47272f4f0a
0.71-0.fdr.2 - removed the randomization in the cronjob; it seems to be impossible to use the mod-operator (%) there. Instead of, the user has to replace some placeholders... 0.71-0.fdr.1 - updated to 0.71 0.70-0.fdr.1.1 - quote 'EOF' to delay $RANDOM expansion 0.70-0.fdr.2 - updated GECOS entry for the 'clamav' user to describe its purpose more accurately - use explicit '-m755' when creating directories with install 0.70-0.fdr.1 - updated to 0.70; rediffed some patches - updated logrotate script to use signals and documented the steps which are needed to make it work - adapted initscript to use signals instead of sockwrite - removed sockwrite; signals can now be used to reload the database - added logfile to the -milter subpackage 0.68-0.fdr.2.1 - tagged some Requires:, since clamav-server is required in the milter-%post* scriptlets 0.68-0.fdr.2 - split the double Requires(...,...): statements; see https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=118773 - require the recent fedora-usermgmt package (0.7) which fixes similar ordering issues 0.68-0.fdr.1 - updated to 0.68 (using the -1 version) - ship milter-files in the -milter instead of the -server subpackage 0.67-0.fdr.3 - fixed ':' vs. '.' in chown 0.67-0.fdr.2 - randomize freshclam startup to prevent server peaks 0.67-0.fdr.1 - updated to 0.67 (using the -1 version) 0.66-0.fdr.2 - updated to 0.66; important, packaging-relevant changes are freshclam: $http_proxy is not supported anymore; you have to configure it in /etc/freshclam.conf the logfile has been renamed to /var/log/freshclam.log - removed %check section; buildroot check is implemented in local testsuite already - added some %verify(not mtime) modifiers to avoid unnecessary .rpmnew files - added some directory-Requires: - activated milter-package and made it work - added patch to disable clamav-milter service by default - renamed /var/run/clamav.<SERVICE> to /var/run/clamd.<SERVICE>; this makes things more consistently but can break backward compatibility. The initscript should deal with the old version too, but I would not bet on it... - updated some descriptions - fixed the update-mechanism; now it happens in two stages: at first, the files will be downloaded as user 'clamav' and then, root initiates the daemon-reload. 0.65-0.fdr.5 - added security fix for http://www.securityfocus.com/archive/1/353194/2004-02-06/2004-02-12/1 0.65-0.fdr.4 - fixed typo in README (sysconf.d vs. sysconf) - make build on rhl8 succeed by adding '|| :' to %check 0.65-0.fdr.3 - substitute 'User' in sample cfg-file also - uncommented some cfg-options which are needed for a proper operation - fixed typos in README (thanks to Michael Schwendt) 0.65-0.fdr.2 - fixed path of 'LocalSocket' and documented steps how to create it - added a missing backslash at the configure-call - do not package clamav-milter.8 manpage - documented 'User' in the README 0.65-0.fdr.1 - updated to 0.65 - added gmp-devel buildrequires: - changed installed databases from 'viruses.db*' to '*.cvb' - made milter-build conditional; 0.65 is missing some files which would break the build else - fixed typo (clamav-notify-server -> clamav-notify-servers) 0.60-0.fdr.5 - created -update subpackage and filled it with files from main and -data package - set more reasonable default-values in the sample config-file - made the README in -server more clear - moved clamav-milter man-page into -milter subpackage - use fedora-usermgmt - renamed -daemon subpackage and related files to -server - use abstract 'data(clamav)' notation for clamav-data dependencies - use 'init(...)' requirements as placeholder for future -sysv/-minit subpackages 0.60-0.fdr.4 - backported clamav-sockwrite.c to C89 0.60-0.fdr.3 - updated Source0 URL - fixed portuguese i18n-abbreviation 0.60-0.fdr.3 - use LSB compliant exit-codes in the init-script - other init-script cleanups 0.60-0.fdr.2 - updated %description - removed README from %doc-list 0.60-0.fdr.1 - disabled -milter subpackage; I do not get it to run :( 0.60-0.fdr.0.1 - updated to 0.60 - modernized usercreation - added -milter subpackage 0.54-0.fdr.2 - added BUGS file - moved clamd.8 man-page into daemon-subpackage - some cosmetical cleanups - removed config-patch; it was unused - made some paths more fedora-compliant - honor $RPM_OPT_FLAGS - added clamav-notify-daemons script - removed obsoleted %socketdir 0.54-0.fdr.0.1 - splitted into additional -data/-daemon packages - added clamav-sockwrite program - updated to recent fedora policies Thu Nov 21 2002 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> 0.54-1 - updated to 0.54 - updated config-patch Tue Oct 29 2002 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> 0.52-1 - updated to 0.52 Tue Sep 17 2002 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de> - Initial build.
59 lines
1.9 KiB
Plaintext
59 lines
1.9 KiB
Plaintext
To create individual clamd-instance take the following files and
|
|
modify/copy them in the suggested way:
|
|
|
|
clamav.conf:
|
|
* set LogFile, PidFile, LocalSocket and User to suitable values
|
|
* place this file into /etc/clamd.d with a unique service-name;
|
|
e.g. as /etc/clamd.d/<SERVICE>.conf
|
|
|
|
To make logfile rotation work properly, the LogFile should be
|
|
writable for the assigned User. Recommended way to reach this, is
|
|
to:
|
|
* make it owned by the User's *group*
|
|
* assign at least 0620 (u+rw,g+w) permissions
|
|
|
|
A suitable command might be
|
|
| # touch <logfile>
|
|
| # chgrp <user> <logfile>
|
|
| # chmod 0620 <logfile>
|
|
|
|
NEVER use 'clamav' as the user since he can modify the database.
|
|
This is the user who is running the application; e.g. for mimedefang
|
|
(http://www.roaringpenguin.com/mimedefang), the user might be
|
|
'defang'.Theoretically, distinct users could be used, but it must be
|
|
made sure that the application-user can write into the socket-file,
|
|
and that the clamd-user can access the files asked by the
|
|
application to be checked.
|
|
|
|
|
|
clamd.logrotate:
|
|
* set the correct value for the logfile
|
|
* place it into /etc/logrotate.d
|
|
|
|
clamd.sysconfig:
|
|
* set the name of the config-file and the local socket
|
|
* copy it to /etc/sysconfig/clamd.<SERVICE>
|
|
|
|
clamd.init:
|
|
* set the service-name
|
|
* place it into /etc/init.d/ with an unique name and activate it
|
|
(e.g. with /sbin/chkconfig clamd.<SERVICE> on)
|
|
|
|
Additionally, a symlink must be set to clamd in a way like
|
|
| # ln -s clamd /usr/sbin/clamd.<SERVICE>
|
|
and the directory for the socket file must be created (see 'LocalSocket'
|
|
in clamav.conf)
|
|
| # mkdir -p /var/run/clamd.<SERVICE>
|
|
|
|
|
|
This directory must be writable by the 'User' chosen in the config-file.
|
|
|
|
|
|
|
|
[Disclaimer:
|
|
this file and the script/configfiles are not part of the official
|
|
clamav package.
|
|
|
|
Please send complaints and comments to
|
|
mailto:enrico.scholz@informatik.tu-chemnitz.de!]
|