I use Clamav, I even participate in the development (as much as I can and as much as my time allows) but it is still far from what Sophos can do. The current development team from Clamav still does not manage to solve the current problems without adding new improvements.
The Clamav detection rate with the default virus signatures is still pathetic.
As a solution for scanning mail messages, Clamav can be an acceptable option, although it is only used as a second opinion in general.
I use Sophos to scan traffic in real time through Squid and here is the big problem, I haven't found anything that could replace this at the same price. The commercial solutions are a bit expensive compared to the one configured by me which only involves a commercial antivirus, the rest was open-source.
Moving Sophos to a virtual machine or even to a real server with another Linux distribution (for example Ubuntu where the new Sophos Protection for Linux antivirus works perfectly) creates problems for me in using the Sophos Anti-Virus Dynamic Interface (SAVDI), the basic piece in the quick scanning of mail messages or traffic through Squid.

I have a choice to give up Sophos or Slackware.
At Sophos I can give up with the consequences that this implies, but at Slackware I am too old to give up and adding support for systemd in Slackware could take longer than I have before I can retire.

It's still kinda funny to try and change decades of tradition, just because some random binary is not flexible enough.
IMO, it's the exact same as expecting the UK will change the traffic infrastructure to accommodate US drivers' expectations.

That said, I completely understand your problem with this software. It tries to make itself irreplacable, just like any other commercial solution.
Slackware doesn't do that, every part of it can be recompiled and replaced. Meaning, you can certainly install and use systemd to accommodate your AV solution.
And I'm fairly certain that P.V. said at some point he will not "force it down anyone's throat" so I guess you shouldn't attempt that either.

I do get that the thing you're complaining about did cost you money, and is telling you what to do, just saying there's no way I'd let it tell me what to do.
I'd certainly get rid of it sooner than letting it control me, but whatever you do is your business, just wanted to ask if that's something government issued, or private business?
Because if it's private, I really don't see the reason why you don't hire someone to reverse engineer it and re-implement old sysV hooks back in.
If it's government, where Sophos is usually deployed, then yeah, you're gonna have to bend over to it.

I do not think that porting Slackware 15.0 to systemd will take really very long.

After all, Slackware 15.0 already uses 2/3 from the main daemons from systemd. What the heck you think is systemd, besides the copious FUD spread in this forum about how it will eat your dog?

The systemd is composed mainly from UDEV, LOGIND and an init system running the daemons under supervising and in their own CGROUPs. From what I heard, the catch is exactly this "running on their own CGROUPs" which permit a very fine control also on the allocated resources for the supervised daemons. I.e. dynamically cutting the net for the httpd. That's why is preferred by the AV companies and not only.

Anyway, while I do NOT tried this, I do not think is that complicated (up to spend a life time) for a Guru to port a Linux distribution from SysV init, eudev and elogind to systemd. After all, the systemd replaces the first three and eudev and elogind are parts cut from systemd, so they work in a similar manner.

And looks like that here are even users who did this already, outside of Dlackware team. IF I remember right, there's at least chrisVV who said that he uses a systemd driven Slackware. Maybe there are others, too.

In my humble opinion, the main problem is another: the so called systemd hatters, who will jump in a thread about using Slackware with systemd, and will derail it in another systemd hate fest. Basically, it's very hard to have a meaningful discussion about porting Slackware to systemd. In this forum.

You do not believe me? Let's open a thread named "Porting Slackware 15.0 to systemd" and let's see what happens.

I looked a bit through the Sophos scripts but for now systemd cannot be avoided. The only solution is to add the support for System V (SysV) init system as an option. Even the people from Sophos don't see another solution now.

An init system running the daemons, this is the problem with Sophos, they changed everything (rewritten from scratch) compared to the old version of the antivirus that has support for System V (SysV) init system.
I can't afford to play on the production servers to test porting systemd to Slackware, anyway I'm taking quite a risk with using Slackware and so many packages compiled from sources by me even if they already exist in the Slackware packages.

Excuse my stupidity, but WHY people shouldn't attempt porting Slackware to systemd? It's a blasphemy?

In fact, probably is the best to exists a Slackware derivative fully ported to systemd, because the users will have the ability to compare for real how superior is SysV init. Or not.

OR, maybe you are just afraid that people will see that Slackware will work much better with systemd and it will be simpler, so the entire saga built by the systemd hatters will fall like a cards house? IF you are that sure about SysV init superiority, probably you should encourage people to make a full port of Slackware to systemd, to have later your moment of "I told ya, people!"

Again, I do NOT advocate the Slackware switching to systemd, but I will prefer to discus facts, not rumors launched by whatever 3 letters company as test-drive for a mass control of populations.

I for one, I would like to have SysV-driven Slackware and systemd-driven Slackware in two identical boxes, side by side, and to evaluate how they works, by direct comparation.

BUT, you can test this in a virtual machine or even a spare computer. And honestly, I do not think that there will be that many packages which would need be recompiled.

Many programs just interacts with udev and logind, not with the entire systemd. And we known already which software interacts with (e)udev and (e)logind.

So, overall could be as simple as recompiling the packages who yells that /lib64/libelogind.so does not exists.

True, following -current will give you much more work, BUT staying in -stable 15.0 will be quite safe to say that you should do the work once.

I for one, I believe that the main work would be to write unit files to reconstruct the Slackware boot design in the systemd style.

@LuckyCyborg
Label me a religious freak again, so I can laugh at your perma-ban.
You ain't stupid, you're just being intentionally dense, just like many times before.
Nobody said installing systemd equals forcing it on everyone, gentoo supports both and works fine for everyone involved.

@teoberi. So the comment that DLACKWARE and chrisVV have incorporated systemd made me take a look. It appears that in the DLACKWARE git repository indeed does have scripts to add SystemD to Slackware. I wonder what effort would be involved to setup a virtual machine with Slackware 14.2 (since it is still supported and will be for a number of years), apply the SystemD scripts, and then try installing Sophos latest version of SAV4Linux, what the results would be? Teoberi have you considered this path? My Sophos AV for Linux license is expired, so I can't try. I don't have the Cental or Cloud server versions to generate a SAV either. Let me know how I might help if you try this. Cheers.

I initially thought about this too, but I only use Slackware64-current and my Sophos license will expire soon (in a few months).
Considering the reluctance of Sophos to do something for those without systemd even though we pay the license, I decided to give up their products.
That's all I can do right now, short of unofficial experiments to add systemd support to Slackware (I think that might be best done by our BDFL if and when he wants it).

1 members found this post helpful.

So in conclusion, we forget about Sophos and focus on Clamav.
I hope that Clamav will solve some problems that I still don't like, i.e. the support for newer versions of LLVM and 7-Zip, we are adding some unofficial databases for antivirus signatures like those recommended here and that's it, closed topic.

1 members found this post helpful.

I retract what I said in the previous post! Nothing works as it should!
Clamav 1.0.0 is a bit of a disaster, it didn't solve the previously exposed problems and besides all that it has a big problem with the excessively long scanning time, which makes it a bit unusable.
https://github.com/Cisco-Talos/clamav/issues/590
I can't install Sophos Protection for Linux due to the lack of systemd in Slackware but I can do it in Ubuntu Server, so I need to update my knowledge about it!
Maybe it's not such a bad thing.

lol.

Just for info - The ClamAV 1.00 LTS nov.23 2022 .deb binaries install nicely on 14.2 if extracted and copied to their respective locations. The Qt5 ClamAV-GUI provide a detailed control-panel where fetching daily virus definitions is easily made by clicking "update now" under the "Freshclam" tab, or it can be automated.
Extra one month old signatures (spam, marketing and custom) can be obtained for free form SecuriteInfo.com (by Arnaud Jacques, official signmaker of Clamav from 2005 to 2012), or a 0-day signature plan can be purchased.
With the daemon configured to continously monitor my /home/freddy/ directory the daemon vil occupy 698Mb of memory with databases containing information of 12543574 viruses.

Attached Thumbnails

 

1 members found this post helpful.

If you run clamd, could you do some tests on the scanning speed, see here?