Browse Source

Merge pull request #14441 from flyn-org/clamav

clamav: allow configuring clamd to use TCP socket
lilik-openwrt-22.03
Hannu Nyman 4 years ago
committed by GitHub
parent
commit
006baf7baf
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 144 additions and 3 deletions
  1. +4
    -1
      net/clamav/Makefile
  2. +26
    -0
      net/clamav/files/clamav-milter.config
  3. +100
    -0
      net/clamav/files/clamav-milter.init
  4. +3
    -1
      net/clamav/files/clamav.config
  5. +11
    -1
      net/clamav/files/clamav.init

+ 4
- 1
net/clamav/Makefile View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=clamav PKG_NAME:=clamav
PKG_VERSION:=0.102.4 PKG_VERSION:=0.102.4
PKG_RELEASE:=1
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://www.clamav.net/downloads/production/ PKG_SOURCE_URL:=https://www.clamav.net/downloads/production/
@ -88,6 +88,7 @@ TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed $(if $(CONFIG_USE_MUSL),-lfts)
define Package/clamav/conffiles define Package/clamav/conffiles
/etc/config/clamav /etc/config/clamav
/etc/config/clamav-milter
endef endef
define Package/clamav/install define Package/clamav/install
@ -106,9 +107,11 @@ define Package/clamav/install
$(INSTALL_DIR) $(1)/etc/config $(INSTALL_DIR) $(1)/etc/config
$(INSTALL_CONF) ./files/clamav.config $(1)/etc/config/clamav $(INSTALL_CONF) ./files/clamav.config $(1)/etc/config/clamav
$(INSTALL_CONF) ./files/clamav-milter.config $(1)/etc/config/clamav-milter
$(INSTALL_DIR) $(1)/etc/init.d/ $(INSTALL_DIR) $(1)/etc/init.d/
$(INSTALL_BIN) ./files/clamav.init $(1)/etc/init.d/clamav $(INSTALL_BIN) ./files/clamav.init $(1)/etc/init.d/clamav
$(INSTALL_BIN) ./files/clamav-milter.init $(1)/etc/init.d/clamav-milter
$(INSTALL_DIR) $(1)/usr/share/clamav $(INSTALL_DIR) $(1)/usr/share/clamav
$(CP) ./files/bytecode.cvd $(1)/usr/share/clamav/ $(CP) ./files/bytecode.cvd $(1)/usr/share/clamav/


+ 26
- 0
net/clamav/files/clamav-milter.config View File

@ -0,0 +1,26 @@
config clamav-milter 'clamav-milter'
option clamav_milter_config_file '/etc/clamav/clamav-milter.conf'
option Foreground 'true'
option PidFile '/var/run/clamav/clamav-milter.pid'
option User 'nobody'
option MilterSocketGroup 'nogroup'
option AllowSupplementaryGroups 'true'
option ReadTimeout '120'
option OnClean 'Accept'
option OnInfected 'Quarantine'
option OnFail 'Defer'
option AddHeader 'Replace'
option LogVerbose 'true'
option LogTime 'true'
option LogSyslog 'true'
option LogFacility 'LOG_LOCAL6'
option LogInfected 'Full'
option LogClean 'Basic'
option MaxFileSize '25M'
option SupportMultipleRecipients 'true'
option RejectMsg 'Rejecting Harmful Email: %v found.'
option TemporaryDirectory '/tmp'
option MilterSocket 'unix:/var/run/clamav/clamav-milter.sock'
option MilterSocketMode '666'
option ClamdSocket 'tcp:127.0.0.1:3310'
option FixStaleSocket 'true'

+ 100
- 0
net/clamav/files/clamav-milter.init View File

@ -0,0 +1,100 @@
#!/bin/sh /etc/rc.common
# Copyright (C) 2015 OpenWrt.org
START=90
STOP=10
USE_PROCD=1
PROG=/usr/sbin/clamav-milter
CLAMAV_MILTER_CONFIGFILE="/tmp/clamav/clamav-milter.conf"
validate_clamav_milter_section() {
uci_load_validate clamav-milter clamav_milter "$1" "$2" \
'clamav_milter_config_file:string' \
'Foreground:string' \
'PidFile:string' \
'User:string' \
'MilterSocketGroup:string' \
'AllowSupplementaryGroups:string' \
'ReadTimeout:uinteger' \
'OnClean:string' \
'OnInfected:string' \
'OnFail:string' \
'AddHeader:string' \
'LogVerbose:string' \
'LogTime:string' \
'LogSyslog:string' \
'LogFacility:string' \
'LogInfected:string' \
'LogClean:string' \
'MaxFileSize:string' \
'SupportMultipleRecipients:string' \
'RejectMsg:string' \
'TemporaryDirectory:string' \
'MilterSocket:string' \
'MilterSocketMode:uinteger' \
'ClamdSocket:string' \
'FixStaleSocket:string'
}
start_clamav_milter_instance() {
[ "$2" = 0 ] || {
echo "validation failed"
return 1
}
mkdir -p /etc/clamav/
mkdir -p /var/run/clamav/
chmod a+rw /var/run/clamav
mkdir -p "$(dirname $CLAMAV_MILTER_CONFIGFILE)"
ln -sf "$clamav_milter_config_file" "$CLAMAV_MILTER_CONFIGFILE"
{
echo "Foreground " "$Foreground"
echo "PidFile " "$PidFile"
echo "User " "$User"
echo "MilterSocketGroup " "$MilterSocketGroup"
echo "AllowSupplementaryGroups " "$AllowSupplementaryGroups"
echo "ReadTimeout " "$ReadTimeout"
echo "OnClean " "$OnClean"
echo "OnInfected " "$OnInfected"
echo "OnFail " "$OnFail"
echo "AddHeader " "$AddHeader"
echo "LogVerbose " "$LogVerbose"
echo "LogTime " "$LogTime"
echo "LogSyslog " "$LogSyslog"
echo "LogFacility " "$LogFacility"
echo "LogInfected " "$LogInfected"
echo "LogClean " "$LogClean"
echo "MaxFileSize " "$MaxFileSize"
echo "SupportMultipleRecipients " "$SupportMultipleRecipients"
echo "RejectMsg " "$RejectMsg"
echo "TemporaryDirectory " "$TemporaryDirectory"
echo "MilterSocket " "$MilterSocket"
echo "MilterSocketMode " "$MilterSocketMode"
echo "ClamdSocket " "$ClamdSocket"
echo "FixStaleSocket " "$FixStaleSocket"
} > "$CLAMAV_MILTER_CONFIGFILE"
procd_open_instance
procd_set_param command $PROG -c $CLAMAV_MILTER_CONFIGFILE
procd_set_param file $CLAMAV_MILTER_CONFIGFILE
procd_close_instance
}
start_service()
{
validate_clamav_milter_section clamav_milter start_clamav_milter_instance
}
stop_service()
{
service_stop $PROG
}
service_triggers()
{
procd_add_reload_trigger "clamav-milter"
procd_add_validation validate_clamav_milter_section
}

+ 3
- 1
net/clamav/files/clamav.config View File

@ -29,7 +29,9 @@ config clamav 'clamav'
option AlertEncrypted 'yes' option AlertEncrypted 'yes'
option MaxFileSize '10M' option MaxFileSize '10M'
option TemporaryDirectory '/tmp' option TemporaryDirectory '/tmp'
option LocalSocket '/var/run/clamav/clamd.sock'
# option LocalSocket '/var/run/clamav/clamd.sock'
option TCPAddr '127.0.0.1'
option TCPSocket '3310'
option User 'nobody' option User 'nobody'
option ExitOnOOM 'yes' option ExitOnOOM 'yes'
option DatabaseDirectory '/usr/share/clamav' option DatabaseDirectory '/usr/share/clamav'

+ 11
- 1
net/clamav/files/clamav.init View File

@ -41,6 +41,8 @@ validate_clamav_section() {
'AlertEncrypted:string' \ 'AlertEncrypted:string' \
'MaxFileSize:string' \ 'MaxFileSize:string' \
'LocalSocket:string' \ 'LocalSocket:string' \
'TCPSocket:port' \
'TCPAddr:ipaddr' \
'User:string' \ 'User:string' \
'ExitOnOOM:string' \ 'ExitOnOOM:string' \
'DatabaseDirectory:string' 'DatabaseDirectory:string'
@ -90,12 +92,20 @@ start_clamav_instance() {
echo "TemporaryDirectory " "$TemporaryDirectory" echo "TemporaryDirectory " "$TemporaryDirectory"
echo "AlertEncrypted " "$AlertEncrypted" echo "AlertEncrypted " "$AlertEncrypted"
echo "MaxFileSize " "$MaxFileSize" echo "MaxFileSize " "$MaxFileSize"
echo "LocalSocket " "$LocalSocket"
echo "User " "$User" echo "User " "$User"
echo "ExitOnOOM " "$ExitOnOOM" echo "ExitOnOOM " "$ExitOnOOM"
echo "DatabaseDirectory " "$DatabaseDirectory" echo "DatabaseDirectory " "$DatabaseDirectory"
} > "$CLAMD_CONFIGFILE" } > "$CLAMD_CONFIGFILE"
if [ -n "$LocalSocket" ]; then
echo "LocalSocket " "$LocalSocket" >>"$CLAMD_CONFIGFILE"
fi
if [ -n "$TCPSocket" ]; then
echo "TCPAddr" "$TCPAddr" >>"$CLAMD_CONFIGFILE"
echo "TCPSocket " "$TCPSocket" >>"$CLAMD_CONFIGFILE"
fi
procd_open_instance procd_open_instance
procd_set_param command $PROG -c $CLAMD_CONFIGFILE procd_set_param command $PROG -c $CLAMD_CONFIGFILE
procd_set_param file $CLAMD_CONFIGFILE procd_set_param file $CLAMD_CONFIGFILE


Loading…
Cancel
Save