files, given Windows excessive use of locking.)
hege wrote:
Portability, who would _really_ use HAVP on HP-UX, Aix, BSDs etc? You don't even have many scanners for those platforms? 0.80 may even compile with those (FreeBSD tested), but it will not have the dynamic scanning without mandatory locking.
According to their website, ClamAV has been ported to at least FreeBSD, OpenBSD, AIX, OSF, Solaris, MacOS X, BeOS, and MS Windows (native, Interix, Cygwin, cygwin.dll based). And some people swear by FreeBSD as being more secure than Linux.
hege wrote:
If your firewall is really on some production use and not at home, I wouldn't even install anything there (I don't understand why any software is installed on firewall, bad security).
Firewall is a SOHO setup: I don't run the X server, or much else, and run whatever services non-root (dedicated user and group), or privilege separated, and chrooted when possible. I know that ideally there should be nothing else on the FW computer, but that would cost additional hardware, energy, and most important, office space and infrastructure.
hege wrote:
Otherwise, congrats for your uptime, but I don't really care..
Uptime is more a matter of trying to set a record than practicality: it ran 3 months "lights out" (long trip, VPN access), and survived at least 3 short power outages (UPS backup). So now I'm trying to see how long it can go, which means I don't want to make any far-reaching changes, like changing the root FS.
Given that, it turns out that I have an unused swap partition on the second drive. Maybe I'll build a separate FS there and try using "mount -o mand" on it.
hege wrote:
Cheers, Henrik
Likewise, Paul