From 506afe9fc6e1a8c2edfad0702797f3a66b8bb605 Mon Sep 17 00:00:00 2001 From: Jamie Lenehan Date: Wed, 13 Sep 2006 23:16:01 +0000 Subject: clamav: New package for the CLAM anti-virus toolkit for UNIX. It includes a multi-threaded daemon, a command line scanner, a tool for automatic updating via Internet and a shared library implementation for the scanner. Tested on sh4 and i486. --- packages/clamav/.mtn2git_empty | 0 packages/clamav/clamav_0.88.4.bb | 100 ++++++++++++++++++ packages/clamav/files/.mtn2git_empty | 0 packages/clamav/files/clamav-daemon.default | 1 + packages/clamav/files/clamav-daemon.init | 75 +++++++++++++ packages/clamav/files/clamav-freshclam.init | 145 ++++++++++++++++++++++++++ packages/clamav/files/clamd.conf | 25 +++++ packages/clamav/files/cross-compile-fix.patch | 74 +++++++++++++ packages/clamav/files/freshclam.conf | 19 ++++ packages/clamav/files/libtool-fix.patch | 23 ++++ packages/clamav/site/.mtn2git_empty | 0 packages/clamav/site/common-glibc | 4 + 12 files changed, 466 insertions(+) create mode 100644 packages/clamav/.mtn2git_empty create mode 100644 packages/clamav/clamav_0.88.4.bb create mode 100644 packages/clamav/files/.mtn2git_empty create mode 100644 packages/clamav/files/clamav-daemon.default create mode 100644 packages/clamav/files/clamav-daemon.init create mode 100644 packages/clamav/files/clamav-freshclam.init create mode 100644 packages/clamav/files/clamd.conf create mode 100644 packages/clamav/files/cross-compile-fix.patch create mode 100644 packages/clamav/files/freshclam.conf create mode 100644 packages/clamav/files/libtool-fix.patch create mode 100644 packages/clamav/site/.mtn2git_empty create mode 100644 packages/clamav/site/common-glibc (limited to 'packages/clamav') diff --git a/packages/clamav/.mtn2git_empty b/packages/clamav/.mtn2git_empty new file mode 100644 index 0000000000..e69de29bb2 diff --git a/packages/clamav/clamav_0.88.4.bb b/packages/clamav/clamav_0.88.4.bb new file mode 100644 index 0000000000..8e51551861 --- /dev/null +++ b/packages/clamav/clamav_0.88.4.bb @@ -0,0 +1,100 @@ +DESCRIPTION = "Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main \ +purpose of this software is the integration with mail servers (attachment \ +scanning)." +DESCRIPTION_${PN}-lib = "The dynamic library that is shared between all of \ +the Clam AntiVirus components" +DESCRIPTION_${PN}-freshclam = "An automatic virus signature update \ +application for Clam AntiVirus" +DESCRIPTION_${PN}-data = "Static anti virus signature database for Clam AntiVirus" +DESCRIPTION_${PN}-daemon = "A on-demand file scanning service for Clam AntiVirus" +HOMEPAGE = "http://www.clamav.net/" +SECTION = "network" +MAINTAINER = "Jamie Lenehan " +LICENSE = "GPL" +DEPENDS = "zlib bzip2 gmp" +RDEPENDS_${PN} = "${PN}-data" +RDEPENDS_${PN}-daemon = "${PN}-data" +RRECOMMENDS_${PN} = "${PN}-freshclam" +RRECOMMENDS_${PN}-daemon = "${PN}-freshclam" + +SRC_URI = "${SOURCEFORGE_MIRROR}/clamav/clamav-${PV}.tar.gz \ + file://cross-compile-fix.patch;patch=1 \ + file://libtool-fix.patch;patch=1 \ + file://clamav-daemon.init \ + file://clamav-freshclam.init \ + file://clamav-daemon.default \ + file://clamd.conf \ + file://freshclam.conf" + +inherit autotools update-rc.d + +# Don't check for clamav uid/gid - they don't exist on the host +# Put virus definitions in /var/lib not /usr/lib +EXTRA_OECONF = "--disable-clamav \ + --with-dbdir=${localstatedir}/lib/clamav" + +do_install_append() { + install -m 0755 -d ${D}${sysconfdir}/default ${D}${sysconfdir}/init.d \ + ${D}${docdir}/clamav + # Save the installed clamd.conf in the doc dir and then install out new one + install -m 0755 ${D}${sysconfdir}/clamd.conf ${D}${docdir}/clamav/clamd.conf.example + install -m 0755 ${WORKDIR}/clamd.conf ${D}${sysconfdir}/clamd.conf + # Save the installed freshclam.conf in the doc dir and then install out new one + install -m 0755 ${D}${sysconfdir}/freshclam.conf ${D}${docdir}/clamav/freshclam.conf.example + # Install our config files and init scripts + install -m 0755 ${WORKDIR}/freshclam.conf ${D}${sysconfdir}/freshclam.conf + install -m 0755 ${WORKDIR}/clamav-daemon.default ${D}${sysconfdir}/default/clamav-daemon + install -m 0755 ${WORKDIR}/clamav-daemon.init ${D}${sysconfdir}/init.d/clamav-daemon + install -m 0755 ${WORKDIR}/clamav-freshclam.init ${D}${sysconfdir}/init.d/clamav-freshclam +} + +PACKAGES += "${PN}-freshclam ${PN}-daemon ${PN}-data ${PN}-lib" + +FILES_${PN} = "${bindir}/clamscan ${bindir}/sigtool ${bindir}/clamdscan" +FILES_${PN}-lib = "${libdir}/libclamav.so.*" +FILES_${PN}-freshclam = "${bindir}/freshclam \ + ${sysconfdir}/freshclam.conf \ + ${sysconfdir}/init.d/clamav-freshclam" +FILES_${PN}-daemon = "${sysconfdir}/clamd.conf \ + ${sbindir}/clamd \ + ${sysconfdir}/init.d/clamav-daemon \ + ${sysconfdir}/default/clamav-daemon" +FILES_${PN}-data = "${localstatedir}/lib/clamav/main.cvd \ + ${localstatedir}/lib/clamav/daily.cvd" +FILES_${PN}-dev += "${bindir}/clamav-config" + +# Add clamav's user and groups +pkg_postinst_${PN}-freshclam () { + grep -q clamav: /etc/group || addgroup clamav + grep -q clamav: /etc/passwd || adduser --disabled-password --home=/var/lib/clamav/ \ + --ingroup clamav -g "ClamAV" clamav +} +pkg_postinst_${PN}-daemon () { + grep -q clamav: /etc/group || addgroup clamav + grep -q clamav: /etc/passwd || adduser --disabled-password --home=/var/lib/clamav/ \ + --ingroup clamav -g "ClamAV" clamav +} +pkg_postinst_${PN}-data () { + grep -q clamav: /etc/group || addgroup clamav + grep -q clamav: /etc/passwd || adduser --disabled-password --home=/var/lib/clamav/ \ + --ingroup clamav --no-create-home -g "ClamAV" clamav + chown clamav:clamav \ + ${localstatedir}/lib/clamav \ + ${localstatedir}/lib/clamav/main.cvd \ + ${localstatedir}/lib/clamav/daily.cvd +} + +# Indicate that the default files are configuration files +CONFFILES_${PN}-daemon = "${sysconfdir}/clamd.conf \ + ${sysconfdir}/default/clamav-daemon" +CONFFILES_${PN}-freshclam = "${sysconfdir}/freshclam.conf" +# Make the database as conffiles so that newwer data file won't replace +# updates generated by freshclam +CONFFILES_${PN}-data = "${localstatedir}/lib/clamav/main.cvd \ + ${localstatedir}/lib/clamav/daily.cvd" + +INITSCRIPT_PACKAGES = "${PN}-daemon ${PN}-freshclam" +INITSCRIPT_NAME_${PN}-daemon = "clamav-daemon" +INITSCRIPT_NAME_${PN}-freshclam = "clamav-freshclam" +INITSCRIPT_PARAMS_${PN}-daemon = "defaults 50 50" +INITSCRIPT_PARAMS_${PN}-freshclam = "defaults 50 50" diff --git a/packages/clamav/files/.mtn2git_empty b/packages/clamav/files/.mtn2git_empty new file mode 100644 index 0000000000..e69de29bb2 diff --git a/packages/clamav/files/clamav-daemon.default b/packages/clamav/files/clamav-daemon.default new file mode 100644 index 0000000000..bc19984183 --- /dev/null +++ b/packages/clamav/files/clamav-daemon.default @@ -0,0 +1 @@ +# Options for clamav-daemon (clamd process) diff --git a/packages/clamav/files/clamav-daemon.init b/packages/clamav/files/clamav-daemon.init new file mode 100644 index 0000000000..a70e14f3f4 --- /dev/null +++ b/packages/clamav/files/clamav-daemon.init @@ -0,0 +1,75 @@ +#! /bin/sh +# This is a modified version of the debian clamav-daemon init script +set -e +PATH=/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/sbin/clamd +NAME="clamd" +DESC="ClamAV daemon" +CLAMAVCONF=/etc/clamd.conf + +[ -x "$DAEMON" ] || exit 0 +[ -r /etc/default/clamav-daemon ] && . /etc/default/clamav-daemon + +if [ ! -f "$CLAMAVCONF" ]; then + echo "There is no configuration file for $DESC." + exit 0; +fi +if grep -q "^Example" $CLAMAVCONF; then + echo "$DESC is not configured. Please edit $CLAMAVCONF" + exit 0 +fi + +THEPIDFILE="`grep ^PidFile $CLAMAVCONF | awk '{print $2}'`" +[ -e "$THEPIDFILE" ] && PID=`cat $THEPIDFILE` +[ "$PID" = '1' ] && unset PID + +# Make sure dirs exist and are correct +for i in /var/run/clamav /var/log/clamav /var/lib/clamav +do + [ ! -d $i ] && mkdir -p $i && chown clamav:clamav $i +done + +case "$1" in + start) + echo -n "Starting $DESC: " + start-stop-daemon --oknodo -S -x $DAEMON + echo "$NAME" + ;; + + stop) + echo -n "Stopping $DESC: " + if [ -n "$PID" ]; then + kill -15 -"$PID" + sleep 1 + if kill -0 "$PID" 2>/dev/null; then + echo -n "Waiting . " + cnt=0 + while kill -0 "$PID" 2>/dev/null; do + cnt=`expr "$cnt" + 1` + if [ "$cnt" -gt 60 ]; then + echo -n " Failed.. " + kill -9 -"$PID" + break + fi + sleep 2 + echo -n ". " + done + fi + else + start-stop-daemon -o -K -q -p $THEPIDFILE + fi + echo "$NAME" + ;; + + restart|force-reload) + $0 stop + $0 start + ;; + + *) + echo "Usage: $0 {start|stop|restart|force-reload}" >&2 + exit 1 + ;; +esac + +exit 0 diff --git a/packages/clamav/files/clamav-freshclam.init b/packages/clamav/files/clamav-freshclam.init new file mode 100644 index 0000000000..47491a2a54 --- /dev/null +++ b/packages/clamav/files/clamav-freshclam.init @@ -0,0 +1,145 @@ +#!/bin/sh +# This is a modified version of the debian clamav-freshclam init script +set -e +DAEMON=/usr/bin/freshclam +NAME=freshclam +DESC="ClamAV virus database updater" + +[ -x $DAEMON ] || exit 0 + +CLAMAV_CONF_FILE=/etc/clamd.conf +FRESHCLAM_CONF_FILE=/etc/freshclam.conf +PIDFILE=/var/run/clamav/freshclam.pid + +slurp_config() +{ + CLAMAVCONF="$1" + + if [ -e "$CLAMAVCONF" ]; then + for variable in `egrep -v '^[[:space:]]*(#|$)' "$CLAMAVCONF" | awk '{print $1}'`; do + if [ "$variable" = 'DatabaseMirror' ]; then + if [ -z "$DatabaseMirror" ]; then + for i in `grep ^$variable $CLAMAVCONF | awk '{print $2}'`; do + value="$i $value" + done + else + continue + fi + elif [ "$variable" = 'VirusEvent' -o "$variable" = 'OnUpdateExecute' -o "$variable" = 'OnErrorExecute' ]; then + value=`grep ^$variable $CLAMAVCONF | head -n1 | sed -e s/$variable\ //` + else + value=`grep ^$variable $CLAMAVCONF | head -n1 | awk '{print $2}'` + fi + if ! [ "$value" = "$variable" -o "$value" = "" ]; then + export "$variable"="$value" + else + export "$variable"="true" + fi + unset value + done + fi +} + + +slurp_config "$FRESHCLAM_CONF_FILE" + +for inet in $INTERFACE; do + if route | grep -q "$inet"; then + IS_UP=true + break + else + IS_UP=false + fi +done +for inet in $INTERFACE; do + if [ "$inet" = "$IFACE" ]; then + match=true + break + else + match=false + fi +done + +# We don't want to always start/stop if running from if-up/down.d +if ! [ "$1" = "start" -o "$1" = "stop" ]; then # Exempt restart/reload/etc from checks + if [ -n "$INTERFACE" ]; then # Want it only run from if-up.d + if [ -z "$IFACE" ]; then # Is not called by if-up.d + if [ "$IS_UP" = false ]; then # And route isn't up (e.g., upgrade) + echo "Interface not up. Exiting." + exit 0 + fi + elif [ "$match" != 'true' ]; then # IFACE coming up is not the one selected + echo "Interface not up. Exiting." + exit 0 + fi + fi +fi + +# If user wants it run from cron, we only accept no-daemon and stop +if [ -f /etc/cron.d/clamav-freshclam ]; then + if ! [ "$1" = "no-daemon" -o "$1" = "stop" ]; then + echo "Cron option has been selected for running freshclam" + echo "Please either run freshclam directly, or run the init" + echo "script with the 'no-daemon' option" + exit 0 + fi +fi + +[ -z "$UpdateLogFile" ] && UpdateLogFile=/var/log/clamav/freshclam.log + +if [ -z "$DatabaseDirectory" ]; then + [ -r "$CLAMAV_CONF_FILE" ] && DatabaseDirectory=$(grep 'DataDirectory' "$CLAMAV_CONF_FILE" | awk '{print $2}') + [ -z "$DatabaseDirectory" ] && DatabaseDirectory=/var/lib/clamav/ +fi + +[ -e "$PIDFILE" ] && PID=`cat $PIDFILE` +[ "$PID" = '1' ] && unset PID + +# Make sure dirs exist and are correct +for i in /var/run/clamav /var/log/clamav $DatabaseDirectory +do + [ ! -d $i ] && mkdir -p $i && chown clamav:clamav $i +done + +case "$1" in + no-daemon) + echo "It takes freshclam ~3min to timeout and try the next mirror in the list" + freshclam -l "$UpdateLogFile" --datadir "$DatabaseDirectory" + ;; + start) + echo -n "Starting $DESC: " + start-stop-daemon -S -x $DAEMON -- -d --quiet -p $PIDFILE + echo "$NAME" + ;; + stop) + echo -n "Stopping $DESC: " + start-stop-daemon -o -K -q -p $PIDFILE $DAEMON + if [ -n "$PID" ]; then + sleep 1 + if kill -0 "$PID" 2>/dev/null; then + echo -n "Waiting . " + cnt=0 + while kill -0 "$PID" 2>/dev/null; do + cnt=`expr "$cnt" + 1` + if [ "$cnt" -gt 60 ]; then + echo -n " Failed.. " + break + fi + sleep 2 + echo -n ". " + done + fi + fi + echo "$NAME" + ;; + restart|force-reload) + $0 stop + $0 start + ;; + *) + echo "Usage: $0 {no-daemon|start|stop|restart|force-reload}" >&2 + exit 1 + ;; +esac + +exit 0 diff --git a/packages/clamav/files/clamd.conf b/packages/clamav/files/clamd.conf new file mode 100644 index 0000000000..485c80d420 --- /dev/null +++ b/packages/clamav/files/clamd.conf @@ -0,0 +1,25 @@ +## Please read the clamd.conf(5) manual before editing this file. +LocalSocket /var/run/clamav/clamd.ctl +FixStaleSocket +User clamav +AllowSupplementaryGroups +ScanMail +ScanArchive +ArchiveMaxRecursion 5 +ArchiveMaxFiles 1000 +ArchiveMaxFileSize 10M +ArchiveMaxCompressionRatio 250 +ReadTimeout 180 +MaxThreads 12 +MaxConnectionQueueLength 15 +LogFile /var/log/clamav/clamav.log +LogTime +LogFileMaxSize 0 +PidFile /var/run/clamav/clamd.pid +DatabaseDirectory /var/lib/clamav +SelfCheck 3600 +ScanOLE2 +ScanPE +DetectBrokenExecutables +ScanHTML +ArchiveBlockMax diff --git a/packages/clamav/files/cross-compile-fix.patch b/packages/clamav/files/cross-compile-fix.patch new file mode 100644 index 0000000000..690d680c66 --- /dev/null +++ b/packages/clamav/files/cross-compile-fix.patch @@ -0,0 +1,74 @@ +Add some caching of values which can't be determined when +cross-compiling. This lets us define the values via the site files. + +--- clamav-0.88.4/configure.in 2006/09/12 05:49:09 1.1 ++++ clamav-0.88.4/configure.in 2006/09/12 06:24:27 +@@ -56,19 +56,18 @@ + + dnl Check for broken snprintf (code by Phil Oleson ) + if test "x$ac_cv_func_snprintf" = "xyes" ; then +- AC_MSG_CHECKING([whether snprintf correctly terminates long strings]) +- AC_TRY_RUN( +- [ ++ AC_CACHE_CHECK([whether snprintf correctly terminates long strings], ++ [clamav_av_func_working_snprintf_long], [ ++ AC_TRY_RUN( ++ [ + #include + int main(void){char b[5];snprintf(b,5,"123456789");return(b[4]!='\0');} +- ], +- [AC_MSG_RESULT(yes)], +- [ +- AC_MSG_RESULT(no) +- AC_DEFINE(BROKEN_SNPRINTF,1,[Define if your snprintf is busted]) +- AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) +- ] +- ) ++ ]) ++ ]) ++ if test "x$clamav_av_func_working_snprintf_long" = "xno"; then ++ AC_DEFINE(BROKEN_SNPRINTF,1,[Define if your snprintf is busted]) ++ AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) ++ fi + fi + + have_pthreads=no +@@ -331,18 +330,28 @@ + AC_DEFINE_UNQUOTED(CONFDIR,"$cfg_dir",[where to look for the config file]) + + dnl check for in_port_t definition +-AC_TRY_RUN([ +-#include +-#include +-int main(int argc, char **argv) { in_port_t pt; pt = 0; return pt; } +-], AC_DEFINE(HAVE_IN_PORT_T,1,[in_port_t is defined]), AC_MSG_RESULT(in_port_t is not defined)) ++AC_CACHE_CHECK([for in_port_t], [clamav_av_have_in_port_t], [ ++ AC_TRY_RUN([ ++ #include ++ #include ++ int main(int argc, char **argv) { in_port_t pt; pt = 0; return pt; } ++ ]) ++ ]) ++if test "$clamav_av_have_in_port_t" = "yes"; then ++ AC_DEFINE(HAVE_IN_PORT_T,1,[in_port_t is defined]) ++fi + + dnl check for in_addr_t definition +-AC_TRY_RUN([ +-#include +-#include +-int main(int argc, char **argv) { in_addr_t pt; pt = 0; return pt; } +-], AC_DEFINE(HAVE_IN_ADDR_T,1,[in_addr_t is defined]), AC_MSG_RESULT(in_addr_t is not defined)) ++AC_CACHE_CHECK([for in_addr_t], [clamav_av_have_in_addr_t], [ ++ AC_TRY_RUN([ ++ #include ++ #include ++ int main(int argc, char **argv) { in_addr_t pt; pt = 0; return pt; } ++ ]) ++ ]) ++if test "$clamav_av_have_in_addr_t" = "yes"; then ++ AC_DEFINE(HAVE_IN_ADDR_T,1,[in_addr_t is defined]) ++fi + + case "$target_os" in + linux*) diff --git a/packages/clamav/files/freshclam.conf b/packages/clamav/files/freshclam.conf new file mode 100644 index 0000000000..770490b3ab --- /dev/null +++ b/packages/clamav/files/freshclam.conf @@ -0,0 +1,19 @@ +## Please read the freshclam.conf(5) manual before editing this file. + +# Comment or remove the line below. +Example + +# Uncomment the following line and replace XY with your country +# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list. +# Default: There is no default, which results in an error when running freshclam +#DatabaseMirror db.XY.clamav.net + +DatabaseMirror database.clamav.net +DatabaseOwner clamav +UpdateLogFile /var/log/clamav/freshclam.log +LogFileMaxSize 0 +MaxAttempts 5 +Checks 24 +DatabaseDirectory /var/lib/clamav/ +NotifyClamd +DNSDatabaseInfo current.cvd.clamav.net diff --git a/packages/clamav/files/libtool-fix.patch b/packages/clamav/files/libtool-fix.patch new file mode 100644 index 0000000000..05a4876dd0 --- /dev/null +++ b/packages/clamav/files/libtool-fix.patch @@ -0,0 +1,23 @@ +Use our own libtool that knows about cross compiling, not the libtool +that is included. + +--- clamav-0.88.4/acinclude.m4 2006/09/12 08:07:27 1.1 ++++ clamav-0.88.4/acinclude.m4 2006/09/12 08:16:31 +@@ -520,7 +520,7 @@ + LIBTOOL_DEPS="$ac_aux_dir/ltmain.sh" + + # Always use our own libtool. +-LIBTOOL='$(SHELL) $(top_builddir)/libtool' ++LIBTOOL="$host_alias-libtool" + AC_SUBST(LIBTOOL)dnl + + # Prevent multiple expansion +@@ -1238,7 +1238,7 @@ + rm="rm -f" + + # Global variables: +-default_ofile=libtool ++default_ofile=${host_alias}-libtool + can_build_shared=yes + + # All known linkers require a `.a' archive for static linking (except M$VC, diff --git a/packages/clamav/site/.mtn2git_empty b/packages/clamav/site/.mtn2git_empty new file mode 100644 index 0000000000..e69de29bb2 diff --git a/packages/clamav/site/common-glibc b/packages/clamav/site/common-glibc new file mode 100644 index 0000000000..9901eaf367 --- /dev/null +++ b/packages/clamav/site/common-glibc @@ -0,0 +1,4 @@ +clamav_av_func_working_snprintf_long=${clamav_av_func_working_snprintf_long=yes} +clamav_av_have_in_port_t=${clamav_av_have_in_port_t=yes} +clamav_av_have_in_addr_t=${clamav_av_have_in_addr_t=yes} +ac_cv_func_mmap_fixed_mapped=${ac_cv_func_mmap_fixed_mapped=yes} -- cgit v1.2.3