diff --git a/README.md b/README.md index c3aa87a..afe1f39 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,6 @@ # clamav +Clam AntiVirus is a GPL anti-virus toolkit for UNIX. +The main purpose of this software is the integration with mail servers (attachment scanning). +This package provides a command line scanner, and a tool for automatic updating via Internet. + diff --git a/clamav-0.98-config.patch b/clamav-0.98-config.patch new file mode 100644 index 0000000..f13d153 --- /dev/null +++ b/clamav-0.98-config.patch @@ -0,0 +1,88 @@ +diff -Nru clamav-0.94.2.orig/etc/clamd.conf clamav-0.94.2/etc/clamd.conf +--- clamav/etc/clamd.conf.sample.orig 2010-04-27 16:37:30.000000000 +0200 ++++ clamav/etc/clamd.conf.sample 2010-05-30 15:43:12.389016952 +0200 +@@ -4,14 +4,12 @@ + ## + + +-# Comment or remove the line below. +-Example + + # Uncomment this option to enable logging. + # LogFile must be writable for the user running daemon. + # A full path is required. + # Default: disabled +-#LogFile /tmp/clamd.log ++#LogFile /var/log/clamav/clamd.log + + # By default the log file is locked for writing - the lock protects against + # running clamd multiple times (if want to run another clamd, please +@@ -27,11 +25,11 @@ + # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size + # in bytes just don't use modifiers. + # Default: 1M +-#LogFileMaxSize 2M ++LogFileMaxSize 0 + + # Log time with each message. + # Default: no +-#LogTime yes ++LogTime yes + + # Also log clean files. Useful in debugging but drastically increases the + # log size. +@@ -54,7 +52,7 @@ + # This option allows you to save a process identifier of the listening + # daemon (main thread). + # Default: disabled +-#PidFile /var/run/clamd.pid ++PidFile /var/run/clamav/clamd.pid + + # Optional path to the global temporary directory. + # Default: system specific (usually /tmp or /var/tmp). +@@ -73,7 +71,7 @@ + + # Path to a local socket file the daemon will listen on. + # Default: disabled (must be specified by a user) +-#LocalSocket /tmp/clamd.socket ++LocalSocket /var/run/clamav/clamd.socket + + # Sets the group ownership on the unix socket. + # Default: disabled (the primary group of the user running clamd) +@@ -119,7 +117,7 @@ + + # Maximum number of threads running at the same time. + # Default: 10 +-#MaxThreads 20 ++#MaxThreads 10 + + # Waiting for data from a client socket will timeout after this time (seconds). + # Value of 0 disables the timeout. +@@ -162,11 +160,11 @@ + + # Follow directory symlinks. + # Default: no +-#FollowDirectorySymlinks yes ++FollowDirectorySymlinks yes + + # Follow regular file symlinks. + # Default: no +-#FollowFileSymlinks yes ++FollowFileSymlinks yes + + # Scan files and directories on other filesystems. + # Default: yes +@@ -183,11 +181,11 @@ + + # Run as another user (clamd must be started by root for this option to work) + # Default: don't drop privileges +-#User clamav ++User clamav + + # Initialize supplementary group access (clamd must be started by root). + # Default: no +-#AllowSupplementaryGroups no ++AllowSupplementaryGroups yes + + # Stop daemon when libclamav reports out of memory condition. + #ExitOnOOM yes diff --git a/clamav-0.98-freshclam_config.patch b/clamav-0.98-freshclam_config.patch new file mode 100644 index 0000000..58f9236 --- /dev/null +++ b/clamav-0.98-freshclam_config.patch @@ -0,0 +1,32 @@ +diff -ru clamav-0.95.2.orig/etc/freshclam.conf clamav-0.95.2/etc/freshclam.conf +--- clamav-0.95.2.orig/etc/freshclam.conf.sample 2009-07-06 20:52:29.000000000 +0200 ++++ clamav-0.95.2/etc/freshclam.conf.sample 2009-07-06 20:54:18.000000000 +0200 +@@ -5,16 +5,16 @@ + + + # Comment or remove the line below. +-Example ++#Example + + # Path to the database directory. + # WARNING: It must match clamd.conf's directive! + # Default: hardcoded (depends on installation options) +-#DatabaseDirectory /var/lib/clamav ++DatabaseDirectory /var/lib/clamav + + # Path to the log file (make sure it has proper permissions) + # Default: disabled +-#UpdateLogFile /var/log/freshclam.log ++UpdateLogFile /var/log/clamav/freshclam.log + + # Maximum size of the log file. + # Value of 0 disables the limit. +@@ -52,7 +52,7 @@ + + # Initialize supplementary group access (freshclam must be started by root). + # Default: no +-#AllowSupplementaryGroups yes ++AllowSupplementaryGroups yes + + # Use DNS to verify virus database version. Freshclam uses DNS TXT records + # to verify database and software versions. With this directive you can change diff --git a/clamav-clamd.initscript b/clamav-clamd.initscript new file mode 100644 index 0000000..0546dc9 --- /dev/null +++ b/clamav-clamd.initscript @@ -0,0 +1,71 @@ +#!/bin/bash +# +# clamd -- startup script for the Clam AntiVirus Daemon +# +# chkconfig: 2345 79 30 +# description: Clam AntiVirus Daemon is a TCP/IP or unix domain +# socket protocol server. +# processname: clamd +# pidfile: /var/run/clamav/clamd.pid +# config: /etc/clamd.conf + +# Source function library. +. /etc/rc.d/init.d/functions + +NAME=clamd +DAEMON=/usr/sbin/$NAME +DAEMONPID=/var/run/clamav/$NAME.pid +DAEMONCONF=/etc/clamd.conf +OPTIONS="-c $DAEMONCONF" + +[ -x $DAEMON ] || exit 0 + +# Source networking configuration. +[ -r /etc/sysconfig/network ] && . /etc/sysconfig/network + +[ -r /etc/sysconfig/$NAME ] && . /etc/sysconfig/$NAME + +# check if the clamv conf file is present +[ -r "$DAEMONCONF" ] || exit 0 + +USER=`grep '^User' $DAEMONCONF | awk '{ print $2}'` +LOGFILE=`grep '^LogFile ' $DAEMONCONF | awk '{ print $2}'` + +case "$1" in + start) + echo -n $"Starting Clam AntiVirus Daemon: " + if [ "${LOGFILE}" ]; then + touch ${LOGFILE} + chown ${USER}:${USER} ${LOGFILE} + fi + daemon --pidfile=$DAEMONPID $DAEMON $OPTIONS + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$NAME + ;; + stop) + echo -n $"Stopping Clam AntiVirus Daemon: " + killproc -p $DAEMONPID $NAME + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$NAME $DAEMONPID + ;; + restart|reload) + $0 stop + sleep 1 + $0 start + ;; + condrestart) + [ -e /var/lock/subsys/$NAME ] && $0 restart + ;; + status) + statusproc $DAEMON + RETVAL=$? + ;; + *) + echo $"Usage: ""/etc/init.d/$NAME {start|stop|status|restart|condrestart}" + exit 1 + ;; +esac + +exit $RETVAL diff --git a/clamav-clamd.logrotate b/clamav-clamd.logrotate new file mode 100644 index 0000000..85ec4e2 --- /dev/null +++ b/clamav-clamd.logrotate @@ -0,0 +1,10 @@ +/var/log/clamav/clamd.log { + weekly + compress + notifempty + missingok + postrotate + /bin/kill -HUP `cat /var/run/clamav/clamd.pid 2>/dev/null` 2>/dev/null || : + endscript +} + diff --git a/clamav-freshclam.initscript b/clamav-freshclam.initscript new file mode 100644 index 0000000..a4a397d --- /dev/null +++ b/clamav-freshclam.initscript @@ -0,0 +1,70 @@ +#!/bin/sh +# +# freshclamd -- startup script for the Clam AntiVirus Database Update Daemon +# +# chkconfig: 2345 80 30 +# description: Clam AntiVirus Database Update Daemon. +# processname: freshclamd +# pidfile: /var/run/clamav/freshclam.pid +# config: /etc/freshclam.conf +# config: /etc/clamd.conf + +# Source function library. +. /etc/rc.d/init.d/functions + +NAME=freshclam +DAEMON=/usr/bin/$NAME +DAEMONPID=/var/run/clamav/$NAME.pid +DAEMONCONF=/etc/freshclam.conf +OPTIONS="--config-file=$DAEMONCONF --quiet --daemon --pid=/var/run/clamav/freshclam.pid" + +CLAMVDCONF=/etc/clamd.conf + +[ -x $DAEMON ] || exit 0 + +# Source networking configuration. +[ -r /etc/sysconfig/network ] && . /etc/sysconfig/network + +[ -r /etc/sysconfig/$NAME ] && . /etc/sysconfig/$NAME + +# check if the clamv conf file is present +[ -r "$DAEMONCONF" ] || exit 0 + +USER=`grep '^User' $CLAMVDCONF | awk '{ print $2}'` +LOGFILE=`grep '^UpdateLogFile ' $DAEMONCONF | awk '{ print $2}'` + +case "$1" in + start) + echo -n $"Starting Clam AntiVirus Update Daemon: " + touch ${LOGFILE}; chown ${USER}:${USER} ${LOGFILE} + daemon --pidfile=$DAEMONPID $DAEMON $OPTIONS + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && touch /var/lock/subsys/$NAME + ;; + stop) + echo -n $"Stopping Clam AntiVirus Update Daemon: " + killproc -p $DAEMONPID $NAME + RETVAL=$? + echo + [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$NAME $DAEMONPID + ;; + restart|reload) + $0 stop + sleep 1 + $0 start + ;; + condrestart) + [ -e /var/lock/subsys/$NAME ] && $0 restart + ;; + status) + statusproc $DAEMON + RETVAL=$? + ;; + *) + echo $"Usage: ""/etc/init.d/$NAME {start|stop|status|restart|condrestart}" + exit 1 + ;; +esac + +exit $RETVAL diff --git a/clamav-freshclam.logrotate b/clamav-freshclam.logrotate new file mode 100644 index 0000000..9b66c84 --- /dev/null +++ b/clamav-freshclam.logrotate @@ -0,0 +1,10 @@ +/var/log/clamav/freshclamd.log { + weekly + compress + notifempty + missingok + postrotate + /bin/kill -HUP `cat /var/run/clamav/freshclamd.pid 2>/dev/null` 2>/dev/null || : + endscript +} + diff --git a/clamav.spec b/clamav.spec new file mode 100644 index 0000000..032632f --- /dev/null +++ b/clamav.spec @@ -0,0 +1,333 @@ +%define clamav_usr %{name} +%define clamav_grp %{name} +%define clamav_uid 65035 +%define clamav_gid 65035 + +%define libname lib%{name} + +Name: clamav +Version: 0.98.3 +Release: 1mamba +Summary: Clam AntiVirus is a GPL anti-virus toolkit for UNIX +Group: Applications/Security +Vendor: openmamba +Distribution: openmamba +Packager: Silvan Calarco +URL: http://www.clamav.net +Source0: http://downloads.sourceforge.net/project/clamav/clamav/%{version}/clamav-%{version}.tar.gz +#Source0: http://downloads.sourceforge.net/sourceforge/clamav/clamav-%{version}.tar.gz +Source1: %{name}-clamd.initscript +Source2: %{name}-clamd.logrotate +Source3: %{name}-freshclam.initscript +Source4: %{name}-freshclam.logrotate +Source5: http://db.local.clamav.net/daily.cvd +Patch: %{name}-0.98-config.patch +Patch1: %{name}-0.98-freshclam_config.patch +License: GPL +## AUTOBUILDREQ-BEGIN +BuildRequires: glibc-devel +BuildRequires: libbzip2-devel +BuildRequires: libgcc +BuildRequires: libltdl-devel +BuildRequires: libncurses-devel +BuildRequires: libstdc++6-devel +BuildRequires: libz-devel +## AUTOBUILDREQ-END +BuildRequires: bash +BuildRequires: ldconfig +BuildRequires: pwdutils +Requires: bzip2 +Requires: gzip +Requires: tar +Requires: unzip +Requires(pre): %{libname} = %{?epoch:%epoch:}%{version}-%{release} +Requires(pre): /usr/sbin/groupadd, /usr/sbin/useradd +BuildRoot: %{_tmppath}/%{name}-%{version}-root + +%description +Clam AntiVirus is a GPL anti-virus toolkit for UNIX. +The main purpose of this software is the integration with mail servers (attachment scanning). +This package provides a command line scanner, and a tool for automatic updating via Internet. + +%package -n clamd +Summary: The Clam AntiVirus Daemon +Group: System/Servers +Requires: %{name} = %{?epoch:%epoch:}%{version}-%{release} + +%description -n clamd +Clam AntiVirus is a GPL anti-virus toolkit for UNIX. +The main purpose of this software is the integration with mail servers (attachment scanning). +This package provides the multi-threaded Clam AntiVirus Daemon. + +%package -n %{libname} +Summary: Shared libraries for %{name} +Group: System/Libraries + +%description -n %{libname} +Clam AntiVirus is a GPL anti-virus toolkit for UNIX. +The main purpose of this software is the integration with mail servers (attachment scanning). +This package contains the shared libraries for %{name}. + +%package -n %{libname}-devel +Summary: Development library and header files for the %{name} library +Group: Development/Libraries +Requires: %{libname} = %{?epoch:%epoch:}%{version}-%{release} + +%description -n %{libname}-devel +Clam AntiVirus is a GPL anti-virus toolkit for UNIX. +The main purpose of this software is the integration with mail servers (attachment scanning). +This package contains the static %{libname} library and its header files. + +%prep +%setup -q +%patch -p1 +%patch1 -p1 +cp %{SOURCE5} database/daily.cvd + +%build +export SENDMAIL="%{_libdir}/sendmail" +%configure --disable-clamav +%make + +%install +[ "%{buildroot}" != / ] && rm -rf %{buildroot} +%makeinstall + +# log files stuff +install -d %{buildroot}%{_var}/log/%{name} +touch %{buildroot}%{_var}/log/%{name}/clamd.log +touch %{buildroot}%{_var}/log/%{name}/freshclam.log + +# pid file stuff +install -d %{buildroot}%{_var}/run/%{name} + +# install needed initscripts and logrotate files +install -D -m755 %{S:1} %{buildroot}%{_initrddir}/clamd +install -D -m644 %{S:2} %{buildroot}%{_sysconfdir}/logrotate.d/clamd +install -D -m755 %{S:3} %{buildroot}%{_initrddir}/freshclam +install -D -m644 %{S:4} %{buildroot}%{_sysconfdir}/logrotate.d/freshclam + +install -d %{buildroot}%{_var}/lib/%{name} + +mv %{buildroot}%{_sysconfdir}/clamd.conf.sample %{buildroot}%{_sysconfdir}/clamd.conf +mv %{buildroot}%{_sysconfdir}/freshclam.conf.sample %{buildroot}%{_sysconfdir}/freshclam.conf + +%clean +[ "%{buildroot}" != / ] && rm -rf %{buildroot} + +%pre +/usr/sbin/groupadd %{clamav_grp} -g %{clamav_gid} &>/dev/null +/usr/sbin/useradd %{clamav_usr} -c "Clam AntiVirus" -s /bin/false \ + -u %{clamav_uid} -g %{clamav_grp} &>/dev/null +exit 0 + +%post +if [ $1 -eq 1 ]; then + # new install + /sbin/chkconfig --add freshclam + /sbin/service freshclam start +fi +if [ $1 -ge 1 ]; then + # remove /0 file created by error in initscript + [ -e /0 ] && rm -f /0 +fi +exit 0 + +%postun +if [ $1 -eq 1 ]; then + # update + /sbin/service freshclam condrestart +fi +exit 0 + +%preun +if [ $1 -eq 0 ]; then + # erase + service freshclam stop + /sbin/chkconfig --del freshclam + /usr/sbin/userdel %{clamav_usr} 2>/dev/null +fi +exit 0 + +%post -n clamd +if [ $1 -eq 1 ]; then + # new install + /sbin/chkconfig --add clamd + /sbin/service freshclam start + #[ -x %{_bindir}/freshclam ] && %{_bindir}/freshclam + sleep 5 + /sbin/service clamd start +fi +exit 0 + +%postun -n clamd +if [ $1 -eq 1 ]; then + # update + /sbin/service clamd condrestart +fi +exit 0 + +%preun -n clamd +if [ $1 -eq 0 ]; then + # erase + /sbin/service clamd stop + /sbin/chkconfig --del clamd +fi +exit 0 + +%post -n %{libname} -p /sbin/ldconfig +%postun -n %{libname} -p /sbin/ldconfig + +%files +%defattr(-,root,root) +%{_bindir}/clambc +%{_bindir}/clamconf +%{_bindir}/clamdscan +%{_bindir}/clamscan +%{_bindir}/clamsubmit +%{_bindir}/freshclam +%{_bindir}/sigtool +#%{_datadir}/clamav/*.cvd +%{_initrddir}/freshclam +%config(noreplace) %{_sysconfdir}/clamd.conf +%config(noreplace) %{_sysconfdir}/freshclam.conf +%config(noreplace) %{_sysconfdir}/logrotate.d/freshclam +%dir %attr(0750,%{clamav_usr},%{clamav_grp}) %{_var}/lib/%{name} +#%ghost %{_var}/lib/%{name}/daily.cvd +#%ghost %{_var}/lib/%{name}/mani.cvd +%dir %attr(0755,%{clamav_usr},%{clamav_grp}) %{_var}/log/%{name} +%dir %attr(0755,%{clamav_usr},%{clamav_grp}) %{_var}/run/%{name} +%ghost %attr(0644,%{clamav_usr},%{clamav_grp}) %{_var}/log/%{name}/freshclam.log +%{_mandir}/man1/clamconf.* +%{_mandir}/man1/clamdscan.* +%{_mandir}/man1/clamscan.* +%{_mandir}/man1/clamsubmit.1* +%{_mandir}/man1/clambc.1.gz +%{_mandir}/man1/freshclam.* +%{_mandir}/man1/sigtool.* +%{_mandir}/man5/clamav-milter.conf.* +%{_mandir}/man5/clamd.conf.* +%{_mandir}/man5/freshclam.conf.* +%{_mandir}/man8/clamav-milter.* +%doc AUTHORS COPYING + +%files -n clamd +%defattr(-,root,root) +%{_sbindir}/clamd +%{_bindir}/clamdtop +%{_initrddir}/clamd +%config(noreplace) %{_sysconfdir}/logrotate.d/clamd +%ghost %attr(0644,%{clamav_usr},%{clamav_grp}) %{_var}/log/%{name}/clamd.log +%{_mandir}/man1/clamdtop.* +%{_mandir}/man8/clamd.* + +%files -n %{libname} +%defattr(-,root,root) +%{_libdir}/*.so.* + +%files -n %{libname}-devel +%defattr(-,root,root) +%{_bindir}/clamav-config +%{_includedir}/*.h +#%{_libdir}/*.a +%{_libdir}/*.la +%{_libdir}/*.so +%{_libdir}/pkgconfig/*.pc +%doc BUGS ChangeLog NEWS README + +%changelog +* Sun May 11 2014 Automatic Build System 0.98.3-1mamba +- automatic version update by autodist + +* Wed Jan 15 2014 Automatic Build System 0.98.1-1mamba +- automatic version update by autodist + +* Wed Oct 30 2013 Silvan Calarco 0.98-2mamba +- initscript: fix to avoid creating a /0 file in root directory + +* Fri Sep 27 2013 Automatic Build System 0.98-1mamba +- automatic version update by autodist + +* Wed Apr 24 2013 Automatic Build System 0.97.8-1mamba +- automatic version update by autodist + +* Sat Apr 13 2013 Silvan Calarco 0.97.7-2mamba +- freshclam initscript: fix pidfile argument for systemd to correctly detect it is running + +* Thu Mar 14 2013 Automatic Build System 0.97.7-1mamba +- automatic version update by autodist + +* Fri Oct 12 2012 Automatic Build System 0.97.6-1mamba +- automatic version update by autodist + +* Mon Aug 13 2012 Automatic Build System 0.97.5-1mamba +- automatic version update by autodist + +* Mon May 14 2012 Ercole 'ercolinux' Carpanetto 0.97.4-1mamba +- update to 0.97.4 + +* Thu Apr 28 2011 Silvan Calarco 0.97-1mamba +- update to 0.97 + +* Tue Dec 07 2010 Silvan Calarco 0.96.5-1mamba +- update to 0.96.5 + +* Wed Jun 02 2010 Automatic Build System 0.96.1-1mamba +- automatic update by autodist + +* Mon Jul 06 2009 Silvan Calarco 0.95.2-1mamba +- update to 0.95.2 + +* Thu Jan 29 2009 Silvan Calarco 0.94.2-2mamba +- added patch for freshclam.conf to fix initscript startup + +* Mon Dec 22 2008 Silvan Calarco 0.94.2-1mamba +- automatic update by autodist + +* Sat Jul 12 2008 Silvan Calarco 0.93.3-2mamba +- clamav: added PreReq for libclamav to fix freshclam restart on upgrade + +* Sat Jul 12 2008 gil 0.93.3-1mamba +- update to 0.93.3 + +* Mon Feb 11 2008 Silvan Calarco 0.92-1mamba +- update to 0.92 + +* Tue May 08 2007 Aleph0 0.90.2-1mamba +- update to 0.90.2 +- fixes the security issues: CVE-2007-0897, CVE-2007-0898, and CVE-2007-1997 +- update configuration file patch +- update initscripts + +* Wed Oct 18 2006 Davide Madrisan 0.88.5-2qilnx +- fixed static requirements for clamd and libclamv-devel packages + +* Wed Oct 18 2006 Davide Madrisan 0.88.5-1qilnx +- update to version 0.88.5 by autospec + +* Wed Aug 30 2006 Davide Madrisan 0.88.4-1qilnx +- update to version 0.88.4 by autospec +- also fixes a security flaw (bugtraq#221) + +* Tue May 09 2006 Davide Madrisan 0.88.2-1qilnx +- update to version 0.88.2 by autospec + +* Mon Apr 10 2006 Davide Madrisan 0.88.1-1qilnx +- update to version 0.88.1 by autospec +- this version fixes the vulnerabilities CVE-2006-16[14,15,30] and other bugs + +* Mon Jan 16 2006 Davide Madrisan 0.88-1qilnx +- update to version 0.88 by autospec +- also fixes CVE-2006-0162 (qibug#110) + +* Mon Nov 07 2005 Davide Madrisan 0.87.1-1qilnx +- update to version 0.87.1 by autospec +- this release fixes two security issues discovered by iDEFENSE (see bug#64) + +* Tue Sep 27 2005 Davide Madrisan 0.87-2qilnx +- fixed %%preun scriptlet for clamd +- %%post scriptlet: run freshclam +- initscripts updated + +* Fri Sep 23 2005 Davide Madrisan 0.87-1qilnx +- package created by autospec diff --git a/daily.cvd b/daily.cvd new file mode 100644 index 0000000..0d31d3b Binary files /dev/null and b/daily.cvd differ