packages/clamav
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

package init

Browse Source
This commit is contained in:
yiyurain 2019-12-14 21:13:51 +08:00
parent 68b6af950c
commit a45839659a
28 changed files with 8898 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

119
README.fedora Normal file
View File

@ -0,0 +1,119 @@
Please note since el7 and Fedora 15 or 19 we use only systemd.
upstart and sysv was dropped, this document may still applies to el6.
A clamav-milter setup consists of the following three components:
* the clamav-milter itself
--> this is provided by the 'clamav-milter' package plus (alternatively)
'clamav-milter-upstart' or 'clamav-milter-sysvinit'
The main configuration is in /etc/mail/clamav-milter.conf and MUST
be changed before first use.
The -sysvinit package is managed by the traditional tools, but
-upstart requires modification of /etc/event.d/clamav-milter to
enable automatic startup. See comments there for more details.
* a clamav scanner daemon
--> this package is called 'clamav-scanner' plus (alternatively)
'clamav-scanner-upstart' or 'clamav-scanner-sysvinit'
The daemon is configured by /etc/clamd.d/scan.conf (which MUST be
edited before first use).
The -sysvinit package is managed by the traditional tools, but
-upstart requires modification of /etc/event.d/clamd.scan to enable
automatic startup. See comments there for more details.
* the MTA (sendmail/postfix)
--> you should know how to install this...
When communicating across unix sockets with the clamav-milter, it is
suggested to use the /var/run/clamav-milter/clamav-milter.socket
path. You have to add something like
INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav-milter/clamav-milter.socket, F=, T=S:4m;R:4m')dnl
to your sendmail.mc.
It is suggested that components communicate through TCP sockets as
this eases setup. Please add corresponding packet filter rules!
EXAMPLE
=======
For clamav-milter, a possible setup might be created by
A) On the MTA (assumed hostname 'host-mta')
1. Add to sendmail.mc
| INPUT_MAIL_FILTER(`clamav', `S=inet:6666@host-milter, F=, T=S:4m;R:4m')dnl
2. Rebuild sendmail.cf
B) On the clamav-milter host (assumed hostname 'host-milter')
1. Install clamav-milter + clamav-milter-upstart packages
2. Set in /etc/mail/clamav-milter.conf
| MilterSocket inet:6666
| ClamdSocket tcp:host-scanner:6665
and all the other options which are required on your system
3. Edit /etc/event.d/clamav-milter and uncomment the
| start on starting local
line. Restart your system or execute
| initctl emit starting local
4. Add something like
| iptables -N IN-cmilt
| iptables -A IN-cmilt -s host-mta -j ACCEPT
| iptables -A IN-cmilt -j DROP
| iptables -A INPUT -p tcp --dport 6666 -j IN-cmilt
to your firewall setup
C) On the clamav-scanner host (assumed hostname 'host-scanner')
1. Install clamav-scanner + clamav-scanner-upstart packages
2. Add to /etc/clamd.d/scan.conf
| TCPSocket 6665
| TCPAddr host-scanner
comment out possible 'LocalSocket' lines and set all the other
options which are required on your system
3. Edit /etc/event.d/clamav-scanner and uncomment the
| start on starting local
line. Restart your system or execute
| initctl emit starting local
4. Add something like
| iptables -N IN-cscan
| iptables -A IN-cscan -s host-milter -j ACCEPT
| iptables -A IN-cscan -j DROP
| iptables -A INPUT -p tcp --dport 6665 -j IN-csan
to your firewall setup

7494
build_new.log Normal file
View File

File diff suppressed because one or more lines are too long

BIN
bytecode-330.cvd Normal file
View File

Binary file not shown.

18
clamav-0.100.0-stats-deprecation.patch Normal file
View File

@ -0,0 +1,18 @@
https://bugzilla.clamav.net/show_bug.cgi?id=12097
--- a/shared/optparser.c
+++ b/shared/optparser.c
@@ -505,6 +505,13 @@ const struct clam_option __clam_options[
{ "ClamukoExcludeUID", NULL, 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, -1, NULL, FLAG_MULTIPLE, OPT_CLAMD | OPT_DEPRECATED, "", "" },
{ "ClamukoMaxFileSize", NULL, 0, CLOPT_TYPE_SIZE, MATCH_SIZE, 5242880, NULL, 0, OPT_CLAMD | OPT_DEPRECATED, "", "" },
{ "AllowSupplementaryGroups", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_MILTER | OPT_DEPRECATED, "Initialize a supplementary group access (the process must be started by root).", "no" },
+ { "StatsHostID", "stats-host-id", 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },
+ { "StatsEnabled", "enable-stats", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },
+ { "StatsPEDisabled", "disable-pe-stats", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },
+ { "StatsTimeout", "stats-timeout", 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, -1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_FRESHCLAM | OPT_DEPRECATED, "", "" },
+ { "SubmitDetectionStats", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", "" },
+ { "DetectionStatsCountry", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", "" },
+ { "DetectionStatsHostID", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", "" },
/* Milter specific options */

33
clamav-0.100.0-umask.patch Normal file
View File

@ -0,0 +1,33 @@
--- clamav-0.100.0/clamav-milter/clamav-milter.c 2018-04-04 02:13:58.000000000 +0200
+++ clamav-0.100.0/clamav-milter/clamav-milter.c.umask 2018-05-28 23:25:12.374047156 +0200
@@ -432,7 +432,7 @@
if((opt = optget(opts, "PidFile"))->enabled) {
FILE *fd;
- mode_t old_umask = umask(0002);
+ mode_t old_umask = umask(0022);
if((fd = fopen(opt->strarg, "w")) == NULL) {
logg("!Can't save PID in file %s\n", opt->strarg);
--- clamav-0.100.0/shared/output.c 2018-04-04 02:13:58.000000000 +0200
+++ clamav-0.100.0/shared/output.c.umask 2018-05-28 23:24:41.968851516 +0200
@@ -379,7 +379,7 @@
if (!logg_fp && logg_file)
{
- old_umask = umask(0037);
+ old_umask = umask(0077);
if ((logg_fp = fopen(logg_file, "at")) == NULL)
{
umask(old_umask);
--- clamav-0.100.0/freshclam/freshclam.c 2018-04-04 02:13:58.000000000 +0200
+++ clamav-0.100.0/freshclam/freshclam.c.umask 2018-05-28 23:25:30.675164850 +0200
@@ -127,7 +127,7 @@
{
FILE *fd;
int old_umask;
- old_umask = umask (0006);
+ old_umask = umask (0022);
if ((fd = fopen (pidfile, "w")) == NULL)
{
logg ("!Can't save PID to file %s: %s\n", pidfile, strerror (errno));

81
clamav-0.100.1-defaults_locations.patch Normal file
View File

@ -0,0 +1,81 @@
--- ./clamconf/clamconf.c.orig 2018-07-30 05:28:40.199759145 +0100
+++ ./clamconf/clamconf.c 2018-07-30 05:30:12.083760295 +0100
@@ -58,9 +58,9 @@ static struct _cfgfile {
const char *name;
int tool;
} cfgfile[] = {
- { "clamd.conf", OPT_CLAMD },
+ { "clamd.d/scan.conf", OPT_CLAMD },
{ "freshclam.conf", OPT_FRESHCLAM },
- { "clamav-milter.conf", OPT_MILTER },
+ { "mail/clamav-milter.conf", OPT_MILTER },
{ NULL, 0 }
};
--- ./platform.h.in.orig 2018-07-30 06:27:54.437257754 +0100
+++ ./platform.h.in 2018-07-30 06:29:18.920124404 +0100
@@ -34,9 +34,9 @@ typedef unsigned int in_addr_t;
#define PATHSEP "/"
#endif
-#define CONFDIR_CLAMD CONFDIR PATHSEP "clamd.conf"
+#define CONFDIR_CLAMD CONFDIR PATHSEP "clamd.d/scan.conf"
#define CONFDIR_FRESHCLAM CONFDIR PATHSEP "freshclam.conf"
-#define CONFDIR_MILTER CONFDIR PATHSEP "clamav-milter.conf"
+#define CONFDIR_MILTER CONFDIR PATHSEP "mail/clamav-milter.conf"
#define cli_to_utf8_maybe_alloc(x) (x)
#define cli_strdup_to_utf8(x) strdup(x)
--- ./docs/man/clamav-milter.conf.5.in.orig 2018-07-31 02:47:52.768212114 +0100
+++ ./docs/man/clamav-milter.conf.5.in 2018-07-31 02:48:57.295032444 +0100
@@ -239,7 +239,7 @@ Default: no
All options expressing a size are limited to max 4GB. Values in excess will be reset to the maximum.
.SH "FILES"
.LP
-@CFGDIR@/clamav-milter.conf
+@CFGDIR@/mail/clamav-milter.conf
.SH "AUTHOR"
.LP
aCaB <acab@clamav.net>
--- ./docs/man/clamav-milter.8.in.orig 2018-07-31 02:47:45.154130364 +0100
+++ ./docs/man/clamav-milter.8.in 2018-07-31 02:48:39.484792893 +0100
@@ -27,7 +27,7 @@ Print the version number and exit.
Read configuration from FILE.
.SH "FILES"
.LP
-@CFGDIR@/clamav-milter.conf
+@CFGDIR@/mail/clamav-milter.conf
.SH "AUTHOR"
.LP
aCaB <acab@clamav.net>
--- ./docs/man/clamd.conf.5.in.orig 2018-07-31 02:52:12.607659460 +0100
+++ ./docs/man/clamd.conf.5.in 2018-07-31 02:52:37.396992885 +0100
@@ -703,7 +703,7 @@ Default: no
All options expressing a size are limited to max 4GB. Values in excess will be reset to the maximum.
.SH "FILES"
.LP
-@CFGDIR@/clamd.conf
+@CFGDIR@/clamd.d/scan.conf
.SH "AUTHORS"
.LP
Tomasz Kojm <tkojm@clamav.net>, Kevin Lin <klin@sourcefire.com>
--- ./docs/man/clamd.8.in.orig 2018-07-31 02:51:22.897990849 +0100
+++ ./docs/man/clamd.8.in 2018-07-31 02:53:22.170595103 +0100
@@ -7,7 +7,7 @@ clamd \- an anti\-virus daemon
clamd [options]
.SH "DESCRIPTION"
.LP
-The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CFGDIR@/clamd.conf
+The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CFGDIR@/clamd.d/scan.conf
.SH "COMMANDS"
.LP
It's recommended to prefix clamd commands with the letter \fBz\fR (eg. zSCAN) to indicate that the command will be delimited by a NULL character and that clamd should continue reading command data until a NULL character is read. The null delimiter assures that the complete command and its entire argument will be processed as a single command. Alternatively commands may be prefixed with the letter \fBn\fR (e.g. nSCAN) to use a newline character as the delimiter. Clamd replies will honour the requested terminator in turn.
@@ -119,7 +119,7 @@ Reload the signature databases.
Perform a clean exit.
.SH "FILES"
.LP
-@CFGDIR@/clamd.conf
+@CFGDIR@/clamd.d/scan.conf
.SH "CREDITS"
Please check the full documentation for credits.
.SH "AUTHOR"

BIN
clamav-0.101.4-norar.tar.xz Normal file
View File

Binary file not shown.

27
clamav-0.99-private.patch Normal file
View File

@ -0,0 +1,27 @@
--- clamav-0.99/libclamav.pc.in 2015-09-18 22:48:25.000000000 +0200
+++ clamav-0.99/libclamav.pc.in.private 2015-12-02 01:30:30.055231319 +0100
@@ -7,6 +7,6 @@
Description: A GPL virus scanner
Version: @PACKAGE_VERSION@
Libs: -L${libdir} -lclamav
-Libs.private: @LIBCLAMAV_LIBS@
+Libs.private: -L${libdir} -lclamav @LIBCLAMAV_LIBS@
Cflags: -I${includedir}
--- clamav-0.99/clamav-config.in 2015-05-28 23:56:25.000000000 +0200
+++ clamav-0.99/clamav-config.in.private 2015-12-02 01:31:34.933705763 +0100
@@ -54,12 +54,8 @@
usage 0
;;
- --cflags)
- echo -I@includedir@ @CFLAGS@
- ;;
-
- --libs)
- echo -L@libdir@ @LIBCLAMAV_LIBS@
+ (--cflags|--libs)
+ ${PKG_CONFIG:-pkg-config} "$1" libclamav
;;
*)

25
clamav-milter.systemd Normal file
View File

@ -0,0 +1,25 @@
[Unit]
Description = Milter module for the Clam Antivirus scanner
After = syslog.target nss-lookup.target network.target
Before = sendmail.service
Before = postfix.service
After = clamd@scan.service
[Service]
Type = forking
ExecStart = /usr/sbin/clamav-milter -c /etc/mail/clamav-milter.conf
Restart = on-failure
User=clamilt
Group=clamilt
PrivateTmp=yes
PrivateDevices=yes
CapabilityBoundingSet=CAP_KILL
ReadOnlyDirectories=/etc
ReadOnlyDirectories=/usr
ReadOnlyDirectories=/var/lib
[Install]
WantedBy = multi-user.target

93
clamav-milter.sysv Normal file
View File

@ -0,0 +1,93 @@
#!/bin/bash
#
# clamav-milter Starts/stop the "clamav-milter" daemon
#
# chkconfig: - 79 31
# description: A virus scanning milter
# Source function library.
. /etc/rc.d/init.d/functions
exec=/usr/sbin/clamav-milter
prog="clamav-milter"
OPTS='-c /etc/mail/clamav-milter.conf'
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
pidfile=/var/run/clamav-milter/milter.pid
lockfile=/var/lock/subsys/$prog
start() {
[ -x $exec ] || exit 5
[ -f $config ] || exit 6
echo -n $"Starting $prog: "
daemon --pidfile=${pidfile} $exec $OPTS --foreground=no --pid=${pidfile}
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc -p "${pidfile}" $exec
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
start
}
reload() {
restart
}
force_reload() {
restart
}
rh_status() {
# run checks to determine if the service is running or use generic status
status -p "${pidfile}" $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?

14
clamav-milter.upstart Normal file
View File

@ -0,0 +1,14 @@
### !!! Uncomment only *one* of the 'start on' statements !!!
### Uncomment these lines when you want clamav-milter to be a milter
### for a locally running MTA
#start on (starting sendmail or starting postfix)
### Uncomment these lines when you want clamav-milter to be a milter
### for a remotely running MTA
#start on runlevel [345] and starting local
stop on runlevel [!345]
respawn
exec /usr/sbin/clamav-milter -c /etc/mail/clamav-milter.conf --foreground=yes

6
clamav-update.crond Normal file
View File

@ -0,0 +1,6 @@
## Adjust this line...
MAILTO=root
## It is ok to execute it as root; freshclam drops privileges and becomes
## user 'clamupdate' as soon as possible
0 */3 * * * root /usr/share/clamav/freshclam-sleep

4
clamav-update.logrotate Normal file
View File

@ -0,0 +1,4 @@
/var/log/freshclam.log {
monthly
notifempty
}

417
clamav.spec Normal file
View File

@ -0,0 +1,417 @@
Name: clamav
Summary: End-user tools for the Clam Antivirus scanner
Version: 0.101.4
Release: 2
License: GPLv2
URL: https://www.clamav.net/
Source0: clamav-0.101.4-norar.tar.xz
Source1: clamd.sysconfig
Source2: clamd.logrotate
Source3: clamd-README
Source4: main-58.cvd
Source5: daily-25550.cvd
Source6: bytecode-330.cvd
Source7: clamd-gen
Source8: freshclam-sleep
Source9: freshclam.sysconfig
Source10: clamav-update.crond
Source11: clamav-update.logrotate
Source12: README.fedora
Source13: clamav-milter.upstart
Source14: clamav-milter.systemd
Source15: clamd.scan.upstart
Source16: clamd@scan.service
Source17: clamd@.service
Patch0001: clamav-0.100.0-stats-deprecation.patch
Patch0002: clamav-0.100.1-defaults_locations.patch
Patch0003: clamav-0.99-private.patch
Patch0004: clamav-0.100.0-umask.patch
Patch0005: llvm-glibc.patch
BuildRequires: autoconf automake gettext-devel libtool libtool-ltdl-devel
BuildRequires: gcc-c++ zlib-devel bzip2-devel gmp-devel curl-devel json-c-devel
BuildRequires: ncurses-devel openssl-devel libxml2-devel pcre2-devel
BuildRequires: bc tcl groff graphviz ocaml nc systemd-devel sendmail-devel
Requires: data(clamav)
Provides: bundled(libmspack) = 0.5-0.1.alpha.modified_by_clamav
Provides: %{name}-lib = %{version}-%{release}
Obsoletes: %{name}-lib < %{version}-%{release}
%description
Clam AntiVirus (clamav) is an open source antivirus engine for detecting trojans,
viruses, malware & other malicious threats. The main purpose of this software is
the integration with mail servers (attachment scanning). The package provides a
flexible and scalable multi-threaded daemon, a command line scanner, and a tool
for automatic updating via Internet. The programs are based on a shared library
distributed with the Clam AntiVirus package, which you can use with your own software.
he virus database is based on the virus database from OpenAntiVirus, but contains
additional signatures and is KEPT UP TO DATE.
%package devel
Summary: Header files and libraries for the Clam Antivirus scanner
Requires: %{name} = %{version}-%{release} %{name}-filesystem = %{version}-%{release} openssl-devel
%description devel
The clamav-devel package contains headerfiles and libraries
which are needed to build applications using clamav.
%package help
Summary: man info for clamav
%description help
The clamav-help package contains man information for clamav.
%package filesystem
Summary: Filesystem structure for clamav
Conflicts: %{name} < %{version}-%{release} %{name} > %{version}-%{release}
Requires(pre): shadow-utils
BuildArch: noarch
%description filesystem
The clamav-filesystem package provides the filesystem structure and
contains the user-creation scripts required by clamav.
%package data
Summary: Virus signature data for the Clam Antivirus scanner
Requires: %{name}-filesystem = %{version}-%{release}
Provides: data(clamav) = full %{name}-db = %{version}-%{release}
Obsoletes: %{name}-db < %{version}-%{release}
BuildArch: noarch
%description data
The clamav-data package contains the virus-database needed by clamav.
This database should be updated regularly; Use this package when you
want a working (but perhaps outdated) virus scanner immediately after
package installation.
%package update
Summary: Auto-updater for the Clam Antivirus scanner data-files
Requires: %{name}-filesystem = %{version}-%{release} crontabs cronie
Provides: data(clamav) = empty %{name}-data-empty = %{version}-%{release}
Obsoletes: %{name}-data-empty < %{version}-%{release}
Requires(post): %__chown %__chmod
%description update
The clamav-update package contains programs which can be used to update
the clamav anti-virus database automatically. It uses the freshclam(1)
utility for this task. Use this package when you go updating the virus
database regulary and do not want to download a >120MB sized rpm-package
with outdated virus definitions.
%package -n clamd
Summary: The Clam AntiVirus Daemon
Requires: data(clamav) coreutils %{name}-filesystem = %{version}-%{release}
Requires: %{name} = %{version}-%{release}
Requires(pre): shadow-utils
Obsoletes: %{name}-server-sysvinit < %{version}-%{release}
Obsoletes: %{name}-scanner-sysvinit < %{version}-%{release}
Obsoletes: %{name}-scanner-upstart < %{version}-%{release}
Provides: %{name}-scanner-systemd = %{version}-%{release}
Obsoletes: %{name}-scanner-systemd < %{version}-%{release}
Provides: %{name}-server-systemd = %{version}-%{release}
Obsoletes: %{name}-server-systemd < %{version}-%{release}
Provides: %{name}-server = %{version}-%{release} %{name}-server-sysv = %{version}-%{release}
Obsoletes: %{name}-server < %{version}-%{release} %{name}-server-sysv < %{version}-%{release}
Provides: %{name}-scanner = %{version}-%{release} %{name}-scanner-upstart = %{version}-%{release}
Obsoletes: %{name}-scanner < %{version}-%{release} %{name}-scanner-upstart < %{version}-%{release}
Provides: %{name}-server-sysvinit = %{version}-%{release}
Obsoletes: %{name}-server-sysvinit < %{version}-%{release}
%description -n clamd
The Clam AntiVirus Daemon. The clamd package contains a generic system
wide clamd service which is e.g. used by the clamav-milter package.
%package milter
Summary: Milter module for the clamav scanner
Requires: %{name}-filesystem = %{version}-%{release}
Requires(post): coreutils
Requires(pre): shadow-utils
Obsoletes: %{name}-milter-sysvinit < %{version}-%{release}
Obsoletes: %{name}-milter-upstart < %{version}-%{release}
Provides: %{name}-milter-systemd = %{version}-%{release}
Obsoletes: %{name}-milter-systemd < %{version}-%{release}
%description milter
The clamav-milter package contains files which are needed to run the clamav-milter.
%prep
%autosetup -n %{name}-%{version}%{?prerelease} -p1
install -p -m0644 %SOURCE12 clamav-milter/
install -d libclamunrar{,_iface}
touch libclamunrar/{Makefile.in,all,install}
sed -ri -e 's!^#?(LogFile ).*!#\1/var/log/clamd.<SERVICE>!g' \
-e 's!^#?(LocalSocket ).*!#\1/var/run/clamd.<SERVICE>/clamd.sock!g' \
-e 's!^(#?PidFile ).*!\1/var/run/clamd.<SERVICE>/clamd.pid!g' \
-e 's!^#?(User ).*!\1<USER>!g' \
-e 's!^#?(AllowSupplementaryGroups|LogSyslog).*!\1 yes!g' \
-e 's! /usr/local/share/clamav,! %_var/lib/clamav,!g' etc/clamd.conf.sample
sed -ri -e 's!^Example!#Example!' -e 's!^#?(UpdateLogFile )!#\1!g;' \
-e 's!^#?(LogSyslog).*!\1 yes!g' -e 's!(DatabaseOwner *)clamav$!\1clamav!g' \
etc/freshclam.conf.sample
%build
export LDFLAGS='%{?__global_ldflags} -Wl,--as-needed'
export have_cv_ipv6=yes
rm -rf libltdl autom4te.cache Makefile.in
autoreconf -i
%configure --enable-milter --disable-clamav --disable-static --disable-zlib-vcheck \
--disable-unrar --enable-id-check --enable-dns --with-dbdir=%_var/lib/clamav \
--with-group=clamav --with-user=clamav --disable-rpath \
--disable-silent-rules --enable-clamdtop
sed -i -e 's! -shared ! -Wl,--as-needed\0!g' \
-e '/sys_lib_dlsearch_path_spec=\"\/lib \/usr\/lib /s!\"\/lib \/usr\/lib !/\"/%_lib /usr/%_lib !g' \
libtool
%make_build
%install
rm -rf _doc*
%make_install
function smartsubst() {
local tmp
local regexp=$1
shift
tmp=$(mktemp /tmp/%name-subst.XXXXXX)
for i; do
sed -e "$regexp" "$i" >$tmp
cmp -s $tmp "$i" || cat $tmp >"$i"
rm -f $tmp
done
}
install -d -m 0755 $RPM_BUILD_ROOT%_sysconfdir/{mail,clamd.d,logrotate.d} \
$RPM_BUILD_ROOT%_tmpfilesdir $RPM_BUILD_ROOT%_rundir $RPM_BUILD_ROOT%_var/log \
$RPM_BUILD_ROOT%_rundir/clamav-milter $RPM_BUILD_ROOT%_datadir/%name/template \
$RPM_BUILD_ROOT%_initrddir $RPM_BUILD_ROOT%_var/lib/clamav $RPM_BUILD_ROOT%_rundir/clamd.scan
%delete_la
touch $RPM_BUILD_ROOT%_var/lib/clamav/{daily,main,bytecode}.cld
touch $RPM_BUILD_ROOT%_var/lib/clamav/mirrors.dat
install -D -m 0644 -p %SOURCE4 $RPM_BUILD_ROOT%_var/lib/clamav/main.cvd
install -D -m 0644 -p %SOURCE5 $RPM_BUILD_ROOT%_var/lib/clamav/daily.cvd
install -D -m 0644 -p %SOURCE6 $RPM_BUILD_ROOT%_var/lib/clamav/bytecode.cvd
install -D -m 0644 -p %SOURCE1 _doc_server/clamd.sysconfig
install -D -m 0644 -p %SOURCE2 _doc_server/clamd.logrotate
install -D -m 0644 -p %SOURCE3 _doc_server/README
install -D -m 0644 -p etc/clamd.conf.sample _doc_server/clamd.conf
install -m 0755 -p %SOURCE7 $RPM_BUILD_ROOT%_datadir/%name/
install -D -p _doc_server/* $RPM_BUILD_ROOT%_datadir/%name/template
install -D -p -m 0644 %SOURCE17 $RPM_BUILD_ROOT%_unitdir/clamd@.service
install -D -m 0644 -p %SOURCE11 $RPM_BUILD_ROOT%_sysconfdir/logrotate.d/clamav-update
touch $RPM_BUILD_ROOT%_var/log/freshclam.log
install -D -p -m 0755 %SOURCE8 $RPM_BUILD_ROOT%_datadir/%name/freshclam-sleep
install -D -p -m 0644 %SOURCE9 $RPM_BUILD_ROOT%_sysconfdir/sysconfig/freshclam
install -D -p -m 0600 %SOURCE10 $RPM_BUILD_ROOT%_sysconfdir/cron.d/clamav-update
mv -f $RPM_BUILD_ROOT%_sysconfdir/freshclam.conf{.sample,}
chmod 600 $RPM_BUILD_ROOT%_sysconfdir/freshclam.conf
smartsubst 's!webmaster,clamav!webmaster,clamav!g;
s!/usr/share/clamav!%_datadir/%name!g;
s!/usr/bin!%_bindir!g;
s!/usr/sbin!%_sbindir!g;' \
$RPM_BUILD_ROOT%_sysconfdir/cron.d/clamav-update \
$RPM_BUILD_ROOT%_datadir/%name/freshclam-sleep
sed -e 's!<SERVICE>!scan!g;s!<USER>!clamscan!g' \
etc/clamd.conf.sample > $RPM_BUILD_ROOT%_sysconfdir/clamd.d/scan.conf
install -D -p -m 0644 %SOURCE15 $RPM_BUILD_ROOT%_sysconfdir/init/clamd.scan.conf
install -D -p -m 0644 %SOURCE16 $RPM_BUILD_ROOT%_unitdir/clamd@scan.service
cat << EOF > $RPM_BUILD_ROOT%_tmpfilesdir/clamd.scan.conf
d %_rundir/clamd.scan 0710 clamscan virusgroup
EOF
touch $RPM_BUILD_ROOT%_rundir/clamd.scan/clamd.{sock,pid}
sed -r -e 's!^#?(User).*!\1 clamilt!g' \
-e 's!^#?(AllowSupplementaryGroups|LogSyslog) .*!\1 yes!g' \
-e 's! /tmp/clamav-milter.socket! %_rundir/clamav-milter/clamav-milter.socket!g' \
-e 's! /var/run/clamav-milter.pid! %_rundir/clamav-milter/clamav-milter.pid!g' \
-e 's! /var/run/clamd/clamd.socket! %_rundir/clamd.scan/clamd.sock!g' \
-e 's! /tmp/clamav-milter.log! %_var/log/clamav-milter.log!g' \
etc/clamav-milter.conf.sample > $RPM_BUILD_ROOT%_sysconfdir/mail/clamav-milter.conf
install -D -p -m 0644 %SOURCE13 $RPM_BUILD_ROOT%_sysconfdir/init/clamav-milter.conf
install -D -p -m 0644 %SOURCE14 $RPM_BUILD_ROOT%_unitdir/clamav-milter.service
cat << EOF > $RPM_BUILD_ROOT%_tmpfilesdir/clamav-milter.conf
d %_rundir/clamav-milter 0710 clamilt clamilt
EOF
touch $RPM_BUILD_ROOT{%_rundir/clamav-milter/clamav-milter.{socket,pid},%_var/log/clamav-milter.log}
%check
make check
%pre filesystem
getent group clamav >/dev/null || groupadd -r clamav
getent passwd clamav >/dev/null || \
useradd -r -g clamav -d %_var/lib/clamav -s /sbin/nologin \
-c "Clamav database update user" clamav
getent group virusgroup >/dev/null || groupadd -r virusgroup
usermod clamav -a -G virusgroup
exit 0
%pre -n clamd
getent group clamscan >/dev/null || groupadd -r clamscan
getent passwd clamscan >/dev/null || \
useradd -r -g clamscan -d / -s /sbin/nologin \
-c "Clamav scanner user" clamscan
usermod clamscan -a -G virusgroup
exit 0
%post -n clamd
%systemd_post clamd@.service
%systemd_post clamd@scan.service
/bin/systemd-tmpfiles --create %_tmpfilesdir/clamd.scan.conf || :
%preun -n clamd
%systemd_preun clamd@.service
%systemd_preun clamd@scan.service
%postun -n clamd
%systemd_postun_with_restart clamd@.service
%systemd_postun_with_restart clamd@scan.service
%post update
test -e %_var/log/freshclam.log || {
touch %_var/log/freshclam.log
%__chmod 0664 %_var/log/freshclam.log
%__chown root:clamav %_var/log/freshclam.log
! test -x /sbin/restorecon || /sbin/restorecon %_var/log/freshclam.log
}
%triggerin milter -- clamav-scanner
/usr/sbin/groupmems -g clamscan -a clamilt &>/dev/null || :
%pre milter
getent group clamilt >/dev/null || groupadd -r clamilt
getent passwd clamilt >/dev/null || \
useradd -r -g clamilt -d %_rundir/clamav-milter -s /sbin/nologin \
-c "Clamav Milter user" clamilt
usermod clamilt -a -G virusgroup
exit 0
%post milter
test -e %_var/log/clamav-milter.log || {
touch %_var/log/clamav-milter.log
chmod 0620 %_var/log/clamav-milter.log
chown root:clamilt %_var/log/clamav-milter.log
! test -x /sbin/restorecon || /sbin/restorecon %_var/log/clamav-milter.log
}
%systemd_post clamav-milter.service
/bin/systemd-tmpfiles --create %_tmpfilesdir/clamav-milter.conf || :
%preun milter
%systemd_preun clamav-milter.service
%postun milter
%systemd_postun_with_restart clamav-milter.service
%post
/sbin/ldconfig
%postun
/sbin/ldconfig
%files
%exclude %_unitdir/clamav-{daemon,freshclam}.*
%exclude %_rundir/*/*.pid
%doc NEWS.md README.md docs/html COPYING
%_bindir/{clambc,clamconf,clamdscan,clamdtop,clamscan,clamsubmit,sigtool}
%_libdir/libclamav.so.9*
%_libdir/libclammspack.so.0*
%files devel
%_includedir/*
%_libdir/*.so
%_datadir/%name/{template,clamd-gen}
%_libdir/pkgconfig/*
%_bindir/clamav-config
%files help
%_mandir/man[15]/*
%_mandir/man8/clamd.8*
%_mandir/man8/clamav-milter*
%_mandir/*/freshclam*
%files filesystem
%attr(-,clamav,clamav) %dir %_var/lib/clamav
%attr(-,root,root) %dir %_datadir/%name
%exclude %_sysconfdir/clamd.conf.sample
%exclude %_sysconfdir/clamav-milter.conf.sample
%exclude %_sysconfdir/init
%dir %_sysconfdir/clamd.d
%files data
%defattr(-,clamav,clamav,-)
%config %verify(not size md5 mtime) %_var/lib/clamav/*.cvd
%files update
%_bindir/freshclam
%_datadir/%name/freshclam-sleep
%config(noreplace) %verify(not mtime) %_sysconfdir/freshclam.conf
%config(noreplace) %verify(not mtime) %_sysconfdir/logrotate.d/*
%config(noreplace) %_sysconfdir/cron.d/clamav-update
%config(noreplace) %_sysconfdir/sysconfig/freshclam
%ghost %attr(0664,root,clamav) %verify(not size md5 mtime) %_var/log/freshclam.log
%ghost %attr(0664,clamav,clamav) %_var/lib/clamav/*.cld
%ghost %attr(0664,clamav,clamav) %_var/lib/clamav/mirrors.dat
%files -n clamd
%doc _doc_server/*
%_sbindir/clamd
%_unitdir/clamd@{scan,}.service
%config(noreplace) %_sysconfdir/clamd.d/scan.conf
%ghost %_rundir/clamd.scan/clamd.sock
%_tmpfilesdir/clamd.scan.conf
%ghost %dir %attr(0710,clamscan,virusgroup) %_rundir/clamd.scan
%files milter
%doc clamav-milter/README.fedora
%_sbindir/*milter*
%dir %_sysconfdir/mail
%config(noreplace) %_sysconfdir/mail/clamav-milter.conf
%ghost %attr(0620,root,clamilt) %verify(not size md5 mtime) %_var/log/clamav-milter.log
%ghost %_rundir/clamav-milter/clamav-milter.socket
%_tmpfilesdir/clamav-milter.conf
%ghost %dir %attr(0710,clamilt,clamilt) %_rundir/clamav-milter
%_unitdir/clamav-milter.service
%changelog
* Fri Dec 13 2019 zoushuangshuang<zoushuangshuang@huawei.com> - 0.101.4-2
- Package init

74
clamd-README Normal file
View File

@ -0,0 +1,74 @@
To create individual clamd-instance take the following files and
modify/copy them in the suggested way:
clamd.conf:
* set LocalSocket (or better: TCPSocket) and User to suitable values;
avoid PidFile unless it is required by system monitoring or something
else. Logging through syslog is usually better than an individual
Logfile.
* place this file into /etc/clamd.d with an unique service-name;
e.g. as /etc/clamd.d/<SERVICE>.conf
When using TCPSocket, create iptables rules which are limiting the
access by source and/or by using '-m owner'.
When LogFile feature is wanted, it must be writable for the assigned
User. Recommended way to reach this, is to:
* make it owned by the User's *group*
* assign at least 0620 (u+rw,g+w) permissions
A suitable command might be
| # touch <logfile>
| # chgrp <user> <logfile>
| # chmod 0620 <logfile>
| # restorecon <logfile>
NEVER use 'clamav' as the user since he can modify the database.
This is the user who is running the application; e.g. for mimedefang
(http://www.roaringpenguin.com/mimedefang), the user might be
'defang'.Theoretically, distinct users could be used, but it must be
made sure that the application-user can write into the socket-file,
and that the clamd-user can access the files asked by the
application to be checked.
clamd.logrotate: (only when LogFile feature is used)
* set the correct value for the logfile
* place it into /etc/logrotate.d
clamd@<SERVICE>.service: (systemd instance)
* instance of clamd@.service
Additionally, when using LocalSocket instead of TCPSocket, the directory
for the socket file must be created. For tmpfiles based systems, you
might want to create a file /usr/lib/tmpfiles.d/clamd.<SERVICE>.conf
with a content of
| d /var/run/clamd.<SERVICE> <MODE> <USER> <GROUP>
Adjust <MODE> (0710 should suffice for most cases) and <USER> + <GROUP>
so that the socket can be accessed by clamd and by the applications
using clamd. Make sure that the socket is not world accessible; else,
DOS attacks or worse are trivial.
After emulating these steps by hand (or else rebooting), you still need set
SELinux:
chcon -t clamd_var_run_t /var/run/clamd.<SERVICE>
or
restorecon -R -v "/var/run/clamd.<SERVICE>"
More SELinux notes:
you may need run:
setsebool -P antivirus_can_scan_system 1
and also maybe this one (I need to confirm that is obsolete)
setsebool -P antivirus_use_jit 1
[Disclaimer:
this file and the script/configfiles are not part of the official
clamav package.
Please send complaints and comments to
https://bugzilla.redhat.com/enter_bug.cgi?product=Fedora%20EPEL&component=clamav]

269
clamd-gen Executable file
View File

@ -0,0 +1,269 @@
#! /bin/bash
# Copyright (C) 2004 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
function showHelp()
{
echo \
$"Usage: clamd-gen --service=<SERVICE> --version=<VERSION> --release=<RELEASE>
--license=<LICENSE> --username=>USERNAME>
"
exit 0
}
function rpm.generatePreamble()
{
cat <<EOF
%{!?release_func:%define release_func() %1%{?dist}}
# The name of the minit service
%define minitsvcdir %minitdir/services/%name
# The configuration file for the SysV initservice
%define conffile %_sysconfdir/clamd.d/%service.conf
# The directory, where the milter socket will be placed into; this
# socket will be named clamd.sock
%define rundir /var/run/clamd.%service
# The name of the logfile
%define logfile /var/log/clamd.%service
# The user under whose id, the clamd shall be running. This user must
# be able to read the files from the base-service and is usually
# created there.
%define username $USERNAME
# The packagename of the service
%define service $SERVICE
# The service name as used by the system's initscripts; usually this
# is %service
%define baseservice %service
%define __chkconfig /sbin/chkconfig
%define minitdir %_sysconfdir/minit
EOF
}
function rpm.generateHeader()
{
cat <<EOF
Summary: Clamav server for '%service'
Name: clamd.%service
Version: $VERSION
Release: %release_func $RELEASE
Epoch: 0
License: $LICENSE
Group: System Environment/Daemons
BuildRoot: %_tmppath/%name-%version-%release-root
BuildArch: noarch
Requires: init(%name)
Requires(pre): %service
Requires: clamav-server
BuildRequires: clamav-devel
%package sysv
Summary: SysV initscripts for a %service clamav-server
Group: System Environment/Daemons
Provides: init(%name) = sysv
Conflicts: init(%name) < sysv
Conflicts: init(%name) > sysv
Requires: clamav-server-sysv
Requires(post): %name = %epoch:%version-%release
Requires(post): diffutils mktemp %__chkconfig
Requires(preun): %__chkconfig
Requires(pre): %_initrddir
Requires(postun): %_initrddir
%package minit
Summary: minit initscripts for a %service clamav-server
Group: System Environment/Daemons
Provides: init(%name) = minit
Conflicts: init(%name) < minit
Conflicts: init(%name) > minit
Requires(post): %name = %epoch:%version-%release
Requires(post): diffutils mktemp
Requires(pre): minit-setup
Requires(postun): minit-setup
Requires(triggers): minit-tools
%description
Basic setup for a clamav server for '%service'.
%description sysv
Basic setup for a clamav server for '%service'.
This package contains initscripts for SysV based systems.
%description minit
Basic setup for a clamav server for '%service'.
This package contains initscripts for minit based systems.
EOF
}
function rpm.genBody()
{
cat <<"XEOFX"
%prep
%build
%install
rm -rf $RPM_BUILD_ROOT
%__install -d -m755 $RPM_BUILD_ROOT{%minitsvcdir,%_sbindir,%rundir,/var/log}
d=/usr/share/clamav/template
function subst
{
src=$d/$1
dst=$RPM_BUILD_ROOT$2
%__install -d -m755 $(dirname "$dst")
sed -e 's!^\(#?LogFile \).*!\1%logfile!g;
s!^#?\(LocalSocket \).*!\1%rundir/clamd.sock!g;
s!^#?\(PidFile \).*!\1%rundir/clamd.pid!g;
s!<SERVICE>!%service!g;
s!<USER>!%username!g;' "$src" >"$dst"
chmod --reference "$src" "$dst"
}
subst clamd.conf %conffile
subst clamd.logrotate %_sysconfdir/logrotate.d/clamd.%service
%if 0%{!?_without_sysv:1}
subst clamd.sysconfig %_sysconfdir/sysconfig/clamd.%service
subst clamd.init %_initrddir/clamd.%service
%endif
ln -s clamd $RPM_BUILD_ROOT%_sbindir/clamd.%service
touch $RPM_BUILD_ROOT%logfile
touch $RPM_BUILD_ROOT%rundir/clamd.sock
%if 0%{!?_without_minit:1}
ln -s %_sbindir/clamd.%service $RPM_BUILD_ROOT%minitsvcdir/run
touch $RPM_BUILD_ROOT%minitsvcdir/respawn
cat <<EOF >$RPM_BUILD_ROOT%minitsvcdir/params
-c
%conffile
EOF
%endif
%clean
rm -rf $RPM_BUILD_ROOT
%triggerin minit -- %baseservice
minit-svc add services/clamd.%service services/%baseservice/
%triggerun minit -- %baseservice
test "$1" != 0 -a "$2" != 0 || \
minit-svc del services/clamd.%service services/%baseservice/
%post minit
d=$(mktemp /tmp/clamd.%service.XXXXXX)
sed -e 's!^#Foreground!Foreground!' "%conffile" >"$d"
grep -q '^Foreground' $d || echo 'Foreground' >>$d
cmp -s "$d" %conffile || cat "$d" >"%conffile"
rm -f "$d"
%post sysv
d=$(mktemp /tmp/clamd.%service.XXXXXX)
sed -e 's!^Foreground!#Foreground!' "%conffile" >"$d"
cmp -s "$d" %conffile || cat "$d" >"%conffile"
rm -f "$d"
%__chkconfig --add %name
%preun sysv
test "$1" != 0 || %__chkconfig --del %name
XEOFX
}
function rpm.genFiles
{
cat <<"EOF"
%files
%defattr(-,root,root,-)
%doc
%config(noreplace) %verify(not size md5 mtime) %attr(0620,root,%username) %logfile
%config(noreplace) %verify(not mtime) %conffile
%config(noreplace) %verify(not mtime) %_sysconfdir/logrotate.d/clamd.%service
%_sbindir/clamd.%service
%dir %attr(0700,%username,root) %rundir
%ghost %rundir/clamd.sock
%if 0%{!?_without_sysv:1}
%files sysv
%defattr(-,root,root,-)
%config %verify(not mtime) %_initrddir/clamd.%service
%config(noreplace) %verify(not mtime) %_sysconfdir/sysconfig/clamd.%service
%endif
%if 0%{!?_without_minit:1}
%files minit
%defattr(-,root,root,-)
%dir %minitsvcdir
%config(noreplace) %verify(not mtime) %minitsvcdir/params
%config %minitsvcdir/run
%minitsvcdir/respawn
%endif
EOF
}
SERVICE=
VERSION=
RELEASE=
LICENSE=
USERNAME=
tmp=$(getopt -o '' --long service:,version:,release:,license:,username:,help -n "$0" -- "$@") || exit 1
eval set -- "$tmp"
while true; do
case "$1" in
(--help) showHelp $0;;
(--service) SERVICE=$2; shift;;
(--version) VERSION=$2; shift;;
(--release) RELEASE=$2; shift;;
(--license) LICENSE=$2; shift;;
(--username) USERNAME=$2; shift;;
(--) shift; break;;
esac
shift
done
for i in SERVICE VERSION RELEASE LICENSE USERNAME; do
eval tmp=\$${i}
test "$tmp" || {
echo $"No value for $i specified; assuming @${i}@" >&2;
eval $i=@${i}@;
}
done
rpm.generatePreamble
rpm.generateHeader
rpm.genBody
rpm.genFiles

90
clamd-wrapper Normal file
View File

@ -0,0 +1,90 @@
#!/bin/bash
#
# Xchkconfig: - 75 35
# Xdescription: The clamd daemon listens for incoming connections on \
# Unix or TCP socket and scans files or directories on demand.
test "$CLAMD_SERVICE" || {
echo $"*** $0 can not be called in this way"
echo $"*** Please see /usr/share/doc/clamav-server-*/README how"
echo $"*** the clamav-server can be configured"
exit 6
}
# Source function library.
. /etc/init.d/functions
# Get config.
test -r /etc/sysconfig/network && . /etc/sysconfig/network
# Check that networking is up.
test "$NETWORKING" != "no" || exit 6
lockfile=/var/lock/subsys/clamd.${CLAMD_SERVICE}
sysconffile=/etc/sysconfig/clamd.${CLAMD_SERVICE}
procname=clamd.${CLAMD_SERVICE}
CLAMD_CONFIGFILE=/etc/clamd.d/${CLAMD_SERVICE}.conf
CLAMD_OPTIONS=
CLAMD_PIDFILE=/var/run/clamd.${CLAMD_SERVICE}/clamd.pid
## backward-compatibility check...
for i in /var/run/clamd.${CLAMD_SERVICE}/clamd.sock \
/var/run/clamav.${CLAMD_SERVICE}/clamd.sock; do
CLAMD_SOCKET=$i
test ! -e "$i" || break
done
test -f "$sysconffile" && . "$sysconffile"
RETVAL=0
prog="clamd.${CLAMD_SERVICE}"
start () {
echo -n $"Starting $prog: "
daemon --pidfile=${CLAMD_PIDFILE} \
exec -a $procname /usr/sbin/clamd \
${CLAMD_CONFIGFILE:+-c $CLAMD_CONFIGFILE} ${CLAMD_OPTIONS} --pid ${CLAMD_PIDFILE}
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch $lockfile
return $RETVAL
}
stop () {
echo -n $"Stopping $prog: "
killproc -p ${CLAMD_PIDFILE} $procname
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f $lockfile
return $RETVAL
}
reload() {
rc=0
echo -n $"Reloading $prog: "
killproc -p ${CLAMD_PIDFILE} $procname -HUP || rc=$?
echo
echo -n $"Loading new virus-database: "
killproc -p ${CLAMD_PIDFILE} $procname -USR2 || rc=$?
echo
return $rc
}
restart () {
stop
start
}
# See how we were called.
case "$1" in
start|stop|restart|reload)
$1 ;;
status)
status -p ${CLAMD_PIDFILE} $procname ;;
condrestart)
test ! -f $lockfile || restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|reload|condrestart}"
exit 2
esac

7
clamd.SERVICE.init Normal file
View File

@ -0,0 +1,7 @@
#!/bin/bash
#
# chkconfig: - 75 35
# description: The clamd server running for <SERVICE>
CLAMD_SERVICE=<SERVICE>
. /usr/share/clamav/clamd-wrapper

9
clamd.logrotate Normal file
View File

@ -0,0 +1,9 @@
/var/log/clamd.<SERVICE> {
monthly
notifempty
missingok
postrotate
pkill -u <USER> -HUP -f '/usr/sbin/clamd -c /etc/clamd.d/<SERVICE>.conf >/dev/null 2>&1 || :
endscript
}

14
clamd.scan.upstart Normal file
View File

@ -0,0 +1,14 @@
### !!! Uncomment only *one* of the 'start on' statements !!!
### Uncomment this line when you want clamd.scan to be a scanner for a
### locally running clamav-milter
#start on starting clamav-milter
### Uncomment this line when you want clamd.scan to be a generic
### scanner service
#start on runlevel [345] and starting local
stop on runlevel [!345]
respawn
exec /usr/sbin/clamd -c /etc/clamd.d/scan.conf --foreground=yes

3
clamd.sysconfig Normal file
View File

@ -0,0 +1,3 @@
#CLAMD_CONFIGFILE=/etc/clamd.d/<SERVICE>.conf
#CLAMD_SOCKET=/var/run/clamd.<SERVICE>/clamd.sock
#CLAMD_OPTIONS=

12
clamd@.service Normal file
View File

@ -0,0 +1,12 @@
[Unit]
Description = clamd scanner (%i) daemon
Documentation=man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/
# Check for database existence
# ConditionPathExistsGlob=@DBDIR@/main.{c[vl]d,inc}
# ConditionPathExistsGlob=@DBDIR@/daily.{c[vl]d,inc}
After = syslog.target nss-lookup.target network.target
[Service]
Type = forking
ExecStart = /usr/sbin/clamd -c /etc/clamd.d/%i.conf
Restart = on-failure

7
clamd@scan.service Normal file
View File

@ -0,0 +1,7 @@
.include /lib/systemd/system/clamd@.service
[Unit]
Description = Generic clamav scanner daemon
[Install]
WantedBy = multi-user.target

BIN
daily-25550.cvd Normal file
View File

Binary file not shown.

52
freshclam-sleep Executable file
View File

@ -0,0 +1,52 @@
#! /bin/bash
# Copyright (C) 2005 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
FRESHCLAM_MOD=$[ 3*60 ] # 3 hours
f=/etc/sysconfig/freshclam
test ! -e "$f" || . "$f"
case x"$1" in
(xnow) FRESHCLAM_DELAY=0;;
(x|xrandom) : ${FRESHCLAM_DELAY:=$[ 0x`hostid` ]};;
(*) FRESHCLAM_DELAY=$1;;
esac
set -e
case $FRESHCLAM_DELAY in
(disabled-warn)
echo $"\
WARNING: update of clamav database is disabled; please see
'$f'
for information how to enable the periodic update resp. how to turn
off this message." >&2
exit 1
;;
(disabled)
exit 0
;;
(*)
let FRESHCLAM_MOD*=60
sleep $[ (FRESHCLAM_DELAY % FRESHCLAM_MOD + FRESHCLAM_MOD) % FRESHCLAM_MOD ]
;;
esac
/usr/bin/freshclam --quiet

18
freshclam.sysconfig Normal file
View File

@ -0,0 +1,18 @@
## When changing the periodicity of freshclam runs in the crontab,
## this value must be adjusted also. Its value is the timespan between
## two subsequent freshclam runs in minutes. E.g. for the default
##
## | 0 */3 * * * ...
##
## crontab line, the value is 180 (minutes).
# FRESHCLAM_MOD=
## A predefined value for the delay in seconds. By default, the value is
## calculated by the 'hostid' program. This predefined value guarantees
## constant timespans of 3 hours between two subsequent freshclam runs.
##
## This option accepts two special values:
## 'disabled-warn' ... disables the automatic freshclam update and
## gives out a warning
## 'disabled' ... disables the automatic freshclam silently
# FRESHCLAM_DELAY=

12
llvm-glibc.patch Normal file
View File

@ -0,0 +1,12 @@
Index: clamav-0.97.3/libclamav/c++/llvm/lib/ExecutionEngine/JIT/Intercept.cpp
===================================================================
--- clamav-0.97.3.orig/libclamav/c++/llvm/lib/ExecutionEngine/JIT/Intercept.cpp
+++ clamav-0.97.3/libclamav/c++/llvm/lib/ExecutionEngine/JIT/Intercept.cpp
@@ -52,6 +52,7 @@ static void runAtExitHandlers() {
#include <sys/stat.h>
#endif
#include <fcntl.h>
+#include <unistd.h>
/* stat functions are redirecting to __xstat with a version number. On x86-64
* linking with libc_nonshared.a and -Wl,--export-dynamic doesn't make 'stat'
* available as an exported symbol, so we have to add it explicitly.

BIN
main-58.cvd Normal file
View File

Binary file not shown.