From 3bc4d1c00e6499da664f7d1f43551dd7818e4fc2 Mon Sep 17 00:00:00 2001 From: Eugen Wissner Date: Wed, 25 Jun 2025 11:24:47 +0200 Subject: [PATCH] Add clamav --- bundles/clamav/contents | 5 +++++ bundles/clamav/type | 1 + rc.clamav/clamav-log/consumer-for | 2 ++ rc.clamav/clamav-log/dependencies | 4 ++++ rc.clamav/clamav-log/env/CMD | 1 + rc.clamav/clamav-log/env/CMD_OPTS | 1 + rc.clamav/clamav-log/env/LOGDIR_GROUP | 2 ++ rc.clamav/clamav-log/env/LOGDIR_OWNER | 2 ++ rc.clamav/clamav-log/env/LOGDIR_PATH | 2 ++ rc.clamav/clamav-log/env/LOGDIR_PERMS | 2 ++ rc.clamav/clamav-log/env/LOG_SCRIPT | 2 ++ rc.clamav/clamav-log/notification-fd | 1 + rc.clamav/clamav-log/run | 24 ++++++++++++++++++++++++ rc.clamav/clamav-log/type | 1 + rc.clamav/clamd/data/check | 3 +++ rc.clamav/clamd/dependencies | 5 +++++ rc.clamav/clamd/env/CMD | 1 + rc.clamav/clamd/notification-fd | 1 + rc.clamav/clamd/producer-for | 1 + rc.clamav/clamd/run | 13 +++++++++++++ rc.clamav/clamd/type | 1 + rc.clamav/freshclam/dependencies | 1 + rc.clamav/freshclam/env/CMD | 1 + rc.clamav/freshclam/env/CMD_OPTS | 1 + rc.clamav/freshclam/producer-for | 1 + rc.clamav/freshclam/run | 14 ++++++++++++++ rc.clamav/freshclam/type | 1 + 27 files changed, 94 insertions(+) create mode 100644 bundles/clamav/contents create mode 100644 bundles/clamav/type create mode 100644 rc.clamav/clamav-log/consumer-for create mode 100644 rc.clamav/clamav-log/dependencies create mode 100644 rc.clamav/clamav-log/env/CMD create mode 100644 rc.clamav/clamav-log/env/CMD_OPTS create mode 100644 rc.clamav/clamav-log/env/LOGDIR_GROUP create mode 100644 rc.clamav/clamav-log/env/LOGDIR_OWNER create mode 100644 rc.clamav/clamav-log/env/LOGDIR_PATH create mode 100644 rc.clamav/clamav-log/env/LOGDIR_PERMS create mode 100644 rc.clamav/clamav-log/env/LOG_SCRIPT create mode 100644 rc.clamav/clamav-log/notification-fd create mode 100644 rc.clamav/clamav-log/run create mode 100644 rc.clamav/clamav-log/type create mode 100755 rc.clamav/clamd/data/check create mode 100644 rc.clamav/clamd/dependencies create mode 100644 rc.clamav/clamd/env/CMD create mode 100644 rc.clamav/clamd/notification-fd create mode 100644 rc.clamav/clamd/producer-for create mode 100644 rc.clamav/clamd/run create mode 100644 rc.clamav/clamd/type create mode 100644 rc.clamav/freshclam/dependencies create mode 100644 rc.clamav/freshclam/env/CMD create mode 100644 rc.clamav/freshclam/env/CMD_OPTS create mode 100644 rc.clamav/freshclam/producer-for create mode 100644 rc.clamav/freshclam/run create mode 100644 rc.clamav/freshclam/type diff --git a/bundles/clamav/contents b/bundles/clamav/contents new file mode 100644 index 0000000..901890e --- /dev/null +++ b/bundles/clamav/contents @@ -0,0 +1,5 @@ +# Start an anti-virus daemon +clamd + +# Start a virus database update tool +freshclam diff --git a/bundles/clamav/type b/bundles/clamav/type new file mode 100644 index 0000000..757b422 --- /dev/null +++ b/bundles/clamav/type @@ -0,0 +1 @@ +bundle diff --git a/rc.clamav/clamav-log/consumer-for b/rc.clamav/clamav-log/consumer-for new file mode 100644 index 0000000..20601cd --- /dev/null +++ b/rc.clamav/clamav-log/consumer-for @@ -0,0 +1,2 @@ +clamd +freshclam diff --git a/rc.clamav/clamav-log/dependencies b/rc.clamav/clamav-log/dependencies new file mode 100644 index 0000000..e85efae --- /dev/null +++ b/rc.clamav/clamav-log/dependencies @@ -0,0 +1,4 @@ +# Comment out "remount-root" and uncomment "local-fs" +# if you use separate partition for /var/log +remount-root +#local-fs diff --git a/rc.clamav/clamav-log/env/CMD b/rc.clamav/clamav-log/env/CMD new file mode 100644 index 0000000..9d5239c --- /dev/null +++ b/rc.clamav/clamav-log/env/CMD @@ -0,0 +1 @@ +s6-log diff --git a/rc.clamav/clamav-log/env/CMD_OPTS b/rc.clamav/clamav-log/env/CMD_OPTS new file mode 100644 index 0000000..00d672e --- /dev/null +++ b/rc.clamav/clamav-log/env/CMD_OPTS @@ -0,0 +1 @@ +-d3 diff --git a/rc.clamav/clamav-log/env/LOGDIR_GROUP b/rc.clamav/clamav-log/env/LOGDIR_GROUP new file mode 100644 index 0000000..3794bcd --- /dev/null +++ b/rc.clamav/clamav-log/env/LOGDIR_GROUP @@ -0,0 +1,2 @@ +root +# Logging directory group ownership diff --git a/rc.clamav/clamav-log/env/LOGDIR_OWNER b/rc.clamav/clamav-log/env/LOGDIR_OWNER new file mode 100644 index 0000000..9f9fd12 --- /dev/null +++ b/rc.clamav/clamav-log/env/LOGDIR_OWNER @@ -0,0 +1,2 @@ +root +# Logging directory owner diff --git a/rc.clamav/clamav-log/env/LOGDIR_PATH b/rc.clamav/clamav-log/env/LOGDIR_PATH new file mode 100644 index 0000000..3c4ffad --- /dev/null +++ b/rc.clamav/clamav-log/env/LOGDIR_PATH @@ -0,0 +1,2 @@ +/var/log/clamav +# Logging directory path diff --git a/rc.clamav/clamav-log/env/LOGDIR_PERMS b/rc.clamav/clamav-log/env/LOGDIR_PERMS new file mode 100644 index 0000000..ccece6e --- /dev/null +++ b/rc.clamav/clamav-log/env/LOGDIR_PERMS @@ -0,0 +1,2 @@ +750 +# Logging directory access rights in octal diff --git a/rc.clamav/clamav-log/env/LOG_SCRIPT b/rc.clamav/clamav-log/env/LOG_SCRIPT new file mode 100644 index 0000000..948a563 --- /dev/null +++ b/rc.clamav/clamav-log/env/LOG_SCRIPT @@ -0,0 +1,2 @@ +n4 s500000 T $LOGDIR_PATH +# Logging script used by s6-log diff --git a/rc.clamav/clamav-log/notification-fd b/rc.clamav/clamav-log/notification-fd new file mode 100644 index 0000000..00750ed --- /dev/null +++ b/rc.clamav/clamav-log/notification-fd @@ -0,0 +1 @@ +3 diff --git a/rc.clamav/clamav-log/run b/rc.clamav/clamav-log/run new file mode 100644 index 0000000..7bcc996 --- /dev/null +++ b/rc.clamav/clamav-log/run @@ -0,0 +1,24 @@ +#!/bin/execlineb -P + +################################################ +# Start a logging daemon for the clamav daemon # +################################################ + +s6-envdir env +multisubstitute { + importas -u LOGDIR_OWNER LOGDIR_OWNER + importas -u LOGDIR_GROUP LOGDIR_GROUP + importas -u LOGDIR_PERMS LOGDIR_PERMS + importas -u CMD CMD + importas -usCd" " CMD_OPTS CMD_OPTS + importas -usCd" " LOG_SCRIPT LOG_SCRIPT +} +s6-envuidgid -B ${LOGDIR_OWNER}:${LOGDIR_GROUP} +multisubstitute { + importas -u LOGDIR_PATH LOGDIR_PATH + importas -u UID UID + importas -u GID GID +} +if { install -dm $LOGDIR_PERMS -o $UID -g $GID $LOGDIR_PATH } +s6-setuidgid ${UID}:${GID} +exec -c $CMD $CMD_OPTS -- $LOG_SCRIPT diff --git a/rc.clamav/clamav-log/type b/rc.clamav/clamav-log/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/rc.clamav/clamav-log/type @@ -0,0 +1 @@ +longrun diff --git a/rc.clamav/clamd/data/check b/rc.clamav/clamd/data/check new file mode 100755 index 0000000..92bb07d --- /dev/null +++ b/rc.clamav/clamd/data/check @@ -0,0 +1,3 @@ +#!/bin/execlineb -P + +test -S /run/clamav/clamd.sock diff --git a/rc.clamav/clamd/dependencies b/rc.clamav/clamd/dependencies new file mode 100644 index 0000000..a262a61 --- /dev/null +++ b/rc.clamav/clamd/dependencies @@ -0,0 +1,5 @@ +tmpfs-run +# Comment out "remount-root" and uncomment "local-fs" +# if you use separate partition for /var +remount-root +#local-fs diff --git a/rc.clamav/clamd/env/CMD b/rc.clamav/clamd/env/CMD new file mode 100644 index 0000000..8d6fb8d --- /dev/null +++ b/rc.clamav/clamd/env/CMD @@ -0,0 +1 @@ +clamd diff --git a/rc.clamav/clamd/notification-fd b/rc.clamav/clamd/notification-fd new file mode 100644 index 0000000..00750ed --- /dev/null +++ b/rc.clamav/clamd/notification-fd @@ -0,0 +1 @@ +3 diff --git a/rc.clamav/clamd/producer-for b/rc.clamav/clamd/producer-for new file mode 100644 index 0000000..cd3b941 --- /dev/null +++ b/rc.clamav/clamd/producer-for @@ -0,0 +1 @@ +clamav-log diff --git a/rc.clamav/clamd/run b/rc.clamav/clamd/run new file mode 100644 index 0000000..14a4538 --- /dev/null +++ b/rc.clamav/clamd/run @@ -0,0 +1,13 @@ +#!/bin/execlineb -P + +###################################### +# Start clamd (an anti-virus daemon) # +###################################### + +fdmove -c 2 1 +foreground { install -o clamav -g clamav -m 0771 -d /run/clamav } +s6-envdir env +importas -u CMD CMD +s6-notifyoncheck -d -w3750 -n16 +s6-setuidgid clamav +exec -c $CMD diff --git a/rc.clamav/clamd/type b/rc.clamav/clamd/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/rc.clamav/clamd/type @@ -0,0 +1 @@ +longrun diff --git a/rc.clamav/freshclam/dependencies b/rc.clamav/freshclam/dependencies new file mode 100644 index 0000000..8d6fb8d --- /dev/null +++ b/rc.clamav/freshclam/dependencies @@ -0,0 +1 @@ +clamd diff --git a/rc.clamav/freshclam/env/CMD b/rc.clamav/freshclam/env/CMD new file mode 100644 index 0000000..47d8c60 --- /dev/null +++ b/rc.clamav/freshclam/env/CMD @@ -0,0 +1 @@ +freshclam diff --git a/rc.clamav/freshclam/env/CMD_OPTS b/rc.clamav/freshclam/env/CMD_OPTS new file mode 100644 index 0000000..2838468 --- /dev/null +++ b/rc.clamav/freshclam/env/CMD_OPTS @@ -0,0 +1 @@ +-d diff --git a/rc.clamav/freshclam/producer-for b/rc.clamav/freshclam/producer-for new file mode 100644 index 0000000..cd3b941 --- /dev/null +++ b/rc.clamav/freshclam/producer-for @@ -0,0 +1 @@ +clamav-log diff --git a/rc.clamav/freshclam/run b/rc.clamav/freshclam/run new file mode 100644 index 0000000..ee50f9a --- /dev/null +++ b/rc.clamav/freshclam/run @@ -0,0 +1,14 @@ +#!/bin/execlineb -P + +################################################## +# Start freshclam (a virus database update tool) # +################################################## + +fdmove -c 2 1 +s6-envdir env +multisubstitute { + importas -u CMD CMD + importas -usCd" " CMD_OPTS CMD_OPTS +} +s6-setuidgid clamav +exec -c $CMD $CMD_OPTS diff --git a/rc.clamav/freshclam/type b/rc.clamav/freshclam/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/rc.clamav/freshclam/type @@ -0,0 +1 @@ +longrun