summaryrefslogtreecommitdiff
path: root/network/clamav-unofficial-sigs
diff options
context:
space:
mode:
Diffstat (limited to 'network/clamav-unofficial-sigs')
-rw-r--r--network/clamav-unofficial-sigs/README21
-rw-r--r--network/clamav-unofficial-sigs/UPGRADE_NOTICE9
-rw-r--r--network/clamav-unofficial-sigs/clamav-unofficial-sigs.875
-rw-r--r--network/clamav-unofficial-sigs/clamav-unofficial-sigs.SlackBuild50
-rw-r--r--network/clamav-unofficial-sigs/clamav-unofficial-sigs.cron32
-rw-r--r--network/clamav-unofficial-sigs/clamav-unofficial-sigs.info8
-rw-r--r--network/clamav-unofficial-sigs/clamav-unofficial-sigs.logrotate32
-rw-r--r--network/clamav-unofficial-sigs/doinst.sh6
-rw-r--r--network/clamav-unofficial-sigs/patches/master.conf.patch51
-rw-r--r--network/clamav-unofficial-sigs/patches/os.slackware.conf.patch20
10 files changed, 252 insertions, 52 deletions
diff --git a/network/clamav-unofficial-sigs/README b/network/clamav-unofficial-sigs/README
index 5b1f013ecd..936738ebb7 100644
--- a/network/clamav-unofficial-sigs/README
+++ b/network/clamav-unofficial-sigs/README
@@ -6,25 +6,14 @@ capabilities and make an excellent enhancement to native clamav signatures.
It is especially useful when running a mailserver with clamav. The best way to
update signatures is to set up a cron job.
-Following four sources of signatures are used by default in the config file:
-
-1) SaneSecurity
-2) MSRBL (Realtime Blacklists)
-3) SecuriteInfo
-4) MalwarePatrol
-
These sources are fully tweakable via the config file. Also refer to the
documentation included with the package which provides configuration and
setup infomation.
-Following are the URLs for each signature source.
-SaneSecurity: http://www.sanesecurity.com/index.htm
-SecuriteInfo: http://www.securiteinfo.com/services/clamav_unofficial_malwares_signatures.shtml
-MSRBL: http://www.msrbl.com/
-MalwarePatrol: http://www.malware.com.br/
+The original script was from Bill Landry but it has not been updated for a
+while now and so this new script from ExtremeSHOK is now the recommended
+way to update third-party signature. More information is here:
-A sample cron entry is included in the package docs, please make appropriate
-changes to it and add it to root's crontab.
+http://sanesecurity.com/usage/linux-scripts/
-If you are using a firewall on your server, you may have to allow rsync
-traffic as MSRBL sigs are downloaded using rsync.
+A sample cron job script is included in the package docs.
diff --git a/network/clamav-unofficial-sigs/UPGRADE_NOTICE b/network/clamav-unofficial-sigs/UPGRADE_NOTICE
new file mode 100644
index 0000000000..de5a413ef7
--- /dev/null
+++ b/network/clamav-unofficial-sigs/UPGRADE_NOTICE
@@ -0,0 +1,9 @@
+If you are upgrading from verion 3.7.2 or earlier to this version:
+
+Please make sure you backup your existing config file. New maintainers
+have done major rework with the script and config files.
+
+All config files are now located in /etc/clamav-unofficial-sigs directory.
+
+Be prepared to move all your configs to the new location by hand and
+to make necessary changes inside the new config.
diff --git a/network/clamav-unofficial-sigs/clamav-unofficial-sigs.8 b/network/clamav-unofficial-sigs/clamav-unofficial-sigs.8
new file mode 100644
index 0000000000..24bd576e5b
--- /dev/null
+++ b/network/clamav-unofficial-sigs/clamav-unofficial-sigs.8
@@ -0,0 +1,75 @@
+
+.\" Manual page for eXtremeSHOK.com ClamAV Unofficial Signature Updater
+.TH clamav-unofficial-sigs 8 "18 April 2016" "Version: 5.2.2" "SCRIPT COMMANDS"
+.SH NAME
+clamav-unofficial-sigs \- Download, test, and install third-party ClamAV signature databases.
+.SH SYNOPSIS
+.B clamav-unofficial-sigs
+.RI [ options ]
+.SH DESCRIPTION
+\fBclamav-unofficial-sigs\fP provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol, Yara-Rules Project, etc. It will also generate and install cron, logrotate, and man files.
+.SH UPDATES
+Script updates can be found at: \fBhttps://github.com/extremeshok/clamav-unofficial-sigs\fP
+.SH OPTIONS
+This script follows the standard GNU command line syntax.
+.LP
+\fB Usage: clamav\-unofficial\-sigs.sh \fR [OPTION] [PATH|FILE]
+.TP
+\fB \-c, \-\-config \fR Use a specific configuration file or directory eg: '\-c /your/dir' or ' \-c /your/file.name' Note: If a directory is specified the directory must contain atleast: master.conf, os.conf or user.conf Default Directory: /etc/clamav\-unofficial\-sigs
+.TP
+\fB \-F, \-\-force \fR Force all databases to be downloaded, could cause ip to be blocked
+.TP
+\fB \-h, \-\-help \fR Display this script's help and usage information
+.TP
+\fB \-V, \-\-version \fR Output script version and date information
+.TP
+\fB \-v, \-\-verbose \fR Be verbose, enabled when not run under cron
+.TP
+\fB \-s, \-\-silence \fR Only output error messages, enabled when run under cron
+.TP
+\fB \-d, \-\-decode\-sig \fR Decode a third\-party signature either by signature name (eg: Sanesecurity.Junk.15248) or hexadecimal string. This flag will 'NOT' decode image signatures
+.TP
+\fB \-e, \-\-encode\-string \fR Hexadecimal encode an entire input string that can be used in any '*.ndb' signature database file
+.TP
+\fB \-f, \-\-encode\-formatted \fR Hexadecimal encode a formatted input string containing signature spacing fields '{}, (), *', without encoding the spacing fields, so that the encoded signature can be used in any '*.ndb' signature database file
+.TP
+\fB \-g, \-\-gpg\-verify \fR GPG verify a specific Sanesecurity database file eg: '\-g filename.ext' (do not include file path)
+.TP
+\fB \-i, \-\-information \fR Output system and configuration information for viewing or possible debugging purposes
+.TP
+\fB \-m, \-\-make\-database \fR Make a signature database from an ascii file containing data strings, with one data string per line. Additional information is provided when using this flag
+.TP
+\fB \-t, \-\-test\-database \fR Clamscan integrity test a specific database file eg: '\-s filename.ext' (do not include file path)
+.TP
+\fB \-o, \-\-output\-triggered \fR If HAM directory scanning is enabled in the script's configuration file, then output names of any third\-party signatures that triggered during the HAM directory scan
+.TP
+\fB \-w, \-\-whitelist \fR Adds a signature whitelist entry in the newer ClamAV IGN2 format to 'my\-whitelist.ign2' in order to temporarily resolve a false\-positive issue with a specific third\-party signature. Script added whitelist entries will automatically be removed if the original signature is either modified or removed from the third\-party signature database
+.TP
+\fB \-\-check\-clamav \fR If ClamD status check is enabled and the socket path is correctly specifiedthen test to see if clamd is running or not
+.TP
+\fB \-\-install\-all \fR Install and generate the cron, logroate and man files, autodetects the values based on your config files
+.TP
+\fB \-\-install\-cron \fR Install and generate the cron file, autodetects the values based on your config files
+.TP
+\fB \-\-install\-logrotate \fR Install and generate the logrotate file, autodetects the values based on your config files
+.TP
+\fB \-\-install\-man \fR Install and generate the man file, autodetects the values based on your config files
+.TP
+\fB \-\-remove\-script \fR Remove the clamav\-unofficial\-sigs script and all of its associated files and databases from the system
+.TP
+.SH SEE ALSO
+.BR clamd (8),
+.BR clamscan (1)
+.SH COPYRIGHT
+Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com
+.TP
+You are free to use, modify and distribute, however you may not remove this notice.
+.SH LICENSE
+BSD (Berkeley Software Distribution)
+.SH BUGS
+Report bugs to \fBhttps://github.com/extremeshok/clamav-unofficial-sigs\fP
+.SH AUTHOR
+Adrian Jon Kriel :: admin@extremeshok.com
+Originially based on Script provide by Bill Landry
+
+
diff --git a/network/clamav-unofficial-sigs/clamav-unofficial-sigs.SlackBuild b/network/clamav-unofficial-sigs/clamav-unofficial-sigs.SlackBuild
index 2c1f1a706d..906fe1b175 100644
--- a/network/clamav-unofficial-sigs/clamav-unofficial-sigs.SlackBuild
+++ b/network/clamav-unofficial-sigs/clamav-unofficial-sigs.SlackBuild
@@ -1,12 +1,9 @@
#!/bin/sh
# Slackware Package Build Script for clamav-unofficial-sigs
-# package provides easy download and integration of unofficial third-party
-# clamav signatures.
+# Home Page: https://github.com/extremeshok/clamav-unofficial-sigs
-# Home Page: http://www.inetmsg.com/pub/
-
-# Copyright (c) 2009-2013, Nishant Limbachia, Hoffman Estates, IL, USA
+# Copyright (c) 2009-2016, Nishant Limbachia, Hoffman Estates, IL, USA
# (nishant _AT_ mnspace _DOT_ net)
# All rights reserved.
#
@@ -29,7 +26,7 @@
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
PRGNAM="clamav-unofficial-sigs"
-VERSION=${VERSION:-3.7.2}
+VERSION=${VERSION:-5.4.1}
ARCH="noarch" # hardcode ARCH
BUILD=${BUILD:-1}
TAG=${TAG:-_SBo}
@@ -39,7 +36,7 @@ TMP=${TMP:-/tmp/SBo}
PKG=$TMP/package-$PRGNAM
OUTPUT=${OUTPUT:-/tmp}
-set -e
+set -e
### user and group for config file
CONFIG_USER="root"
@@ -48,43 +45,36 @@ CONFIG_GROUP="clamav"
rm -fr $TMP/$PRGNAM-$VERSION $PKG
mkdir -p $TMP $PKG $OUTPUT
cd $TMP
-tar xvf $CWD/$PRGNAM-$VERSION.tar.gz
+tar xvf $CWD/$PRGNAM-$VERSION.tar.gz || tar xvf $CWD/v$VERSION.tar.gz
cd $PRGNAM-$VERSION
chown -R root:root .
-mkdir -p $PKG/usr/{bin,doc/$PRGNAM-$VERSION,man/man8}
+
+# Apply patches, copy configs
+mkdir -p $PKG/etc/{$PRGNAM,logrotate.d}
+
+patch -p0 < $CWD/patches/os.slackware.conf.patch
+patch -p0 < $CWD/patches/master.conf.patch
+install -m 0644 -D config/user.conf $PKG/etc/$PRGNAM/user.conf.new
+install -m 0644 -D config/os.slackware.conf $PKG/etc/$PRGNAM/os.conf.new
+install -m 0644 -D config/master.conf $PKG/etc/$PRGNAM/master.conf.new
### install bash script
-install -m 0755 $PRGNAM.sh $PKG/usr/bin
+install -m 0755 -D $PRGNAM.sh $PKG/usr/bin/$PRGNAM.sh
### install docs
-install -m 0644 CHANGELOG INSTALL README \
-LICENSE clamd-status.sh \
-$PRGNAM-cron $PKG/usr/doc/$PRGNAM-$VERSION
+mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
+install -m 0644 INSTALL README.md LICENSE $CWD/UPGRADE_NOTICE \
+ $CWD/$PRGNAM.cron $PKG/usr/doc/$PRGNAM-$VERSION
cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
### install logrotate script
-install -D -m 0644 $PRGNAM-logrotate $PKG/etc/logrotate.d/$PRGNAM.new
+install -m 0644 $CWD/$PRGNAM.logrotate $PKG/etc/logrotate.d/$PRGNAM.new
### install manpage and compress manpage
-install -m 0644 $PRGNAM.8 $PKG/usr/man/man8
+install -m 0644 -D $CWD/$PRGNAM.8 $PKG/usr/man/man8/$PRGNAM.8
gzip -9 $PKG/usr/man/man8/$PRGNAM.8
-# Patch and provide config file in /etc
-# The patch actually introduces two variables: pkg_mgr & pkg_rm.
-# These variables are original developer's recommended way to stop
-# the script from removing itself (and its files) via the "-r" flag
-patch -p0 < $CWD/package_manager.patch
-mkdir -p $PKG/etc
-install -m 0640 $PRGNAM.conf $PKG/etc/$PRGNAM.conf.new
-chown $CONFIG_USER:$CONFIG_GROUP $PKG/etc/$PRGNAM.conf.new
-
-mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
-cp -a \
- CHANGELOG INSTALL README LICENSE clamd-status.sh $PRGNAM-cron \
- $PKG/usr/doc/$PRGNAM-$VERSION
-cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
-
mkdir -p $PKG/install
cat $CWD/doinst.sh > $PKG/install/doinst.sh
cat $CWD/slack-desc > $PKG/install/slack-desc
diff --git a/network/clamav-unofficial-sigs/clamav-unofficial-sigs.cron b/network/clamav-unofficial-sigs/clamav-unofficial-sigs.cron
new file mode 100644
index 0000000000..f59068b3e9
--- /dev/null
+++ b/network/clamav-unofficial-sigs/clamav-unofficial-sigs.cron
@@ -0,0 +1,32 @@
+# https://eXtremeSHOK.com ######################################################
+# This file contains the cron settings for clamav-unofficial-sigs.sh
+###################
+# This is property of eXtremeSHOK.com
+# You are free to use, modify and distribute, however you may not remove this notice.
+# Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com
+##################
+#
+# Script updates can be found at: https://github.com/extremeshok/clamav-unofficial-sigs
+#
+# Originially based on:
+# Script provide by Bill Landry (unofficialsigs@gmail.com).
+#
+# License: BSD (Berkeley Software Distribution)
+#
+##################
+# Automatically Generated: Sun May 8 10:25:59 CDT 2016
+##################
+#
+# This cron file will execute the clamav-unofficial-sigs.sh script that
+# currently supports updating third-party signature databases provided
+# by Sanesecurity, SecuriteInfo, MalwarePatrol, OITC, etc.
+#
+# The script is set to run hourly, at a random minute past the hour, and the
+# script itself is set to randomize the actual execution time between
+# 60 - 600 seconds. To Adjust the cron values, edit your configs and run
+# bash clamav-unofficial-sigs.sh --install-cron to generate a new file.
+
+6 * * * * clamav /usr/bin/bash /usr/bin/clamav-unofficial-sigs.sh > /dev/null
+
+# https://eXtremeSHOK.com ######################################################
+
diff --git a/network/clamav-unofficial-sigs/clamav-unofficial-sigs.info b/network/clamav-unofficial-sigs/clamav-unofficial-sigs.info
index 80257da7fe..4f948be2fd 100644
--- a/network/clamav-unofficial-sigs/clamav-unofficial-sigs.info
+++ b/network/clamav-unofficial-sigs/clamav-unofficial-sigs.info
@@ -1,8 +1,8 @@
PRGNAM="clamav-unofficial-sigs"
-VERSION="3.7.2"
-HOMEPAGE="http://sourceforge.net/projects/unofficial-sigs/"
-DOWNLOAD="http://sourceforge.net/projects/unofficial-sigs/files/clamav-unofficial-sigs-3.7.2.tar.gz"
-MD5SUM="3fc7934f5b3ae139e852fd6d0e1996a0"
+VERSION="5.4.1"
+HOMEPAGE="https://github.com/extremeshok/clamav-unofficial-sigs"
+DOWNLOAD="https://github.com/extremeshok/clamav-unofficial-sigs/archive/5.4.1.tar.gz"
+MD5SUM="751ad669a07a40db0e6b477648fe494e"
DOWNLOAD_x86_64=""
MD5SUM_x86_64=""
REQUIRES="clamav"
diff --git a/network/clamav-unofficial-sigs/clamav-unofficial-sigs.logrotate b/network/clamav-unofficial-sigs/clamav-unofficial-sigs.logrotate
new file mode 100644
index 0000000000..0b4cebc9e6
--- /dev/null
+++ b/network/clamav-unofficial-sigs/clamav-unofficial-sigs.logrotate
@@ -0,0 +1,32 @@
+# https://eXtremeSHOK.com ######################################################
+# This file contains the logrotate settings for clamav-unofficial-sigs.sh
+###################
+# This is property of eXtremeSHOK.com
+# You are free to use, modify and distribute, however you may not remove this notice.
+# Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com
+##################
+#
+# Script updates can be found at: https://github.com/extremeshok/clamav-unofficial-sigs
+#
+# Originially based on:
+# Script provide by Bill Landry (unofficialsigs@gmail.com).
+#
+# License: BSD (Berkeley Software Distribution)
+#
+##################
+# Automatically Generated: $(date)
+##################
+#
+# This logrotate file will rotate the logs generated by the clamav-unofficial-sigs.sh
+#
+# To Adjust the logrotate values, edit your configs and run
+# bash clamav-unofficial-sigs.sh --install-logrotate to generate a new file.
+
+/var/log/clamav/clamav-unofficial-sigs.log {
+ weekly
+ rotate 4
+ missingok
+ notifempty
+ compress
+ create 0644 clamav clamav
+} \ No newline at end of file
diff --git a/network/clamav-unofficial-sigs/doinst.sh b/network/clamav-unofficial-sigs/doinst.sh
index a7c044824b..233baaaeda 100644
--- a/network/clamav-unofficial-sigs/doinst.sh
+++ b/network/clamav-unofficial-sigs/doinst.sh
@@ -11,6 +11,8 @@ config() {
# Otherwise, we leave the .new copy for the admin to consider...
}
-config etc/clamav-unofficial-sigs.conf.new
+config etc/clamav-unofficial-sigs/master.conf.new
+config etc/clamav-unofficial-sigs/user.conf.new
+config etc/clamav-unofficial-sigs/os.conf.new
config etc/logrotate.d/clamav-unofficial-sigs.new
-
+printf "Please review UPGRADE_NOTICE in the docs\n"
diff --git a/network/clamav-unofficial-sigs/patches/master.conf.patch b/network/clamav-unofficial-sigs/patches/master.conf.patch
new file mode 100644
index 0000000000..6491f8da17
--- /dev/null
+++ b/network/clamav-unofficial-sigs/patches/master.conf.patch
@@ -0,0 +1,51 @@
+--- config/master.conf.orig 2016-05-08 14:29:36.954240236 -0500
++++ config/master.conf 2016-05-08 14:33:04.116828055 -0500
+@@ -24,8 +24,8 @@
+ # Set the appropriate ClamD user and group accounts for your system.
+ # If you do not want the script to set user and group permissions on
+ # files and directories, comment the next two variables.
+-#clam_user="clamav"
+-#clam_group="clamav"
++clam_user="clamav"
++clam_group="clamav"
+
+ # If you do not want the script to change the file mode of all signature
+ # database files in the ClamAV working directory to 0644 (-rw-r--r--):
+@@ -55,7 +55,7 @@
+ reload_dbs="yes"
+
+ # Top level working directory, script will attempt to create them.
+-work_dir="/var/lib/clamav-unofficial-sigs" #Top level working directory
++work_dir="/var/lib/clamav/clamav-unofficial-sigs" #Top level working directory
+
+ # Log update information to '$log_file_path/$log_file_name'.
+ logging_enabled="yes"
+@@ -357,7 +357,7 @@
+ max_sleep_time="600" # Default maximum is 600 seconds (10 minutes).
+
+ # Command to do a full clamd service stop/start
+-#clamd_restart_opt="service clamd restart"
++clamd_restart_opt="/etc/rc.d/rc.clamav restart"
+
+ # Custom Command to fo a full clamd reload, this defaults to "clamdscan --reload" when not set
+ #clamd_reload_opt="clamdscan --reload"
+@@ -459,15 +459,15 @@
+
+ # Custom man install settings, these are detected and only used if you want to override
+ # the automatic detection and generation of the values when not set, this is mainly to aid package maintainers
+-#man_dir="" #default: /usr/share/man/man8
+-#man_filename="" #default: clamav-unofficial-sigs.8
++man_dir="/usr/man/man8" #default: /usr/share/man/man8
++man_filename="clamav-unofficial-sigs.8" #default: clamav-unofficial-sigs.8
+
+ # Provided two variables that package and port maintainers can use in order to
+ # prevent the script from removing itself with the '-r' flag
+ # If the script was installed via a package manager like yum, apt, pkg, etc.
+ # The script will instead provide feedback to the user about how to uninstall the package.
+-#pkg_mgr="" #the package manager name
+-#pkg_rm="" #the package manager command to remove the script
++pkg_mgr="pkgtool" #the package manager name
++pkg_rm="removepkg clamav-unofficial-sigs" #the package manager command to remove the script
+
+ # Custom full working directory paths, these are detected and only used if you want to override
+ # the automatic detection and generation of the values when not set, this is mainly to aid package maintainers
diff --git a/network/clamav-unofficial-sigs/patches/os.slackware.conf.patch b/network/clamav-unofficial-sigs/patches/os.slackware.conf.patch
new file mode 100644
index 0000000000..94e58b6ace
--- /dev/null
+++ b/network/clamav-unofficial-sigs/patches/os.slackware.conf.patch
@@ -0,0 +1,20 @@
+--- config/os.slackware.conf.orig 2016-05-03 21:29:02.518557766 -0500
++++ config/os.slackware.conf 2016-05-03 21:31:20.083647753 -0500
+@@ -27,13 +27,13 @@
+ clam_user="clamav"
+ clam_group="clamav"
+
+-#clam_dbs="/var/lib/clamav"
+-clam_dbs="/usr/local/share/clamav"
++clam_dbs="/var/lib/clamav"
++#clam_dbs="/usr/local/share/clamav"
+
+ clamd_pid="/var/run/clamav/clamd.pid"
+
+-clamd_restart_opt="service clamd restart"
++clamd_restart_opt="/etc/rc.d/rc.clamav restart"
+
+-#clamd_socket="/var/run/clamav/clamd.socket"
++clamd_socket="/var/run/clamav/clamd.socket"
+
+ # https://eXtremeSHOK.com ######################################################