From 354283bcbf8e46eca1cb9f3cd70e28aa4d577dfd Mon Sep 17 00:00:00 2001 From: Jose V Beneyto Date: Sat, 23 Jan 2010 03:27:17 +0100 Subject: [PATCH] clamav: initial import (verified compilation) --- clamav/.footprint | 60 ++++++++ clamav/.md5sum | 5 + clamav/Pkgfile | 34 +++++ clamav/README | 8 ++ clamav/clamd | 23 +++ clamav/clamd.conf | 316 ++++++++++++++++++++++++++++++++++++++++++ clamav/freshclam | 24 ++++ clamav/freshclam.conf | 100 +++++++++++++ 8 files changed, 570 insertions(+) create mode 100644 clamav/.footprint create mode 100644 clamav/.md5sum create mode 100644 clamav/Pkgfile create mode 100644 clamav/README create mode 100644 clamav/clamd create mode 100644 clamav/clamd.conf create mode 100644 clamav/freshclam create mode 100644 clamav/freshclam.conf diff --git a/clamav/.footprint b/clamav/.footprint new file mode 100644 index 0000000..53595ba --- /dev/null +++ b/clamav/.footprint @@ -0,0 +1,60 @@ +drwxr-xr-x root/root etc/ +-rw-r--r-- root/root etc/clamd.conf +-rw-r--r-- root/root etc/freshclam.conf +drwxr-xr-x root/root etc/rc.d/ +-rwxr-xr-x root/root etc/rc.d/clamd +-rwxr-xr-x root/root etc/rc.d/freshclam +drwxr-xr-x root/root usr/ +drwxr-xr-x root/root usr/bin/ +-rwxr-xr-x root/root usr/bin/clamav-config +-rwxr-xr-x root/root usr/bin/clamconf +-rwxr-xr-x root/root usr/bin/clamdscan +-rwxr-xr-x root/root usr/bin/clamdtop +-rwxr-xr-x root/root usr/bin/clamscan +-rwxr-xr-x root/root usr/bin/freshclam +-rwxr-xr-x root/root usr/bin/sigtool +drwxr-xr-x root/root usr/include/ +-rw-r--r-- root/root usr/include/clamav.h +drwxr-xr-x root/root usr/lib/ +-rw-r--r-- root/root usr/lib/libclamav.a +-rwxr-xr-x root/root usr/lib/libclamav.la +lrwxrwxrwx root/root usr/lib/libclamav.so -> libclamav.so.6.0.5 +lrwxrwxrwx root/root usr/lib/libclamav.so.6 -> libclamav.so.6.0.5 +-rwxr-xr-x root/root usr/lib/libclamav.so.6.0.5 +-rw-r--r-- root/root usr/lib/libclamunrar.a +-rwxr-xr-x root/root usr/lib/libclamunrar.la +lrwxrwxrwx root/root usr/lib/libclamunrar.so -> libclamunrar.so.6.0.5 +lrwxrwxrwx root/root usr/lib/libclamunrar.so.6 -> libclamunrar.so.6.0.5 +-rwxr-xr-x root/root usr/lib/libclamunrar.so.6.0.5 +-rw-r--r-- root/root usr/lib/libclamunrar_iface.a +-rwxr-xr-x root/root usr/lib/libclamunrar_iface.la +lrwxrwxrwx root/root usr/lib/libclamunrar_iface.so -> libclamunrar_iface.so.6.0.5 +lrwxrwxrwx root/root usr/lib/libclamunrar_iface.so.6 -> libclamunrar_iface.so.6.0.5 +-rwxr-xr-x root/root usr/lib/libclamunrar_iface.so.6.0.5 +drwxr-xr-x root/root usr/lib/pkgconfig/ +-rw-r--r-- root/root usr/lib/pkgconfig/libclamav.pc +drwxr-xr-x root/root usr/man/ +drwxr-xr-x root/root usr/man/man1/ +-rw-r--r-- root/root usr/man/man1/clamconf.1.gz +-rw-r--r-- root/root usr/man/man1/clamdscan.1.gz +-rw-r--r-- root/root usr/man/man1/clamdtop.1.gz +-rw-r--r-- root/root usr/man/man1/clamscan.1.gz +-rw-r--r-- root/root usr/man/man1/freshclam.1.gz +-rw-r--r-- root/root usr/man/man1/sigtool.1.gz +drwxr-xr-x root/root usr/man/man5/ +-rw-r--r-- root/root usr/man/man5/clamd.conf.5.gz +-rw-r--r-- root/root usr/man/man5/freshclam.conf.5.gz +drwxr-xr-x root/root usr/man/man8/ +-rw-r--r-- root/root usr/man/man8/clamav-milter.8.gz +-rw-r--r-- root/root usr/man/man8/clamd.8.gz +drwxr-xr-x root/root usr/sbin/ +-rwxr-xr-x root/root usr/sbin/clamd +drwxr-xr-x root/root usr/share/ +drwxrwxr-x clamav/clamav usr/share/clamav/ +-rw-rw-r-- clamav/clamav usr/share/clamav/daily.cvd +-rw-rw-r-- clamav/clamav usr/share/clamav/main.cvd +drwxr-xr-x root/root var/ +drwxr-xr-x root/root var/log/ +drwxr-xr-x clamav/clamav var/log/clamav/ +drwxr-xr-x root/root var/run/ +drwxr-xr-x clamav/clamav var/run/clamav/ diff --git a/clamav/.md5sum b/clamav/.md5sum new file mode 100644 index 0000000..6109d1a --- /dev/null +++ b/clamav/.md5sum @@ -0,0 +1,5 @@ +eaf9fccc3cc3567605a9732313652967 clamav-0.95.3.tar.gz +5541cdc8ba10a90822cf5bc7f1f9c7a9 clamd +9d2a838b95ce45afbee5a17d5e61b5cd clamd.conf +c7d815c57b585a63815c1e1d626421fc freshclam +f372aa7d0ace79eb0909dc6aa816aad8 freshclam.conf diff --git a/clamav/Pkgfile b/clamav/Pkgfile new file mode 100644 index 0000000..20ade2e --- /dev/null +++ b/clamav/Pkgfile @@ -0,0 +1,34 @@ +# Description: A GPL virus scanner +# URL: http://www.clamav.net/ +# Maintainer: Matt Housh jaeger at morpheus dot net +# Arch Maintainer: CRUX-ARM System Team, crux-arm at mikeux dot dyndns dot org +# Depends on: zlib bzip2 libgmp curl ncurses + +name=clamav +version=0.95.3 +release=1 +source=(http://dl.sourceforge.net/sourceforge/$name/$name-$version.tar.gz \ + clamd.conf freshclam.conf clamd freshclam) + +build() { + cd $name-$version + + ./configure --build=$CHOST \ + --host=$CTARGET \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/man \ + --enable-id-check \ + --with-libbz2-prefix=$CLFS/usr \ + --with-zlib-prefix=$CLFS/usr \ + --with-libncurses-prefix=$CLFS/usr + + make + make DESTDIR=$PKG install + + mkdir -p $PKG/var/run/$name $PKG/var/log/$name + chown -R $name:$name $PKG/var/run/$name $PKG/var/log/$name + install -o root -g root -m 0644 $SRC/{clamd,freshclam}.conf $PKG/etc/ + install -d $PKG/etc/rc.d + install -o root -g root -m 0755 $SRC/{clamd,freshclam} $PKG/etc/rc.d/ +} diff --git a/clamav/README b/clamav/README new file mode 100644 index 0000000..a8ee93e --- /dev/null +++ b/clamav/README @@ -0,0 +1,8 @@ + +README for clamav + + +PRE-INSTALL + + # /usr/sbin/groupadd clamav + # /usr/sbin/useradd -g clamav -d /var/empty -s /bin/false clamav diff --git a/clamav/clamd b/clamav/clamd new file mode 100644 index 0000000..8934f81 --- /dev/null +++ b/clamav/clamd @@ -0,0 +1,23 @@ +#!/bin/sh +# +# /etc/rc.d/clamd: start/stop clam antivirus daemon +# + +case $1 in +start) + /usr/sbin/clamd + ;; +stop) + killall -q /usr/sbin/clamd + ;; +restart) + $0 stop + sleep 2 + $0 start + ;; +*) + echo "Usage: $0 [start|stop|restart]" + ;; +esac + +# End of file diff --git a/clamav/clamd.conf b/clamav/clamd.conf new file mode 100644 index 0000000..00abbb5 --- /dev/null +++ b/clamav/clamd.conf @@ -0,0 +1,316 @@ +## +## Example config file for the Clam AV daemon +## Please read the clamd.conf(5) manual before editing this file. +## + + +# Uncomment this option to enable logging. +# LogFile must be writable for the user running daemon. +# A full path is required. +# Default: disabled +LogFile /var/log/clamav/clamd.log + +# By default the log file is locked for writing - the lock protects against +# running clamd multiple times (if want to run another clamd, please +# copy the configuration file, change the LogFile variable, and run +# the daemon with --config-file option). +# This option disables log file locking. +# Default: no +#LogFileUnlock yes + +# Maximal size of the log file. +# Value of 0 disables the limit. +# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) +# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size +# in bytes just don't use modifiers. +# Default: 1M +#LogFileMaxSize 2M + +# Log time with each message. +# Default: no +LogTime yes + +# Also log clean files. Useful in debugging but drastically increases the +# log size. +# Default: no +#LogClean yes + +# Use system logger (can work together with LogFile). +# Default: no +#LogSyslog yes + +# Specify the type of syslog messages - please refer to 'man syslog' +# for facility names. +# Default: LOG_LOCAL6 +#LogFacility LOG_MAIL + +# Enable verbose logging. +# Default: no +#LogVerbose yes + +# This option allows you to save a process identifier of the listening +# daemon (main thread). +# Default: disabled +PidFile /var/run/clamav/clamd.pid + +# Optional path to the global temporary directory. +# Default: system specific (usually /tmp or /var/tmp). +#TemporaryDirectory /var/tmp + +# Path to the database directory. +# Default: hardcoded (depends on installation options) +#DatabaseDirectory /var/lib/clamav + +# The daemon works in a local OR a network mode. Due to security reasons we +# recommend the local mode. + +# Path to a local socket file the daemon will listen on. +# Default: disabled (must be specified by a user) +LocalSocket /var/run/clamav/clamd.sock + +# Remove stale socket after unclean shutdown. +# Default: no +FixStaleSocket yes + +# TCP port address. +# Default: no +#TCPSocket 3310 + +# TCP address. +# By default we bind to INADDR_ANY, probably not wise. +# Enable the following to provide some degree of protection +# from the outside world. +# Default: no +#TCPAddr 127.0.0.1 + +# Maximum length the queue of pending connections may grow to. +# Default: 15 +#MaxConnectionQueueLength 30 + +# Clamd uses FTP-like protocol to receive data from remote clients. +# If you are using clamav-milter to balance load between remote clamd daemons +# on firewall servers you may need to tune the options below. + +# Close the connection when the data size limit is exceeded. +# The value should match your MTA's limit for a maximal attachment size. +# Default: 10M +#StreamMaxLength 20M + +# Limit port range. +# Default: 1024 +#StreamMinPort 30000 +# Default: 2048 +#StreamMaxPort 32000 + +# Maximal number of threads running at the same time. +# Default: 10 +#MaxThreads 20 + +# Waiting for data from a client socket will timeout after this time (seconds). +# Value of 0 disables the timeout. +# Default: 120 +#ReadTimeout 300 + +# Waiting for a new job will timeout after this time (seconds). +# Default: 30 +#IdleTimeout 60 + +# Maximal depth directories are scanned at. +# Default: 15 +#MaxDirectoryRecursion 20 + +# Follow directory symlinks. +# Default: no +#FollowDirectorySymlinks yes + +# Follow regular file symlinks. +# Default: no +#FollowFileSymlinks yes + +# Perform internal sanity check (database integrity and freshness). +# Default: 1800 (30 min) +#SelfCheck 600 + +# Execute a command when virus is found. In the command string %v will +# be replaced by a virus name. +# Default: no +#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v" + +# Run as a selected user (clamd must be started by root). +# Default: don't drop privileges +User clamav + +# Initialize supplementary group access (clamd must be started by root). +# Default: no +#AllowSupplementaryGroups no + +# Stop daemon when libclamav reports out of memory condition. +#ExitOnOOM yes + +# Don't fork into background. +# Default: no +#Foreground yes + +# Enable debug messages in libclamav. +# Default: no +#Debug yes + +# Do not remove temporary files (for debug purposes). +# Default: no +#LeaveTemporaryFiles yes + +# In some cases (eg. complex malware, exploits in graphic files, and others), +# ClamAV uses special algorithms to provide accurate detection. This option +# controls the algorithmic detection. +# Default: yes +#AlgorithmicDetection yes + +## +## Executable files +## + +# PE stands for Portable Executable - it's an executable file format used +# in all 32-bit versions of Windows operating systems. This option allows +# ClamAV to perform a deeper analysis of executable files and it's also +# required for decompression of popular executable packers such as UPX, FSG, +# and Petite. +# Default: yes +#ScanPE yes + +# With this option clamav will try to detect broken executables and mark +# them as Broken.Executable +# Default: no +#DetectBrokenExecutables yes + + +## +## Documents +## + +# This option enables scanning of Microsoft Office document macros. +# Default: yes +#ScanOLE2 yes + +## +## Mail files +## + +# Enable internal e-mail scanner. +# Default: yes +#ScanMail yes + +# If an email contains URLs ClamAV can download and scan them. +# WARNING: This option may open your system to a DoS attack. +# Never use it on loaded servers. +# Default: no +#MailFollowURLs no + +# With this option enabled ClamAV will try to detect phishing attempts (using signatures). +# Default: yes +#DetectPhishing yes + +# Use phishing detection for all domains (not just those listed in the .pdb database). +# It is not recommended to turn this option on, it is mean for internal use. +# (available in experimental builds only) +# Default: no +#PhishingStrictURLCheck no + +# Scan urls found in mails for phishing attempts. +# (available in experimental builds only) +# Default: yes +#PhishingScanURLs yes + +## +## HTML +## + +# Perform HTML normalisation and decryption of MS Script Encoder code. +# Default: yes +#ScanHTML yes + + +## +## Archives +## + +# ClamAV can scan within archives and compressed files. +# Default: yes +#ScanArchive yes + +# The options below protect your system against Denial of Service attacks +# using archive bombs. + +# Files in archives larger than this limit won't be scanned. +# Value of 0 disables the limit. +# Default: 10M +#ArchiveMaxFileSize 15M + +# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR +# file, all files within it will also be scanned. This options specifies how +# deep the process should be continued. +# Value of 0 disables the limit. +# Default: 8 +#ArchiveMaxRecursion 10 + +# Number of files to be scanned within an archive. +# Value of 0 disables the limit. +# Default: 1000 +#ArchiveMaxFiles 1500 + +# If a file in an archive is compressed more than ArchiveMaxCompressionRatio +# times it will be marked as a virus (Oversized.ArchiveType, e.g. Oversized.Zip) +# Value of 0 disables the limit. +# Default: 250 +#ArchiveMaxCompressionRatio 300 + +# Use slower but memory efficient decompression algorithm. +# only affects the bzip2 decompressor. +# Default: no +#ArchiveLimitMemoryUsage yes + +# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). +# Default: no +#ArchiveBlockEncrypted no + +# Mark archives as viruses (e.g. RAR.ExceededFileSize, Zip.ExceededFilesLimit) +# if ArchiveMaxFiles, ArchiveMaxFileSize, or ArchiveMaxRecursion limit is +# reached. +# Default: no +#ArchiveBlockMax no + +# Enable support for Sensory Networks' NodalCore hardware accelerator. +# Default: no +#NodalCoreAcceleration yes + + +## +## Clamuko settings +## WARNING: This is experimental software. It is very likely it will hang +## up your system!!! +## + +# Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running. +# Default: no +#ClamukoScanOnAccess yes + +# Set access mask for Clamuko. +# Default: no +#ClamukoScanOnOpen yes +#ClamukoScanOnClose yes +#ClamukoScanOnExec yes + +# Set the include paths (all files in them will be scanned). You can have +# multiple ClamukoIncludePath directives but each directory must be added +# in a seperate line. +# Default: disabled +#ClamukoIncludePath /home +#ClamukoIncludePath /students + +# Set the exclude paths. All subdirectories are also excluded. +# Default: disabled +#ClamukoExcludePath /home/bofh + +# Don't scan files larger than ClamukoMaxFileSize +# Value of 0 disables the limit. +# Default: 5M +#ClamukoMaxFileSize 10M diff --git a/clamav/freshclam b/clamav/freshclam new file mode 100644 index 0000000..5d69514 --- /dev/null +++ b/clamav/freshclam @@ -0,0 +1,24 @@ +#!/bin/sh +# +# /etc/rc.d/freshclam: start/stop the clamav virus database updater +# + +case $1 in +start) + /usr/bin/freshclam --quiet --daemon --checks=1 --daemon-notify \ + --log=/var/log/clamav/freshclam.log + ;; +stop) + killall -q /usr/bin/freshclam + ;; +restart) + $0 stop + sleep 2 + $0 start + ;; +*) + echo "Usage: $0 [start|stop|restart]" + ;; +esac + +# End of file diff --git a/clamav/freshclam.conf b/clamav/freshclam.conf new file mode 100644 index 0000000..faf2a8b --- /dev/null +++ b/clamav/freshclam.conf @@ -0,0 +1,100 @@ +## +## Example config file for freshclam +## Please read the freshclam.conf(5) manual before editing this file. +## This file may be optionally merged with clamd.conf. +## + +# Path to the database directory. +# WARNING: It must match clamd.conf's directive! +# Default: hardcoded (depends on installation options) +#DatabaseDirectory /var/lib/clamav + +# Path to the log file (make sure it has proper permissions) +# Default: disabled +#UpdateLogFile /var/log/freshclam.log + +# Enable verbose logging. +# Default: disabled +#LogVerbose + +# Use system logger (can work together with UpdateLogFile). +# Default: disabled +#LogSyslog + +# Specify the type of syslog messages - please refer to 'man syslog' +# for facility names. +# Default: LOG_LOCAL6 +#LogFacility LOG_MAIL + +# This option allows you to save the process identifier of the daemon +# Default: disabled +PidFile /var/run/clamav/freshclam.pid + +# By default when started freshclam drops privileges and switches to the +# "clamav" user. This directive allows you to change the database owner. +# Default: clamav (may depend on installation options) +DatabaseOwner clamav + +# Initialize supplementary group access (freshclam must be started by root). +# Default: disabled +#AllowSupplementaryGroups + +# Use DNS to verify virus database version. Freshclam uses DNS TXT records +# to verify database and software versions. With this directive you can change +# the database verification domain. +# Default: enabled, pointing to current.cvd.clamav.net +#DNSDatabaseInfo current.cvd.clamav.net + +# Uncomment the following line and replace XY with your country +# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list. +# Default: There is no default, which results in an error when running freshclam +#DatabaseMirror db.XY.clamav.net + +# database.clamav.net is a round-robin record which points to our most +# reliable mirrors. It's used as a fall back in case db.XY.clamav.net is +# not working. DO NOT TOUCH the following line unless you know what you +# are doing. +DatabaseMirror database.clamav.net + +# How many attempts to make before giving up. +# Default: 3 (per mirror) +#MaxAttempts 5 + +# Number of database checks per day. +# Default: 12 (every two hours) +#Checks 24 + +# Proxy settings +# Default: disabled +#HTTPProxyServer myproxy.com +#HTTPProxyPort 1234 +#HTTPProxyUsername myusername +#HTTPProxyPassword mypass + +# Use aaa.bbb.ccc.ddd as client address for downloading databases. Useful for +# multi-homed systems. +# Default: Use OS'es default outgoing IP address. +#LocalIPAddress aaa.bbb.ccc.ddd + +# Send the RELOAD command to clamd. +# Default: disabled +#NotifyClamd +# By default it uses the hardcoded configuration file but you can force an +# another one. +#NotifyClamd /config/file/path + +# Run command after successful database update. +# Default: disabled +#OnUpdateExecute command + +# Run command when database update process fails. +# Default: disabled +#OnErrorExecute command + +# Don't fork into background. +# Default: disabled +#Foreground + +# Enable debug messages in libclamav. +# Default: disabled +#Debug -- 2.26.2