From a02270531690c9dd076b8ea1e7badb9f332a4e00 Mon Sep 17 00:00:00 2001 From: Daniel Berteaud Date: Mon, 2 Jul 2012 22:20:31 +0200 Subject: [PATCH] premier commit --- createlinks | 8 ++++ .../db/configuration/defaults/clamrt/status | 1 + .../e-smith/db/configuration/defaults/clamrt/type | 1 + root/etc/e-smith/templates/etc/clamrt.list/00setup | 9 ++++ .../etc/e-smith/templates/etc/clamrt.list/10shares | 10 +++++ root/etc/e-smith/templates/etc/clamrt.list/20ibays | 10 +++++ root/etc/e-smith/templates/etc/clamrt.list/30tmp | 4 ++ root/var/service/clamrt/log/run | 6 +++ root/var/service/clamrt/run | 41 +++++++++++++++++ smeserver-clamrt.spec | 52 ++++++++++++++++++++++ 10 files changed, 142 insertions(+) create mode 100644 createlinks create mode 100644 root/etc/e-smith/db/configuration/defaults/clamrt/status create mode 100644 root/etc/e-smith/db/configuration/defaults/clamrt/type create mode 100644 root/etc/e-smith/templates/etc/clamrt.list/00setup create mode 100644 root/etc/e-smith/templates/etc/clamrt.list/10shares create mode 100644 root/etc/e-smith/templates/etc/clamrt.list/20ibays create mode 100644 root/etc/e-smith/templates/etc/clamrt.list/30tmp create mode 100644 root/var/service/clamrt/log/run create mode 100644 root/var/service/clamrt/run create mode 100644 smeserver-clamrt.spec diff --git a/createlinks b/createlinks new file mode 100644 index 0000000..93209be --- /dev/null +++ b/createlinks @@ -0,0 +1,8 @@ +#!/usr/bin/perl -w + +use esmith::Build::CreateLinks qw(:all); + +foreach my $event (qw/bootstrap-console-save share-modify ibay-modify/){ + templates2events("/etc/clamrt.list", $event); + safe_symlink("restart", "root/etc/e-smith/events/$event/services2adjust/clamrt"); +} diff --git a/root/etc/e-smith/db/configuration/defaults/clamrt/status b/root/etc/e-smith/db/configuration/defaults/clamrt/status new file mode 100644 index 0000000..86981e6 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/clamrt/status @@ -0,0 +1 @@ +enabled diff --git a/root/etc/e-smith/db/configuration/defaults/clamrt/type b/root/etc/e-smith/db/configuration/defaults/clamrt/type new file mode 100644 index 0000000..24e1098 --- /dev/null +++ b/root/etc/e-smith/db/configuration/defaults/clamrt/type @@ -0,0 +1 @@ +service diff --git a/root/etc/e-smith/templates/etc/clamrt.list/00setup b/root/etc/e-smith/templates/etc/clamrt.list/00setup new file mode 100644 index 0000000..affb737 --- /dev/null +++ b/root/etc/e-smith/templates/etc/clamrt.list/00setup @@ -0,0 +1,9 @@ +{ + +use esmith::AccountsDB; +my $a = esmith::AccountsDB->open_ro || die "Couldn't open AccountsDB\n"; + +my @ibays = $a->ibays(); +my @shares = $a->get_all_by_prop(type=>'share'); + +} diff --git a/root/etc/e-smith/templates/etc/clamrt.list/10shares b/root/etc/e-smith/templates/etc/clamrt.list/10shares new file mode 100644 index 0000000..5da45c8 --- /dev/null +++ b/root/etc/e-smith/templates/etc/clamrt.list/10shares @@ -0,0 +1,10 @@ +{ + +foreach my $share (@shares){ + my $name = $share->key; + my $av = $share->prop('ClamRT') || 'disabled'; + next unless ($av eq 'enabled'); + $OUT .= "/home/e-smith/files/shares/$name/files\n"; +} + +} diff --git a/root/etc/e-smith/templates/etc/clamrt.list/20ibays b/root/etc/e-smith/templates/etc/clamrt.list/20ibays new file mode 100644 index 0000000..4d56142 --- /dev/null +++ b/root/etc/e-smith/templates/etc/clamrt.list/20ibays @@ -0,0 +1,10 @@ +{ + +foreach my $ibay (@ibays){ + my $name = $ibay->key; + my $av = $ibay->prop('ClamRT') || 'disabled'; + next unless ($av eq 'enabled'); + $OUT .= "/home/e-smith/files/ibays/$name\n"; +} + +} diff --git a/root/etc/e-smith/templates/etc/clamrt.list/30tmp b/root/etc/e-smith/templates/etc/clamrt.list/30tmp new file mode 100644 index 0000000..44acdf7 --- /dev/null +++ b/root/etc/e-smith/templates/etc/clamrt.list/30tmp @@ -0,0 +1,4 @@ +{ +# Just a dummy rep so there's always a rep to watch +} +/tmp diff --git a/root/var/service/clamrt/log/run b/root/var/service/clamrt/log/run new file mode 100644 index 0000000..44df54c --- /dev/null +++ b/root/var/service/clamrt/log/run @@ -0,0 +1,6 @@ +#!/bin/sh + +exec \ + /usr/local/bin/setuidgid smelog \ + /usr/local/bin/multilog t s5000000 \ + /var/log/clamrt diff --git a/root/var/service/clamrt/run b/root/var/service/clamrt/run new file mode 100644 index 0000000..f28ca5c --- /dev/null +++ b/root/var/service/clamrt/run @@ -0,0 +1,41 @@ +#!/bin/bash + +# Daniel Berteaud +# Inspired by Clam Temps Reel from Hackurx +# http://hackurx.wordpress.com +# Licence: GPL v3 + +exec 2>&1 + +CLAMD=$(/sbin/e-smith/db configuration getprop clamd status || \ + echo 'disabled') +if [ "$CLAMD" = "disabled" ]; then + sv d . + exit +fi + +MAIL=$(/sbin/e-smith/db configuration getprop clamrt SendEmail || \ + echo 'enabled') +MAIL_MSG=$(/sbin/e-smith/db configuration getprop clamrt EmailMessage || \ + echo 'A virus was found in ${!FILE}. This file has been moved to quarantine') +MAIL_SUBJ=$(/sbin/e-smith/db configuration getprop clamrt EmailSubject || \ + echo 'A virus was found') +MAIL_DEST=$(/sbin/e-smith/db configuration getprop clamrt EmailDest || \ + echo 'admin') +QUARANTINE=$(/sbin/e-smith/db configuration getprop clamav QuarantineDirectory || \ + echo '/var/spool/clamav/quarantine') + +/usr/bin/inotifywait -q -m -r -e create,modify,access --fromfile=/etc/clamrt.list \ + --timefmt %M --format '%w%f|%T|%e' | \ + perl -laF: -ne '$| = 1; print unless $_{$F[0]}++' | \ + sed --unbuffered 's/|.*//g' | + +while read FILE; do + echo "Scanning: $FILE" + [ -e "$FILE" ] && clamdscan --fdpass --quiet -m --move=$QUARANTINE "$FILE" + if [ "$?" == "1" ]; then + echo "Malware found: $FILE quarantined ($QUARANTINE/$(basename $FILE))" + [ "$MAIL" = "enabled" ] && echo $MAIL_MSG | mail -s "$MAIL_SUBJ" $MAIL_DEST + fi +done + diff --git a/smeserver-clamrt.spec b/smeserver-clamrt.spec new file mode 100644 index 0000000..16c9d5a --- /dev/null +++ b/smeserver-clamrt.spec @@ -0,0 +1,52 @@ +# Authority: VIP-ire +# Name: Daniel B. + +Summary: On access AV scanner +%define name smeserver-clamrt +Name: %{name} +%define version 0.0.1 +%define release 1.beta0 +Version: %{version} +Release: %{release}%{?dist} +License: GPL +Group: SMEServer/addon + +Source: %{name}-%{version}.tar.gz + +URL: http://www.firewall-services.com/ +BuildRoot: /var/tmp/%{name}-%{version}-%{release}-buildroot +BuildArchitectures: noarch +Requires: e-smith-base +Requires: smeserver-clamav +Requires: inotify-tools +BuildRequires: e-smith-devtools + +%description +Provides on access AV scan for shares and ibays + +%changelog + +%prep +%setup + +%build +perl createlinks +%{__mkdir_p} root/var/log/clamrt + +%install +/bin/rm -rf $RPM_BUILD_ROOT +(cd root ; /usr/bin/find . -depth -print | /bin/cpio -dump $RPM_BUILD_ROOT) +/bin/rm -f %{name}-%{version}-filelist +/sbin/e-smith/genfilelist $RPM_BUILD_ROOT \ + --file /var/service/clamrt/run 'attr(0755,root,root)' \ + --file /var/service/clamrt/log/run 'attr(0755,root,root)' \ + --dir /var/log/clamrt 'attr(0750,smelog,smelog)' \ + > %{name}-%{version}-filelist +echo "%doc CHANGELOG.git" >> %{name}-%{version}-filelist + +%files -f %{name}-%{version}-filelist +%defattr(-,root,root) + +%clean +rm -rf $RPM_BUILD_ROOT +