Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-antivirus/clamav/files
diff options
context:
space:
mode:
Diffstat (limited to 'app-antivirus/clamav/files')
-rw-r--r--app-antivirus/clamav/files/clamav-milter.initd34
-rw-r--r--app-antivirus/clamav/files/clamav-milter.logrotate25
-rw-r--r--app-antivirus/clamav/files/clamav-milter.service-0.104.0 (renamed from app-antivirus/clamav/files/clamav-milter.service)5
-rw-r--r--app-antivirus/clamav/files/clamd.initd33
-rw-r--r--app-antivirus/clamav/files/clamd_at.service-0.104.012
-rw-r--r--app-antivirus/clamav/files/clamonacc.initd18
-rw-r--r--app-antivirus/clamav/files/freshclam.initd8
-rw-r--r--app-antivirus/clamav/files/freshclamd.service13
-rw-r--r--app-antivirus/clamav/files/tmpfiles.d/clamav-r1.conf1
9 files changed, 109 insertions, 40 deletions
diff --git a/app-antivirus/clamav/files/clamav-milter.initd b/app-antivirus/clamav/files/clamav-milter.initd
new file mode 100644
index 000000000000..049d908155d3
--- /dev/null
+++ b/app-antivirus/clamav/files/clamav-milter.initd
@@ -0,0 +1,34 @@
+#!/sbin/openrc-run
+
+# Note: the "Foreground" option in clamav-milter.conf MUST
+# be set to "no".
+command="/usr/sbin/clamav-milter"
+
+# For now, must be manually synchronized with the PidFile
+# variable in clamav-milter.conf.
+#
+# https://bugzilla.clamav.net/show_bug.cgi?id=12595
+#
+pidfile="/run/${RC_SVCNAME}.pid"
+
+depend() {
+ # The milter can successfully launch without clamd, but it's not a
+ # great user experience to have the milter start accepting requests
+ # that it can't process. The "use" dependency below will start clamd
+ # before clamav-milter, so long as clamd is also present this runlevel.
+ use clamd
+}
+
+start_pre() {
+ # This exists to support the (disabled) default MilterSocket setting
+ # within clamav-milter.conf. The "clamav" user and group agree with
+ # the (disabled) default "User" and "MilterSocketGroup" settings.
+ #
+ # Creating this directory is harmless even when a local socket is
+ # not used. In fact, the clamd service that we depend on should
+ # create it as well, to hold its own local socket (if enabled).
+ checkpath --directory \
+ --mode 0755 \
+ --owner clamav:clamav \
+ "/run/clamav"
+}
diff --git a/app-antivirus/clamav/files/clamav-milter.logrotate b/app-antivirus/clamav/files/clamav-milter.logrotate
deleted file mode 100644
index 24782df604b6..000000000000
--- a/app-antivirus/clamav/files/clamav-milter.logrotate
+++ /dev/null
@@ -1,25 +0,0 @@
-# This script is intended to rotate the logs for clamav-milter in its
-# default configuration on Gentoo, where clamav-milter writes to its
-# own log file but does not rotate that file itself. The clamav-milter
-# daemon is capable of rotating its own logs; if you have "LogRotate
-# yes" in clamav-milter.conf then you do not need this script (and
-# should disable it). Likewise, if you are logging to syslog
-# (LogSyslog yes), this is redundant.
-#
-# This is more complicated than the clamd/freshclam scripts because
-# the milter doesn't yet reopen its log files when it receives a
-# SIGHUP. See https://bugzilla.clamav.net/show_bug.cgi?id=12615
-# for that. Instead we have to attempt OpenRC/systemd service
-# restarts on (only) the machines that support them.
-/var/log/clamav/clamav-milter.log {
- su clamav clamav
- missingok
- postrotate
- if command -v rc-service 2>/dev/null; then
- rc-service clamav-milter status 2>/dev/null 1>&2 && rc-service clamav-milter restart 1>/dev/null
- fi
- if command -v systemctl 2>/dev/null; then
- systemctl try-restart clamav-milter
- fi
- endscript
-}
diff --git a/app-antivirus/clamav/files/clamav-milter.service b/app-antivirus/clamav/files/clamav-milter.service-0.104.0
index 5a1a24faa27d..68acf0695ceb 100644
--- a/app-antivirus/clamav/files/clamav-milter.service
+++ b/app-antivirus/clamav/files/clamav-milter.service-0.104.0
@@ -5,8 +5,9 @@ Before=sendmail.service
Before=postfix.service
[Service]
-ExecStart=/usr/sbin/clamav-milter -c /etc/clamav-milter.conf --nofork=yes
-Restart=on-failure
+Type=forking
+PIDFile=/run/clamav/clamav-milter.pid
+ExecStart=/usr/sbin/clamav-milter -c /etc/clamav/clamav-milter.conf
[Install]
WantedBy=multi-user.target
diff --git a/app-antivirus/clamav/files/clamd.initd b/app-antivirus/clamav/files/clamd.initd
new file mode 100644
index 000000000000..efc01efc41b0
--- /dev/null
+++ b/app-antivirus/clamav/files/clamd.initd
@@ -0,0 +1,33 @@
+#!/sbin/openrc-run
+
+# Note: the "Foreground" option in clamd.conf must be set to "no"
+command="/usr/sbin/clamd"
+extra_started_commands="reload"
+
+# For now, must be manually synchronized with the PidFile variable
+# in clamd.conf.
+#
+# https://bugzilla.clamav.net/show_bug.cgi?id=12595
+#
+pidfile="/run/${RC_SVCNAME}.pid"
+
+start_pre() {
+ # This exists to support the (disabled) default LocalSocket setting
+ # within clamd.conf. The "clamav" user and group agree with the
+ # (disabled) default "User" and "LocalSocketGroup" settings in
+ # clamd.conf. And everything here agrees with the
+ # clamav-daemon.socket systemd service.
+ #
+ # Creating this directory is harmless even when a local socket is
+ # not used.
+ checkpath --directory \
+ --mode 0755 \
+ --owner clamav:clamav \
+ "/run/clamav"
+}
+
+reload() {
+ ebegin "Reloading ${RC_SVCNAME}"
+ "/usr/bin/clamdscan" --reload
+ eend $?
+}
diff --git a/app-antivirus/clamav/files/clamd_at.service-0.104.0 b/app-antivirus/clamav/files/clamd_at.service-0.104.0
new file mode 100644
index 000000000000..5ab51e7fccf7
--- /dev/null
+++ b/app-antivirus/clamav/files/clamd_at.service-0.104.0
@@ -0,0 +1,12 @@
+[Unit]
+Description=clamd scanner (%i) daemon
+After=nss-lookup.target network.target
+
+[Service]
+Type=forking
+ExecStart=/usr/sbin/clamd -c /etc/clamav/clamd%i.conf
+Restart=on-failure
+PrivateTmp=true
+
+[Install]
+WantedBy=multi-user.target
diff --git a/app-antivirus/clamav/files/clamonacc.initd b/app-antivirus/clamav/files/clamonacc.initd
new file mode 100644
index 000000000000..f625707b171a
--- /dev/null
+++ b/app-antivirus/clamav/files/clamonacc.initd
@@ -0,0 +1,18 @@
+#!/sbin/openrc-run
+
+command="/usr/sbin/clamonacc"
+pidfile="/run/${RC_SVCNAME}.pid"
+
+# clamonacc doesn't support a PID file at the moment, so we
+# run it in the foreground and let OpenRC background it.
+#
+# https://bugzilla.clamav.net/show_bug.cgi?id=12595
+#
+command_args="--foreground"
+command_background=true
+
+depend() {
+ # Unlike the milter, the on-access scanner will simply fail to start
+ # until clamd is available.
+ need clamd
+}
diff --git a/app-antivirus/clamav/files/freshclam.initd b/app-antivirus/clamav/files/freshclam.initd
new file mode 100644
index 000000000000..415d94a87668
--- /dev/null
+++ b/app-antivirus/clamav/files/freshclam.initd
@@ -0,0 +1,8 @@
+#!/sbin/openrc-run
+
+command="/usr/bin/freshclam"
+pidfile="/run/${RC_SVCNAME}.pid"
+
+# Ignore the value of "PidFile" set in freshclam.conf.
+command_args="-p ${pidfile}"
+command_args_background="--daemon"
diff --git a/app-antivirus/clamav/files/freshclamd.service b/app-antivirus/clamav/files/freshclamd.service
deleted file mode 100644
index 214876880661..000000000000
--- a/app-antivirus/clamav/files/freshclamd.service
+++ /dev/null
@@ -1,13 +0,0 @@
-[Unit]
-Description=clamav updater
-
-[Service]
-Type=forking
-User=clamav
-Group=clamav
-RuntimeDirectory=clamav
-PIDFile=/run/clamav/freshclam.pid
-ExecStart=/usr/bin/freshclam -d -p /run/clamav/freshclam.pid
-
-[Install]
-WantedBy=multi-user.target
diff --git a/app-antivirus/clamav/files/tmpfiles.d/clamav-r1.conf b/app-antivirus/clamav/files/tmpfiles.d/clamav-r1.conf
new file mode 100644
index 000000000000..22d29941ea02
--- /dev/null
+++ b/app-antivirus/clamav/files/tmpfiles.d/clamav-r1.conf
@@ -0,0 +1 @@
+d /run/clamav 0755 clamav clamav