diff options
Diffstat (limited to 'app-antivirus/clamav/files')
-rw-r--r-- | app-antivirus/clamav/files/clamav-milter.initd | 34 | ||||
-rw-r--r-- | app-antivirus/clamav/files/clamav-milter.logrotate | 25 | ||||
-rw-r--r-- | app-antivirus/clamav/files/clamav-milter.service-0.104.0 (renamed from app-antivirus/clamav/files/clamav-milter.service) | 5 | ||||
-rw-r--r-- | app-antivirus/clamav/files/clamd.initd | 33 | ||||
-rw-r--r-- | app-antivirus/clamav/files/clamd_at.service-0.104.0 | 12 | ||||
-rw-r--r-- | app-antivirus/clamav/files/clamonacc.initd | 18 | ||||
-rw-r--r-- | app-antivirus/clamav/files/freshclam.initd | 8 | ||||
-rw-r--r-- | app-antivirus/clamav/files/freshclamd.service | 13 | ||||
-rw-r--r-- | app-antivirus/clamav/files/tmpfiles.d/clamav-r1.conf | 1 |
9 files changed, 109 insertions, 40 deletions
diff --git a/app-antivirus/clamav/files/clamav-milter.initd b/app-antivirus/clamav/files/clamav-milter.initd new file mode 100644 index 000000000000..049d908155d3 --- /dev/null +++ b/app-antivirus/clamav/files/clamav-milter.initd @@ -0,0 +1,34 @@ +#!/sbin/openrc-run + +# Note: the "Foreground" option in clamav-milter.conf MUST +# be set to "no". +command="/usr/sbin/clamav-milter" + +# For now, must be manually synchronized with the PidFile +# variable in clamav-milter.conf. +# +# https://bugzilla.clamav.net/show_bug.cgi?id=12595 +# +pidfile="/run/${RC_SVCNAME}.pid" + +depend() { + # The milter can successfully launch without clamd, but it's not a + # great user experience to have the milter start accepting requests + # that it can't process. The "use" dependency below will start clamd + # before clamav-milter, so long as clamd is also present this runlevel. + use clamd +} + +start_pre() { + # This exists to support the (disabled) default MilterSocket setting + # within clamav-milter.conf. The "clamav" user and group agree with + # the (disabled) default "User" and "MilterSocketGroup" settings. + # + # Creating this directory is harmless even when a local socket is + # not used. In fact, the clamd service that we depend on should + # create it as well, to hold its own local socket (if enabled). + checkpath --directory \ + --mode 0755 \ + --owner clamav:clamav \ + "/run/clamav" +} diff --git a/app-antivirus/clamav/files/clamav-milter.logrotate b/app-antivirus/clamav/files/clamav-milter.logrotate deleted file mode 100644 index 24782df604b6..000000000000 --- a/app-antivirus/clamav/files/clamav-milter.logrotate +++ /dev/null @@ -1,25 +0,0 @@ -# This script is intended to rotate the logs for clamav-milter in its -# default configuration on Gentoo, where clamav-milter writes to its -# own log file but does not rotate that file itself. The clamav-milter -# daemon is capable of rotating its own logs; if you have "LogRotate -# yes" in clamav-milter.conf then you do not need this script (and -# should disable it). Likewise, if you are logging to syslog -# (LogSyslog yes), this is redundant. -# -# This is more complicated than the clamd/freshclam scripts because -# the milter doesn't yet reopen its log files when it receives a -# SIGHUP. See https://bugzilla.clamav.net/show_bug.cgi?id=12615 -# for that. Instead we have to attempt OpenRC/systemd service -# restarts on (only) the machines that support them. -/var/log/clamav/clamav-milter.log { - su clamav clamav - missingok - postrotate - if command -v rc-service 2>/dev/null; then - rc-service clamav-milter status 2>/dev/null 1>&2 && rc-service clamav-milter restart 1>/dev/null - fi - if command -v systemctl 2>/dev/null; then - systemctl try-restart clamav-milter - fi - endscript -} diff --git a/app-antivirus/clamav/files/clamav-milter.service b/app-antivirus/clamav/files/clamav-milter.service-0.104.0 index 5a1a24faa27d..68acf0695ceb 100644 --- a/app-antivirus/clamav/files/clamav-milter.service +++ b/app-antivirus/clamav/files/clamav-milter.service-0.104.0 @@ -5,8 +5,9 @@ Before=sendmail.service Before=postfix.service [Service] -ExecStart=/usr/sbin/clamav-milter -c /etc/clamav-milter.conf --nofork=yes -Restart=on-failure +Type=forking +PIDFile=/run/clamav/clamav-milter.pid +ExecStart=/usr/sbin/clamav-milter -c /etc/clamav/clamav-milter.conf [Install] WantedBy=multi-user.target diff --git a/app-antivirus/clamav/files/clamd.initd b/app-antivirus/clamav/files/clamd.initd new file mode 100644 index 000000000000..efc01efc41b0 --- /dev/null +++ b/app-antivirus/clamav/files/clamd.initd @@ -0,0 +1,33 @@ +#!/sbin/openrc-run + +# Note: the "Foreground" option in clamd.conf must be set to "no" +command="/usr/sbin/clamd" +extra_started_commands="reload" + +# For now, must be manually synchronized with the PidFile variable +# in clamd.conf. +# +# https://bugzilla.clamav.net/show_bug.cgi?id=12595 +# +pidfile="/run/${RC_SVCNAME}.pid" + +start_pre() { + # This exists to support the (disabled) default LocalSocket setting + # within clamd.conf. The "clamav" user and group agree with the + # (disabled) default "User" and "LocalSocketGroup" settings in + # clamd.conf. And everything here agrees with the + # clamav-daemon.socket systemd service. + # + # Creating this directory is harmless even when a local socket is + # not used. + checkpath --directory \ + --mode 0755 \ + --owner clamav:clamav \ + "/run/clamav" +} + +reload() { + ebegin "Reloading ${RC_SVCNAME}" + "/usr/bin/clamdscan" --reload + eend $? +} diff --git a/app-antivirus/clamav/files/clamd_at.service-0.104.0 b/app-antivirus/clamav/files/clamd_at.service-0.104.0 new file mode 100644 index 000000000000..5ab51e7fccf7 --- /dev/null +++ b/app-antivirus/clamav/files/clamd_at.service-0.104.0 @@ -0,0 +1,12 @@ +[Unit] +Description=clamd scanner (%i) daemon +After=nss-lookup.target network.target + +[Service] +Type=forking +ExecStart=/usr/sbin/clamd -c /etc/clamav/clamd%i.conf +Restart=on-failure +PrivateTmp=true + +[Install] +WantedBy=multi-user.target diff --git a/app-antivirus/clamav/files/clamonacc.initd b/app-antivirus/clamav/files/clamonacc.initd new file mode 100644 index 000000000000..f625707b171a --- /dev/null +++ b/app-antivirus/clamav/files/clamonacc.initd @@ -0,0 +1,18 @@ +#!/sbin/openrc-run + +command="/usr/sbin/clamonacc" +pidfile="/run/${RC_SVCNAME}.pid" + +# clamonacc doesn't support a PID file at the moment, so we +# run it in the foreground and let OpenRC background it. +# +# https://bugzilla.clamav.net/show_bug.cgi?id=12595 +# +command_args="--foreground" +command_background=true + +depend() { + # Unlike the milter, the on-access scanner will simply fail to start + # until clamd is available. + need clamd +} diff --git a/app-antivirus/clamav/files/freshclam.initd b/app-antivirus/clamav/files/freshclam.initd new file mode 100644 index 000000000000..415d94a87668 --- /dev/null +++ b/app-antivirus/clamav/files/freshclam.initd @@ -0,0 +1,8 @@ +#!/sbin/openrc-run + +command="/usr/bin/freshclam" +pidfile="/run/${RC_SVCNAME}.pid" + +# Ignore the value of "PidFile" set in freshclam.conf. +command_args="-p ${pidfile}" +command_args_background="--daemon" diff --git a/app-antivirus/clamav/files/freshclamd.service b/app-antivirus/clamav/files/freshclamd.service deleted file mode 100644 index 214876880661..000000000000 --- a/app-antivirus/clamav/files/freshclamd.service +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=clamav updater - -[Service] -Type=forking -User=clamav -Group=clamav -RuntimeDirectory=clamav -PIDFile=/run/clamav/freshclam.pid -ExecStart=/usr/bin/freshclam -d -p /run/clamav/freshclam.pid - -[Install] -WantedBy=multi-user.target diff --git a/app-antivirus/clamav/files/tmpfiles.d/clamav-r1.conf b/app-antivirus/clamav/files/tmpfiles.d/clamav-r1.conf new file mode 100644 index 000000000000..22d29941ea02 --- /dev/null +++ b/app-antivirus/clamav/files/tmpfiles.d/clamav-r1.conf @@ -0,0 +1 @@ +d /run/clamav 0755 clamav clamav |