clamav: add package

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
2015-05-21 12:45:16 +02:00 · 2015-05-21 12:45:16 +02:00 · f9507c02e0
parent 8c13dbd2e1
commit f9507c02e0
7 changed files with 350 additions and 0 deletions
--- a/net/clamav/Makefile
+++ b/net/clamav/Makefile
@ -0,0 +1,120 @@
+#
+# Copyright (C) 2015 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=clamav
+PKG_VERSION:=0.98.6
+PKG_RELEASE:=1
+
+PKG_LICENSE:=GPL-2.0
+PKG_MAINTAINER:=Marko Ratkaj <marko.ratkaj@sartura.hr>
+
+PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
+PKG_SOURCE_URL:=http://downloads.sourceforge.net/project/clamav/clamav/$(PKG_VERSION)/
+PKG_MD5SUM:=7f4f7e82a09e42c4ebf153d6d452d9d8
+
+PKG_BUILD_PARALLEL:=1
+PKG_INSTALL:=1
+
+include $(INCLUDE_DIR)/uclibc++.mk
+include $(INCLUDE_DIR)/package.mk
+
+define Package/clamav/Default
+  SECTION:=net
+  DEPENDS:=+libpthread +uclibcxx +zlib +libcurl +libopenssl
+  CATEGORY:=Network
+  SUBMENU:=Web Servers/Proxies
+  TITLE:=ClamAV
+  URL:=http://www.clamav.net/
+endef
+
+define Package/clamav
+    $(call Package/clamav/Default)
+endef
+
+define Package/freshclam
+    $(call Package/clamav/Default)
+    DEPENDS+= +clamav
+    TITLE+=database updater
+endef
+
+define Package/clamav/description
+ ClamAV is an open source antivirus engine for detecting trojans,
+ viruses, malware & other malicious threats.
+endef
+
+define Package/freshclam/description
+ Database updater for ClamAV
+endef
+
+define Package/clamav/conffiles
+endef
+
+CONFIGURE_VARS += \
+	INCLUDES="" \
+	CXXFLAGS="$$$$CXXFLAGS -fno-rtti" \
+	LIBS="-lpthread" \
+
+define Build/Configure
+	$(call Build/Configure/Default, \
+		--sysconfdir=/etc/clamav/ \
+		--prefix=/usr/ \
+		--exec-prefix=/usr/ \
+		--disable-xml \
+		--disable-bzip2 \
+		--enable-ltdl-install \
+		--with-user nobody \
+		--with-group nogroup \
+	)
+endef
+
+define Build/Compile
+	$(MAKE) -C $(PKG_BUILD_DIR) \
+		DESTDIR="$(PKG_INSTALL_DIR)" \
+		all install
+endef
+
+define Package/clamav/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/clamd $(1)/usr/sbin/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamav-config $(1)/usr/sbin/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clambc $(1)/usr/sbin/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamconf $(1)/usr/sbin/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamdscan $(1)/usr/sbin/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/clamscan $(1)/usr/sbin/
+	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/sigtool $(1)/usr/sbin/
+
+	$(INSTALL_DIR) $(1)/usr/include
+	$(CP) $(PKG_INSTALL_DIR)/usr/include/clamav.h $(1)/usr/include/
+
+	$(INSTALL_DIR) $(1)/usr/lib
+	$(CP) $(PKG_INSTALL_DIR)/usr/lib*/* $(1)/usr/lib/
+
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_CONF) ./files/clamav.config $(1)/etc/config/clamav
+
+	$(INSTALL_DIR) $(1)/etc/init.d/
+	$(INSTALL_BIN) ./files/clamav.init $(1)/etc/init.d/clamav
+
+	$(INSTALL_DIR) $(1)/usr/share/clamav
+	$(CP) ./files/bytecode.cvd $(1)/usr/share/clamav/
+endef
+
+define Package/freshclam/install
+	$(INSTALL_DIR) $(1)/usr/sbin
+	$(CP) $(PKG_INSTALL_DIR)/usr/bin/freshclam $(1)/usr/sbin/
+
+	$(INSTALL_DIR) $(1)/etc/config
+	$(INSTALL_CONF) ./files/freshclam.config $(1)/etc/config/freshclam
+
+	$(INSTALL_DIR) $(1)/etc/init.d/
+	$(INSTALL_BIN) ./files/freshclam.init $(1)/etc/init.d/freshclam
+endef
+
+$(eval $(call BuildPackage,clamav))
+$(eval $(call BuildPackage,freshclam))
--- a/net/clamav/files/bytecode.cvd
+++ b/net/clamav/files/bytecode.cvd
--- a/net/clamav/files/clamav.config
+++ b/net/clamav/files/clamav.config
@ -0,0 +1,34 @@
+config clamav 'clamav'
+	option clamd_config_file '/etc/clamav/clamd.conf'
+	option LogFile '/tmp/clamd.log'
+	option LogFileMaxSize '1M'
+	option LogTime 'no'
+	option LogVerbose 'no'
+	option ExtendedDetectionInfo 'no'
+	option OfficialDatabaseOnly 'no'
+	option StreamMinPort '1024'
+	option StreamMaxPort '2048'
+	option MaxThreads '10'
+	option ReadTimeout '30'
+	option CommandReadTimeout '5'
+	option MaxDirectoryRecursion '15'
+	option FollowDirectorySymlinks 'no'
+	option FollowFileSymlinks 'no'
+	option SelfCheck '600'
+	option DetectPUA 'yes'
+	option ScanPE 'yes'
+	option DisableCertCheck 'no'
+	option ScanELF 'yes'
+	option DetectBrokenExecutables 'no'
+	option ScanOLE2 'yes'
+	option ScanPDF 'yes'
+	option ScanSWF 'yes'
+	option ScanMail 'yes'
+	option ScanPartialMessages 'no'
+	option ScanArchive 'yes'
+	option ArchiveBlockEncrypted 'yes'
+	option MaxFileSize '10M'
+	option TemporaryDirectory '/tmp'
+	option LocalSocket '/var/run/clamav/clamd.sock'
+	option User 'nobody'
+	option ExitOnOOM 'yes'
--- a/net/clamav/files/clamav.init
+++ b/net/clamav/files/clamav.init
@ -0,0 +1,116 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2015 OpenWrt.org
+
+START=90
+STOP=10
+
+USE_PROCD=1
+PROG=/usr/sbin/clamd
+CLAMD_CONFIGFILE="/tmp/clamav/clamd.conf"
+
+validate_clamav_section() {
+	uci_validate_section clamav clamav "${1}" \
+		'clamd_config_file:string' \
+		'LogFile:string' \
+		'LogFileMaxSize:string' \
+		'LogVerbose:string' \
+		'ExtendedDetectionInfo:string' \
+		'LogTime:string' \
+		'OfficialDatabaseOnly:string' \
+		'StreamMinPort:uinteger' \
+		'StreamMaxPort:uinteger' \
+		'MaxThreads:uinteger' \
+		'ReadTimeout:uinteger' \
+		'CommandReadTimeout:uinteger' \
+		'MaxDirectoryRecursion:uinteger' \
+		'FollowDirectorySymlinks:string' \
+		'FollowFileSymlinks:string' \
+		'SelfCheck:uinteger' \
+		'DetectPUA:string' \
+		'ScanPE:string' \
+		'DisableCertCheck:string' \
+		'ScanELF:string' \
+		'DetectBrokenExecutables:string' \
+		'ScanOLE2:string' \
+		'ScanPDF:string' \
+		'ScanSWF:string' \
+		'ScanMail:string' \
+		'ScanPartialMessages:string' \
+		'ScanArchive:string' \
+		'TemporaryDirectory:string' \
+		'ArchiveBlockEncrypted:string' \
+		'MaxFileSize:string' \
+		'LocalSocket:string' \
+		'User:string' \
+		'ExitOnOOM:string'
+}
+
+start_service() {
+	local clamd_config_file LogFile LogTime StreamMinPort \
+		StreamMaxPort MaxThreads ReadTimeout CommandReadTimeout MaxDirectoryRecursion \
+		FollowFileSymlinks FollowDirectorySymlinks SelfCheck DetectPUA ScanPE DisableCertCheck \
+		ScanELF DetectBrokenExecutables ScanOLE2 ScanPDF ScanSWF ScanMail ScanPartialMessages \
+		ScanArchive TemporaryDirectory ArchiveBlockEncrypted MaxFileSize LocalSocket User
+
+	validate_clamav_section clamav || {
+		echo "validation failed"
+		return 1
+	}
+
+	mkdir -p /usr/share/clamav
+	mkdir -p /etc/clamav/
+	mkdir -p /var/run/clamav/
+	chmod a+rw /var/run/clamav
+
+	mkdir -p $(dirname $CLAMD_CONFIGFILE)
+	ln -sf $clamd_config_file $CLAMD_CONFIGFILE
+
+	echo "LogFile " $LogFile > $CLAMD_CONFIGFILE
+	echo "LogFileMaxSize " $LogFileMaxSize >> $CLAMD_CONFIGFILE
+	echo "LogVerbose " $LogVerbose >> $CLAMD_CONFIGFILE
+	echo "ExtendedDetectionInfo " $ExtendedDetectionInfo >> $CLAMD_CONFIGFILE
+	echo "LogTime " $LogTime >> $CLAMD_CONFIGFILE
+	echo "OfficialDatabaseOnly " $OfficialDatabaseOnly >> $CLAMD_CONFIGFILE
+	echo "StreamMinPort " $StreamMinPort >> $CLAMD_CONFIGFILE
+	echo "StreamMaxPort " $StreamMaxPort >> $CLAMD_CONFIGFILE
+	echo "MaxThreads " $MaxThreads >> $CLAMD_CONFIGFILE
+	echo "ReadTimeout " $ReadTimeout >> $CLAMD_CONFIGFILE
+	echo "CommandReadTimeout " $CommandReadTimeout >> $CLAMD_CONFIGFILE
+	echo "MaxDirectoryRecursion " $MaxDirectoryRecursion >> $CLAMD_CONFIGFILE
+	echo "FollowDirectorySymlinks " $FollowDirectorySymlinks >> $CLAMD_CONFIGFILE
+	echo "FollowFileSymlinks " $FollowFileSymlinks >> $CLAMD_CONFIGFILE
+	echo "SelfCheck " $SelfCheck >> $CLAMD_CONFIGFILE
+	echo "DetectPUA " $DetectPUA >> $CLAMD_CONFIGFILE
+	echo "ScanPE " $ScanPE >> $CLAMD_CONFIGFILE
+	echo "DisableCertCheck " $DisableCertCheck >> $CLAMD_CONFIGFILE
+	echo "ScanELF " $ScanELF >> $CLAMD_CONFIGFILE
+	echo "DetectBrokenExecutables " $DetectBrokenExecutables >> $CLAMD_CONFIGFILE
+	echo "ScanOLE2 " $ScanOLE2 >> $CLAMD_CONFIGFILE
+	echo "ScanPDF " $ScanPDF >> $CLAMD_CONFIGFILE
+	echo "ScanSWF " $ScanSWF >> $CLAMD_CONFIGFILE
+	echo "ScanMail " $ScanMail >> $CLAMD_CONFIGFILE
+	echo "ScanPartialMessages " $ScanPartialMessages >> $CLAMD_CONFIGFILE
+	echo "ScanArchive " $ScanArchive >> $CLAMD_CONFIGFILE
+	echo "TemporaryDirectory " $TemporaryDirectory >> $CLAMD_CONFIGFILE
+	echo "ArchiveBlockEncrypted " $ArchiveBlockEncrypted >> $CLAMD_CONFIGFILE
+	echo "MaxFileSize " $MaxFileSize >> $CLAMD_CONFIGFILE
+	echo "LocalSocket " $LocalSocket >> $CLAMD_CONFIGFILE
+	echo "User " $User >> $CLAMD_CONFIGFILE
+	echo "ExitOnOOM " $ExitOnOOM >> $CLAMD_CONFIGFILE
+
+	procd_open_instance
+	procd_set_param command $PROG -c $CLAMD_CONFIGFILE
+	procd_set_param file $CLAMD_CONFIGFILE
+	procd_close_instance
+}
+
+stop_service()
+{
+	service_stop ${PROG}
+}
+
+service_triggers()
+{
+	procd_add_reload_trigger "clamav"
+	procd_add_validation validate_clamav_section
+}
--- a/net/clamav/files/freshclam.config
+++ b/net/clamav/files/freshclam.config
@ -0,0 +1,7 @@
+config freshclam 'freshclam'
+	option freshclam_config_file '/etc/clamav/freshclam.conf'
+	option UpdateLogFile '/tmp/freshclam.log'
+	option DatabaseMirror 'database.clamav.net'
+	option NotifyClamd '/etc/clamav/clamd.conf'
+	option DatabaseOwner 'root'
+	option CompressLocalDatabase 'yes'
--- a/net/clamav/files/freshclam.init
+++ b/net/clamav/files/freshclam.init
@ -0,0 +1,63 @@
+#!/bin/sh /etc/rc.common
+# Copyright (C) 2015 OpenWrt.org
+
+START=90
+STOP=10
+
+USE_PROCD=1
+PROG=/usr/sbin/freshclam
+FRESHCLAM_CONFIGFILE="/tmp/clamav/freshclam.conf"
+
+validate_freshclam_section() {
+	uci_validate_section freshclam freshclam "${1}" \
+		'freshclam_config_file:string' \
+		'UpdateLogFile:string' \
+		'DatabaseMirror:string' \
+		'NotifyClamd:string' \
+		'DatabaseOwner:string' \
+		'CompressLocalDatabase:string:'
+}
+
+start_service() {
+	local freshclam_config_file UpdateLogFile DatabaseOwner NotifyClamd DatabaseMirror
+
+	validate_freshclam_section freshclam || {
+		echo "validation failed"
+		return 1
+	}
+
+	[ -f /tmp/freshclam.pid ] && echo "already running" && return 0
+
+	mkdir -p /usr/share/clamav
+	mkdir -p /etc/clamav
+	touch /tmp/freshclam.log
+	touch /tmp/freshclam.pid
+
+	mkdir -p $(dirname $FRESHCLAM_CONFIGFILE)
+	ln -sf $freshclam_config_file $FRESHCLAM_CONFIGFILE
+
+	echo "UpdateLogFile " $UpdateLogFile > $FRESHCLAM_CONFIGFILE
+	echo "DatabaseMirror " $DatabaseMirror >> $FRESHCLAM_CONFIGFILE
+	echo "NotifyClamd " $NotifyClamd >> $FRESHCLAM_CONFIGFILE
+	echo "DatabaseOwner " $DatabaseOwner >> $FRESHCLAM_CONFIGFILE
+	echo "CompressLocalDatabase " $CompressLocalDatabase >> $FRESHCLAM_CONFIGFILE
+
+	procd_open_instance
+	procd_set_param command $PROG -d --config-file=$FRESHCLAM_CONFIGFILE -p /tmp/freshclam.pid --no-warnings
+	procd_set_param file $FRESHCLAM_CONFIGFILE
+	procd_close_instance
+}
+
+stop_service()
+{
+	[ ! -f /tmp/freshclam.pid ] && echo "not running" && return 0
+	PID=`cat /tmp/freshclam.pid`
+	kill $PID
+	rm -f /tmp/freshclam.pid
+}
+
+service_triggers()
+{
+	procd_add_reload_trigger "freshclam"
+	procd_add_validation validate_freshclam_section
+}
--- a/net/clamav/patches/001-compile.patch
+++ b/net/clamav/patches/001-compile.patch
@ -0,0 +1,10 @@
+--- a/clamdscan/proto.c
+++ b/clamdscan/proto.c
+@@ -55,6 +55,7 @@
+ #include "shared/misc.h"
+ #include "shared/clamdcom.h"
+ 
+#include <sys/un.h>
+ #include "proto.h"
+ #include "client.h"
+