From 8b9fb0d47dbe3761753a21493b737829a96bd146 Mon Sep 17 00:00:00 2001 From: Yalla-One Date: Thu, 13 May 2010 00:39:54 +0200 Subject: [PATCH] system/clamav: Updated for version 0.95.2 --- system/clamav/README | 47 +----- system/clamav/README.SLACKWARE | 48 ++++++ system/clamav/clamav.SlackBuild | 139 +++++++++--------- system/clamav/clamav.info | 10 +- system/clamav/{ => config}/clamd.conf.patch | 13 +- .../clamav/{ => config}/freshclam.conf.patch | 21 +-- system/clamav/{ => config}/rc.clamav | 1 + system/clamav/doinst.sh | 64 +------- system/clamav/slack-desc | 8 +- 9 files changed, 149 insertions(+), 202 deletions(-) create mode 100644 system/clamav/README.SLACKWARE rename system/clamav/{ => config}/clamd.conf.patch (81%) rename system/clamav/{ => config}/freshclam.conf.patch (79%) rename system/clamav/{ => config}/rc.clamav (99%) diff --git a/system/clamav/README b/system/clamav/README index 67a4f9c5a9..22f1a5c71f 100644 --- a/system/clamav/README +++ b/system/clamav/README @@ -10,49 +10,4 @@ argument to the COUNTRY variable when running the build script (this will default to "us" if nothing is specified). For example: COUNTRY=nl ./clamav.SlackBuild -The package contains a start/stop script: /etc/rc.d/rc.clamav. -I would suggest calling this script from /etc/rc.d/rc.M just -before Sendmail is started with code like: - -# Starting ClamAV daemons -if [ -x /etc/rc.d/rc.clamav ]; then - /etc/rc.d/rc.clamav start -fi - -The start/stop script will start: clamd, freshclam and clamav-milter. - -** ClamAV, Amavisd-new and SpamAssassin ** -You might want to use amavisd-new to act as an intermediary between Sendmail -and ClamAV (and possible SpamAssassin too). Amavisd-new can be downloaded at -http://www.ijs.si/software/amavisd/ - -For clamd to be able to scan messages, when called by Amavisd-new, you must -add "clamav" to the "amavis" group (provided that clamd.conf contains the -"User clamav" directive), e.g. run: - - # usermod -G $(id -Gn clamav | tr ' ' ','),amavis clamav - -Be sure to enable "AllowSupplementaryGroups" in clamd.conf and restart clamd. -Also, to enable Amavisd-new to scan ClamAV's log files and produce nice -statistics, the reverse must be done too; add user "amavis" to the group -"clamav" as follows: - - # usermod -G $(id -Gn amavis | tr ' ' ','),clamav amavis - -Add the rc.amavisd script to your /etc/rc.d/rc.M script between the start of -clamav and sendmail, so that the relevant section looks like this: - -# Starting ClamAV daemon: -if [ -x /etc/rc.d/rc.clamav ]; then - /etc/rc.d/rc.clamav start -fi - -# Starting Amavisd daemon: -if [ -x /etc/rc.d/rc.amavisd ]; then - /etc/rc.d/rc.amavisd start -fi - -# Start the sendmail daemon: -if [ -x /etc/rc.d/rc.sendmail ]; then - . /etc/rc.d/rc.sendmail start -fi +See README.SLACKWARE for configuration help. diff --git a/system/clamav/README.SLACKWARE b/system/clamav/README.SLACKWARE new file mode 100644 index 0000000000..12b4a67b24 --- /dev/null +++ b/system/clamav/README.SLACKWARE @@ -0,0 +1,48 @@ +README.SLACKWARE for clamav + +The package contains a start/stop script: /etc/rc.d/rc.clamav. +I would suggest calling this script from /etc/rc.d/rc.M just +before Sendmail is started with code like: + +# Starting ClamAV daemons +if [ -x /etc/rc.d/rc.clamav ]; then + /etc/rc.d/rc.clamav start +fi + +The start/stop script will start: clamd, freshclam and clamav-milter. + +** ClamAV, Amavisd-new and SpamAssassin ** +You might want to use amavisd-new to act as an intermediary between Sendmail +and ClamAV (and possible SpamAssassin too). Amavisd-new can be downloaded at +http://www.ijs.si/software/amavisd/ + +For clamd to be able to scan messages, when called by Amavisd-new, you must +add "clamav" to the "amavis" group (provided that clamd.conf contains the +"User clamav" directive), e.g. run: + + # usermod -G $(id -Gn clamav | tr ' ' ','),amavis clamav + +Be sure to enable "AllowSupplementaryGroups" in clamd.conf and restart clamd. +Also, to enable Amavisd-new to scan ClamAV's log files and produce nice +statistics, the reverse must be done too; add user "amavis" to the group +"clamav" as follows: + + # usermod -G $(id -Gn amavis | tr ' ' ','),clamav amavis + +Add the rc.amavisd script to your /etc/rc.d/rc.M script between the start of +clamav and sendmail, so that the relevant section looks like this: + +# Starting ClamAV daemon: +if [ -x /etc/rc.d/rc.clamav ]; then + /etc/rc.d/rc.clamav start +fi + +# Starting Amavisd daemon: +if [ -x /etc/rc.d/rc.amavisd ]; then + /etc/rc.d/rc.amavisd start +fi + +# Start the sendmail daemon: +if [ -x /etc/rc.d/rc.sendmail ]; then + . /etc/rc.d/rc.sendmail start +fi diff --git a/system/clamav/clamav.SlackBuild b/system/clamav/clamav.SlackBuild index 7810f3846a..2e60518930 100644 --- a/system/clamav/clamav.SlackBuild +++ b/system/clamav/clamav.SlackBuild @@ -1,4 +1,5 @@ #!/bin/sh + # Copyright (c) 2006,2007 Eric Hameleers # All rights reserved. # @@ -21,11 +22,11 @@ # ----------------------------------------------------------------------------- # Modified to SBo format with the help of Yalla-One -# Version bump and various other changes by Robby Workman +# Version bump and various other changes by Robby Workman # No additional license terms added PRGNAM=clamav -VERSION=0.94 +VERSION=0.95.2 ARCH=${ARCH:-i486} BUILD=${BUILD:-1} TAG=${TAG:-_SBo} @@ -39,7 +40,7 @@ OUTPUT=${OUTPUT:-/tmp} # See http://www.iana.org/cctld/cctld-whois.htm for options COUNTRY=${COUNTRY:-us} -# Read "README.slackware" for compatibility with amavisd-new +# Read "README.SLACKWARE" for compatibility with amavisd-new CLAMUSR=${CLAMUSR:-clamav} CLAMGRP=${CLAMGRP:-clamav} CLAMUID=${CLAMUID:-210} @@ -47,118 +48,122 @@ CLAMGID=${CLAMGID:-210} if [ "$ARCH" = "i486" ]; then SLKCFLAGS="-O2 -march=i486 -mtune=i686" + LIBDIRSUFFIX="" elif [ "$ARCH" = "i686" ]; then SLKCFLAGS="-O2 -march=i686 -mtune=i686" + LIBDIRSUFFIX="" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" + LIBDIRSUFFIX="64" fi +bailout() { + printf "\n You must have a ${CLAMGRP} group and ${CLAMUSR} user in order + to run this script. Add them with something like this: + groupadd -g ${CLAMGID} ${CLAMGRP} + useradd -u ${CLAMUID} -d /dev/null -s /bin/false -g ${CLAMGRP} ${CLAMUSR}\n" + exit 1 +} + # Check for ClamAV user and group availability -DO_EXIT=0 if ! grep ^${CLAMGRP}: /etc/group 2>&1 > /dev/null; then - cat << EOF - - You must have a ${CLAMGRP} group to run this script. - # groupadd -g ${CLAMGID} ${CLAMGRP} - -EOF - DO_EXIT=1 + bailout ; elif ! grep ^${CLAMUSR}: /etc/passwd 2>&1 > /dev/null; then - cat << EOF - - Must have a ${CLAMUSR} user to run this script. - # useradd -u ${CLAMUID} -d /dev/null -s /bin/false -g ${CLAMGRP} ${CLAMUSR} - -EOF - DO_EXIT=1 + bailout ; fi -[ $DO_EXIT -eq 1 ] && exit + +set -e rm -rf $PKG mkdir -p $TMP $PKG $OUTPUT -cd $TMP || exit 1 +cd $TMP rm -rf $PRGNAM-$VERSION -tar xvf $CWD/$PRGNAM-$VERSION.tar.gz || exit 1 +tar xvf $CWD/$PRGNAM-$VERSION.tar.gz cd $PRGNAM-$VERSION || exit 1 chown -R root:root . chmod -R u+w,go+r-w,a-s . CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ -LDFLAGS="$SLKLDFLAGS" \ ./configure \ --prefix=/usr \ - --libdir=/usr/lib \ + --libdir=/usr/lib${LIBDIRSUFFIX} \ --localstatedir=/var \ --sysconfdir=/etc \ --mandir=/usr/man \ --with-user=${CLAMUSR} \ --with-group=${CLAMGRP} \ - --with-dbdir=/usr/share/clamav \ - --with-libcurl \ - --with-tcpwrappers \ + --with-dbdir=/var/lib/clamav \ --enable-milter \ --enable-id-check \ - --disable-static + --disable-static \ + --build=$ARCH-slackware-linux -make || exit 1 +make # Patch the configuration files -cd etc - patch < $CWD/clamd.conf.patch - patch < $CWD/freshclam.conf.patch -cd - +patch -p1 < $CWD/config/clamd.conf.patch +patch -p1 < $CWD/config/freshclam.conf.patch -make install DESTDIR=$PKG || exit 1 +make install DESTDIR=$PKG # Prepare the config files: -cd $PKG/etc - mv clamd.conf clamd.conf.new - mv freshclam.conf freshclam.conf.new -cd - +mv $PKG/etc/clamd.conf $PKG/etc/clamd.conf.new +mv $PKG/etc/freshclam.conf $PKG/etc/freshclam.conf.new # Specify the desired mirror in the update config file # http://www.iana.org/cctld/cctld-whois.htm -sed -i "s/COUNTRY/$COUNTRY/g" $PKG/etc/freshclam.conf.new - -# Where to store the pid file: -mkdir -p $PKG/var/run/clamav +sed -i "s/@COUNTRY@/${COUNTRY}/g" $PKG/etc/freshclam.conf.new # Our rc script: mkdir -p $PKG/etc/rc.d/ -cp $CWD/rc.clamav $PKG/etc/rc.d/rc.clamav.new +cp $CWD/config/rc.clamav $PKG/etc/rc.d/rc.clamav.new chown root:root $PKG/etc/rc.d/rc.clamav.new -chmod 754 $PKG/etc/rc.d/rc.clamav.new +chmod 0755 $PKG/etc/rc.d/rc.clamav.new -cp $CWD/README README.slackware -cp -a clamav-milter/INSTALL INSTALL.milter -DOCS="AUTHORS BUGS COPYING ChangeLog FAQ INSTALL NEWS README UPGRADE \ - docs/*.pdf docs/html examples INSTALL.milter README.slackware" +# Fixup some ownership and permissions issues +chown -R root:root $PKG +chmod -R o-w $PKG +chown ${CLAMUSR} $PKG/usr/sbin/clamav-milter +chmod 4700 $PKG/usr/sbin/clamav-milter +chown -R ${CLAMUSR}:${CLAMGRP} $PKG/var/lib/clamav +chmod 0770 $PKG/var/lib/clamav +chmod 0660 $PKG/var/lib/clamav/* -mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION -cp -a $DOCS $PKG/usr/doc/$PRGNAM-$VERSION || true -chmod -R a-w $PKG/usr/doc/$PRGNAM-$VERSION/* +# Create pid and socket directory +mkdir -p $PKG/var/run/clamav +chown -R ${CLAMUSR}:${CLAMGRP} $PKG/var/run/clamav +chmod 771 $PKG/var/run/clamav + +# Create log files in such a way that they won't clobber existing ones +mkdir -p $PKG/var/log +touch $PKG/var/log/{clamd,freshclam}.log.new +chown ${CLAMUSR}:${CLAMGRP} $PKG/var/log/clamd.log.new +chmod 660 $PKG/var/log/clamd.log.new +chown ${CLAMUSR}:${CLAMGRP} $PKG/var/log/freshclam.log.new +chmod 660 $PKG/var/log/freshclam.log.new + +( cd $PKG + find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | \ + xargs strip --strip-unneeded 2> /dev/null + find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | \ + xargs strip --strip-unneeded 2> /dev/null +) # Compress the man page(s) find $PKG/usr/man -type f -name "*.?" -exec gzip -9f {} \; -# Strip binaries -( cd $PKG - find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null - find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null -) - -# Ownership, rights: -chown -R root:root $PKG -chmod -R o-w $PKG +mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION +cp -a \ + AUTHORS BUGS COPYING ChangeLog FAQ INSTALL NEWS README UPGRADE \ + docs/*.pdf docs/html examples $PKG/usr/doc/$PRGNAM-$VERSION +chmod 0644 $PKG/usr/doc/$PRGNAM-$VERSION/* +cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild +cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc -cat $CWD/doinst.sh >> $PKG/install/doinst.sh - -# Substitute in the actual user/group parameters used -sed -i s/_SUB_CLAMUSR/$CLAMUSR/ $PKG/install/doinst.sh -sed -i s/_SUB_CLAMGRP/$CLAMGRP/ $PKG/install/doinst.sh -sed -i s/_SUB_CLAMUID/$CLAMUID/ $PKG/install/doinst.sh -sed -i s/_SUB_CLAMGID/$CLAMGID/ $PKG/install/doinst.sh +cat $CWD/doinst.sh > $PKG/install/doinst.sh cd $PKG -/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.tgz +/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz} diff --git a/system/clamav/clamav.info b/system/clamav/clamav.info index f43f27fc08..da3ba08f27 100644 --- a/system/clamav/clamav.info +++ b/system/clamav/clamav.info @@ -1,8 +1,10 @@ PRGNAM="clamav" -VERSION="0.94" +VERSION="0.95.2" HOMEPAGE="http://www.clamav.net/" -DOWNLOAD="http://downloads.sourceforge.net/clamav/clamav-0.94.tar.gz" -MD5SUM="d3f6d5fff2db81950491749166ab0ffa" +DOWNLOAD="http://downloads.sourceforge.net/clamav/clamav-0.95.2.tar.gz" +MD5SUM="930362397d30e01ba81b5f24c1046d48" +DOWNLOAD_x86_64="" +MD5SUM_x86_64="" MAINTAINER="Yalla-One" EMAIL="yallaone@gmail.com" -APPROVED="dsomero" +APPROVED="rworkman" diff --git a/system/clamav/clamd.conf.patch b/system/clamav/config/clamd.conf.patch similarity index 81% rename from system/clamav/clamd.conf.patch rename to system/clamav/config/clamd.conf.patch index 607f18259d..a18ff49d88 100644 --- a/system/clamav/clamd.conf.patch +++ b/system/clamav/config/clamd.conf.patch @@ -1,5 +1,6 @@ ---- clamd.conf.orig 2007-07-24 11:22:34.000000000 +0200 -+++ clamd.conf 2007-07-24 11:29:08.000000000 +0200 +diff -Nur clamav-0.95.2.orig/etc/clamd.conf clamav-0.95.2/etc/clamd.conf +--- clamav-0.95.2.orig/etc/clamd.conf 2009-04-07 05:32:06.000000000 -0500 ++++ clamav-0.95.2/etc/clamd.conf 2009-08-10 10:56:05.791514384 -0500 @@ -5,7 +5,7 @@ @@ -41,15 +42,15 @@ +LocalSocket /var/run/clamav/clamd.socket # Remove stale socket after unclean shutdown. - # Default: no + # Default: yes -#FixStaleSocket yes +FixStaleSocket yes # TCP port address. # Default: no -@@ -142,14 +142,14 @@ - # Run as another user (clamd must be started by root to make this option - # working). +@@ -167,14 +167,14 @@ + + # Run as another user (clamd must be started by root for this option to work) # Default: don't drop privileges -#User clamav +User clamav diff --git a/system/clamav/freshclam.conf.patch b/system/clamav/config/freshclam.conf.patch similarity index 79% rename from system/clamav/freshclam.conf.patch rename to system/clamav/config/freshclam.conf.patch index c90a961940..a55c90cd9a 100644 --- a/system/clamav/freshclam.conf.patch +++ b/system/clamav/config/freshclam.conf.patch @@ -1,6 +1,7 @@ ---- freshclam.conf.orig 2007-02-11 10:54:46.000000000 +0100 -+++ freshclam.conf 2007-02-14 09:46:29.000000000 +0100 -@@ -5,12 +5,12 @@ +diff -Nur clamav-0.95.2.orig/etc/freshclam.conf clamav-0.95.2/etc/freshclam.conf +--- clamav-0.95.2.orig/etc/freshclam.conf 2009-03-16 13:43:35.000000000 -0500 ++++ clamav-0.95.2/etc/freshclam.conf 2009-08-10 10:53:12.146515711 -0500 +@@ -5,7 +5,7 @@ # Comment or remove the line below. @@ -9,13 +10,7 @@ # Path to the database directory. # WARNING: It must match clamd.conf's directive! - # Default: hardcoded (depends on installation options) --#DatabaseDirectory /var/lib/clamav -+#DatabaseDirectory /usr/share/clamav - - # Path to the log file (make sure it has proper permissions) - # Default: disabled -@@ -22,25 +22,25 @@ +@@ -34,25 +34,25 @@ # Use system logger (can work together with UpdateLogFile). # Default: no @@ -46,16 +41,16 @@ # Use DNS to verify virus database version. Freshclam uses DNS TXT records # to verify database and software versions. With this directive you can change -@@ -52,7 +52,7 @@ +@@ -64,7 +64,7 @@ # Uncomment the following line and replace XY with your country # code. See http://www.iana.org/cctld/cctld-whois.htm for the full list. -#DatabaseMirror db.XY.clamav.net -+DatabaseMirror db.COUNTRY.clamav.net ++#DatabaseMirror db.@COUNTRY@.clamav.net # database.clamav.net is a round-robin record which points to our most # reliable mirrors. It's used as a fall back in case db.XY.clamav.net is -@@ -92,7 +92,7 @@ +@@ -111,7 +111,7 @@ # Send the RELOAD command to clamd. # Default: no diff --git a/system/clamav/rc.clamav b/system/clamav/config/rc.clamav similarity index 99% rename from system/clamav/rc.clamav rename to system/clamav/config/rc.clamav index 5197a1c4de..43940738a4 100644 --- a/system/clamav/rc.clamav +++ b/system/clamav/config/rc.clamav @@ -56,3 +56,4 @@ case "$1" in *) echo "usage $0 start|stop|restart" esac + diff --git a/system/clamav/doinst.sh b/system/clamav/doinst.sh index 0764576fed..16dadeafc3 100644 --- a/system/clamav/doinst.sh +++ b/system/clamav/doinst.sh @@ -1,12 +1,3 @@ -# Read "README.slackware" for compatibility with amavisd-new - -# These values are set in the build script and sed'ed into this -CLAMUSR=_SUB_CLAMUSR -CLAMGRP=_SUB_CLAMGRP -CLAMUID=_SUB_CLAMUID -CLAMGID=_SUB_CLAMGID - -# Handle the incoming configuration files: config() { for infile in $1; do NEW="$infile" @@ -25,57 +16,6 @@ config() { config etc/freshclam.conf.new config etc/clamd.conf.new config etc/rc.d/rc.clamav.new - -# Create log files -# We don't do this inside the package because we don't want the package -# to remove them if clamav is uninstalled -touch var/log/clamd.log -touch var/log/freshclam.log - -# Check for presence of $CLAMUSR and $CLAMGRP on target system -DO_EXIT=0 -if ! grep ^${CLAMGRP}: etc/group 2>&1 > /dev/null; then - cat << EOF - - You must have a ${CLAMGRP} group present for this post-installation - script to complete. First, do this: - - # groupadd -g ${CLAMGID} ${CLAMGRP} - - Then, do *one* of the following: - (1) Run "upgradepkg --reinstall clamav-*tgz" or - (2) Change to the directory '/' (using "cd /") and run the script /var/log/scripts/clamav-* manually. -EOF - DO_EXIT=1 -elif ! grep ^${CLAMUSR}: etc/passwd 2>&1 > /dev/null; then - cat << EOF - - You must have a ${CLAMUSR} user present for this post-installation - script to complete. First, do this: - - # useradd -u ${CLAMUID} -d /dev/null -s /bin/false -g ${CLAMGRP} ${CLAMUSR} - - Then, do *one* of the following: - (1) Run "upgradepkg --reinstall clamav-*tgz" or - (2) Change to the directory '/' (using "cd /") and run the script /var/log/scripts/clamav-* manually. -EOF - DO_EXIT=1 -fi -[ $DO_EXIT -eq 1 ] && exit -# Only way to create and use the correct uid and gid on the target system, -# is to use chroot: -chroot . </dev/null - -# Restore the correct permissions -chown ${CLAMUSR} usr/sbin/clamav-milter -chmod 4700 usr/sbin/clamav-milter -chown -R ${CLAMUSR}:${CLAMGRP} var/run/clamav -chmod 771 var/run/clamav -chown ${CLAMUSR}:${CLAMGRP} var/log/clamd.log -chmod 660 var/log/clamd.log -chown ${CLAMUSR}:${CLAMGRP} var/log/freshclam.log -chmod 660 var/log/freshclam.log -chown -R ${CLAMUSR}:${CLAMGRP} usr/share/clamav -chmod -R 770 usr/share/clamav -EOR +config var/log/clamd.log.new ; rm -f var/log/clamd.log.new +config var/log/freshclam.log.new ; rm -f var/log/freshclam.log.new diff --git a/system/clamav/slack-desc b/system/clamav/slack-desc index c23acc2a4f..454090cb34 100644 --- a/system/clamav/slack-desc +++ b/system/clamav/slack-desc @@ -12,8 +12,8 @@ clamav: Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose clamav: of this software is the integration with mail servers (attachment clamav: scanning). The package provides a flexible and scalable multi-threaded clamav: daemon, a command line scanner, and a tool for automatic updating via -clamav: Internet. -clamav: Most importantly, the virus database is kept up to date . -clamav: For setup, see README.slackware in the /usr/doc/clamav-* directory. +clamav: Internet. Most importantly, the virus database is kept up to date. +clamav: For setup, see README.SLACKWARE in the package's docs directory. +clamav: +clamav: Homepage: http://www.clamav.net/ clamav: -clamav: clamav info at http://www.clamav.net/