On Wed, Nov 16, 2022 at 04:50:57PM +0100, Marcus MERIGHI wrote:
> Hello,
>
> k...@openbsd.org (Klemens Nanni), 2022.11.14 (Mon) 10:40 (CET):
> > On Sun, Nov 13, 2022 at 10:33:09PM -0500, Johan Huldtgren wrote:
> > > On 2022-11-13 22:32, Klemens Nanni wrote:
> > > > We're stuck at a 2014 version while upstream is at 7.2.5 from 2021.
> > > >
> > > > Anyone still using this? Does it work with recent clamav?
> > >
> > > I have this configured and working on my mailserver (still at 7.1)
> > > with clamav-0.104.3, from the logs it updates the various configured
> > > databases. I am uncertain of exactly how effective it is.
> >
> > Thanks, so it isn't broken by default or so.
> >
> > If you upgrade to a snapshots I can send you a ports update to try the
> > latest unofficial filters.
>
> I use clamav-unofficial-sigs, on 7.2 and 7.1. It works and I'm and ready
> to test -current, 7.2 and 7.1 (for some time).
Here's the ports diff for the latest version.
I recreated the config patch from scratch.
There now are /etc/clamav-unofficial-sigs/{master,os,user.conf} where
os.conf is os.openbsd.conf from upstream.
os and user overwrite master, user overwrites os, you edit user.conf.
os.openbsd.conf says something requires gsed, so add that as RDEP.
It also says that the config is incompatible to 3.x and 4.x setups.
Installing the new 7.2.5 package, running the script as root once and
then getting info with `-i' looks sane.
/var/log/clamav-unofficial-sigs.log contains that info, so logs work.
I have no idea what users have to do to their config to make the jump
from 3/4 to 7.2.5.
Marcus, can you give this a spin and tell us what local steps are
required to upgrade and/or get it running?
Then we can put this into MESSAGE or README or current.html.
Index: Makefile
===================================================================
RCS file: /cvs/ports/security/clamav-unofficial-sigs/Makefile,v
retrieving revision 1.17
diff -u -p -r1.17 Makefile
--- Makefile 11 Mar 2022 19:53:19 -0000 1.17
+++ Makefile 16 Nov 2022 16:56:33 -0000
@@ -1,42 +1,33 @@
-COMMENT = fetch and update unofficial signatures for ClamAV
+COMMENT = ClamAV unofficial signatures updater
-V = 4.9.2
-REVISION = 2
-DISTNAME = clamav-unofficial-sigs-$V
-DISTFILES = ${DISTNAME}{$V}.tar.gz
+GH_ACCOUNT = extremeshok
+GH_PROJECT = clamav-unofficial-sigs
+GH_TAGNAME = 7.2.5
CATEGORIES = security mail
-HOMEPAGE = https://github.com/extremeshok/clamav-unofficial-sigs
-
# BSD
PERMIT_PACKAGE = Yes
-MASTER_SITES = https://github.com/extremeshok/clamav-unofficial-sigs/archive/
-
RUN_DEPENDS = net/curl \
net/rsync \
security/clamav \
security/gnupg \
- shells/bash
+ shells/bash \
+ textproc/gsed
NO_BUILD = Yes
NO_TEST = Yes
PKG_ARCH = *
-do-configure:
- ${SUBST_CMD} ${WRKSRC}/clamav-unofficial-sigs.conf
- sed -i -e 's,/etc,${SYSCONFDIR},' -e \
- 's,/usr/local/bin,${LOCALBASE}/bin,' \
- ${WRKSRC}/clamav-unofficial-sigs.sh
+EXAMPLES_DIR = ${PREFIX}/share/examples/${GH_PROJECT}
do-install:
- ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/clamav-unofficial-sigs
- cd ${WRKSRC}; \
- ${INSTALL_SCRIPT} clamav-unofficial-sigs.sh ${PREFIX}/bin; \
- ${INSTALL_DATA} clamav-unofficial-sigs.conf \
- ${PREFIX}/share/examples/clamav-unofficial-sigs; \
- ${INSTALL_MAN} clamav-unofficial-sigs.8 ${PREFIX}/man/man8
+ ${INSTALL_SCRIPT} ${WRKSRC}/${GH_PROJECT}.sh ${PREFIX}/bin/
+ ${INSTALL_DATA_DIR} ${EXAMPLES_DIR}
+ ${INSTALL_DATA} ${WRKSRC}/config/{master,user}.conf ${EXAMPLES_DIR}/
+ ${INSTALL_DATA} ${WRKSRC}/config/os/os.openbsd.conf \
+ ${EXAMPLES_DIR}/os.conf
.include <bsd.port.mk>
Index: distinfo
===================================================================
RCS file: /cvs/ports/security/clamav-unofficial-sigs/distinfo,v
retrieving revision 1.6
diff -u -p -r1.6 distinfo
--- distinfo 7 Dec 2015 14:11:02 -0000 1.6
+++ distinfo 16 Nov 2022 16:04:33 -0000
@@ -1,2 +1,2 @@
-SHA256 (clamav-unofficial-sigs-4.9.2.tar.gz) =
cOBfY63X4D1a8tumvNMf2phkZXd5jZnmkC5fJkwwLpM=
-SIZE (clamav-unofficial-sigs-4.9.2.tar.gz) = 40301
+SHA256 (clamav-unofficial-sigs-7.2.5.tar.gz) =
9C+daOER+JK/1xOT6GnlPIBvSJZsdo0hmSXeZlKWDFA=
+SIZE (clamav-unofficial-sigs-7.2.5.tar.gz) = 68425
Index: patches/patch-clamav-unofficial-sigs_conf
===================================================================
RCS file: patches/patch-clamav-unofficial-sigs_conf
diff -N patches/patch-clamav-unofficial-sigs_conf
--- patches/patch-clamav-unofficial-sigs_conf 11 Mar 2022 19:53:19 -0000
1.12
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,93 +0,0 @@
---- clamav-unofficial-sigs.conf.orig Wed Dec 2 10:56:35 2015
-+++ clamav-unofficial-sigs.conf Mon Dec 7 14:04:52 2015
-@@ -24,12 +24,9 @@
- # Set the appropriate ClamD user and group accounts for your system.
- # If you do not want the script to set user and group permissions on
- # files and directories, comment the next two variables.
--clam_user="clam"
--#clam_user="clamav"
-+clam_user="_clamav"
-+clam_group="_clamav"
-
--clam_group="clam"
--#clam_group="clamav"
--
- # If you do not want the script to change the file mode of all signature
- # database files in the ClamAV working directory to 0644 (-rw-r--r--):
- #
-@@ -43,27 +40,26 @@ setmode="yes"
-
- # Set path to ClamAV database files location. If unsure, check
- # your clamd.conf file for the "DatabaseDirectory" path setting.
--clam_dbs="/var/lib/clamav"
-+clam_dbs="/var/db/clamav"
-
- # Set path to clamd.pid file (see clamd.conf for path location).
--clamd_pid="/var/run/clamav/clamd.pid"
--#clamd_pid="/var/run/clamd.pid"
-+clamd_pid="/var/run/clamd.pid"
-
- # To enable "ham" (non-spam) directory scanning and removal of
- # signatures that trigger on ham messages, uncomment the following
- # variable and set it to the appropriate ham message directory.
--#ham_dir="/var/lib/clamav-unofficial-sigs/ham-test"
-+#ham_dir="/var/db/clamav-unofficial-sigs/ham-test"
-
- # If you would like to reload the clamd databases after an update,
- # change the following variable to "yes".
- reload_dbs="yes"
-
- # Top level working directory, script will attempt to create them.
--work_dir="/var/lib/clamav-unofficial-sigs" #Top level working directory
-+work_dir="/var/db/clamav-unofficial-sigs" #Top level working directory
-
- # Log update information to '$log_file_path/$log_file_name'.
- enable_logging="yes"
--log_file_path="/var/log/clamav-unofficial-sigs"
-+log_file_path="/var/log"
- log_file_name="clamav-unofficial-sigs.log"
-
-
-@@ -111,10 +107,10 @@ yararules_update_hours="24" # Default is 24 hours (1
- # ========================
- # Set to no to disable an entire database.
- sanesecurity_enabled="yes" # Sanesecurity
--securiteinfo_enabled="yes" # SecuriteInfo
-+securiteinfo_enabled="no" # SecuriteInfo, requires signup
- linuxmalwaredetect_enabled="yes" # Linux Malware Detect
--malwarepatrol_enabled="yes" # Malware Patrol
--yararules_enabled="no" # Yara-Rule Project, requires clamAV 0.99+
-+malwarepatrol_enabled="no" # Malware Patrol, requires signup
-+yararules_enabled="yes" # Yara-Rule Project, requires clamAV 0.99+
-
- # ========================
- # Sanesecurity Database(s)
-@@ -312,7 +308,7 @@ max_sleep_time="600" # Default maximum is 600 second
-
- # Set the clamd_restart_opt if the "reload_dbs" variable above is set
- # Command to do a full clamd service stop/start
--clamd_restart_opt="service clamd restart"
-+clamd_restart_opt="rcctl restart clamd"
-
- # If running clamd in "LocalSocket" mode (*NOT* in TCP/IP mode), and
- # either "SOcket Cat" (socat) or the "IO::Socket::UNIX" perl module
-@@ -332,8 +328,8 @@ clamd_restart_opt="service clamd restart"
- # NOTE: these 2 variables are dependant on the "clamd_socket" variable
- # shown above - if not enabled, then the following 2 variables will be
- # ignored, whether enabled or not.
--#clamd_start="service clamd start"
--#clamd_stop="service clamd stop"
-+#clamd_start="rcctl start clamd"
-+#clamd_stop="rcctl stop clamd"
-
- # Set rsync connection and data transfer timeout limits in seconds.
- # The defaults settings here are reasonable, only change if you are
-@@ -369,7 +365,7 @@ keep_db_backup="no"
- # or the general script comments, change the following variables to
- # "yes". If all variables are set to "yes", the script will output
- # nothing except error conditions.
--silence_ssl="yes" # Default is "yes" ignore ssl errors and warnings
-+silence_ssl="no" # "yes" disables certificate verification
- curl_silence="no" # Default is "no" to report curl statistics
- rsync_silence="no" # Default is "no" to report rsync statistics
- gpg_silence="no" # Default is "no" to report gpg signature status
Index: patches/patch-clamav-unofficial-sigs_sh
===================================================================
RCS file: patches/patch-clamav-unofficial-sigs_sh
diff -N patches/patch-clamav-unofficial-sigs_sh
--- patches/patch-clamav-unofficial-sigs_sh 11 Mar 2022 19:53:19 -0000
1.7
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,57 +0,0 @@
---- clamav-unofficial-sigs.sh.orig Wed Dec 2 10:56:35 2015
-+++ clamav-unofficial-sigs.sh Tue Dec 8 15:20:49 2015
-@@ -1,4 +1,4 @@
--#!/bin/bash
-+#!/usr/local/bin/bash
-
################################################################################
- # This is property of eXtremeSHOK.com
- # You are free to use, modify and distribute, however you may not remove this
notice.
-@@ -20,6 +20,9 @@
-
################################################################################
-
- default_config="/etc/clamav-unofficial-sigs.conf"
-+pkg_mgr="pkg_add"
-+pkg_rm="pkg_delete"
-+PATH=$PATH:/usr/local/sbin:/usr/local/bin
-
-
################################################################################
-
-@@ -215,6 +218,11 @@ do
- done
-
- #config version validation
-+if [ -z "$config_version" ] ; then
-+ xshok_pretty_echo_and_log "ERROR: Configuration version not set. Update
your configuration based on example file." "="
-+ exit 1
-+fi
-+
- if [ "$config_version" -lt "$minimum_required_config_version" ] ; then
- xshok_pretty_echo_and_log "ERROR: Your configuration version is not
compatible with this version" "="
- exit 1
-@@ -782,7 +790,7 @@ fi
-
- # Check to see if the working directories have been created.
- # If not, create them. Otherwise, ignore and proceed with script.
--mkdir -p "$work_dir" "$securiteinfo_dir" "$malwarepatrol_dir"
"$linuxmalwaredetect_dir" "$sanesecurity_dir" "$config_dir" "$gpg_dir"
"$add_dir"
-+mkdir -p "$work_dir" "$securiteinfo_dir" "$malwarepatrol_dir"
"$linuxmalwaredetect_dir" "$sanesecurity_dir" "$config_dir" "$gpg_dir"
"$add_dir" "$yararules_dir"
-
- # Set secured access permissions to the GPG directory
- chmod 0700 "$gpg_dir"
-@@ -1433,7 +1441,7 @@ if [ "$yararules_enabled" == "yes" ] ; then
- if [ "$time_interval" -ge $(($update_interval - 600)) ] ; then
- echo "$current_time" > "$config_dir"/last-yararules-update.txt
-
-- cxshok_pretty_echo_and_log "Yara-Rules Database File Updates" "="
-+ xshok_pretty_echo_and_log "Yara-Rules Database File Updates" "="
- xshok_pretty_echo_and_log "Checking for yararules updates..."
- yararules_updates="0"
- for db_file in $yararules_dbs ; do
-@@ -3251,7 +3259,7 @@ else
- time_remaining=$(($update_interval - $time_interval))
- hours_left=$(($time_remaining / 3600))
- minutes_left=$(($time_remaining % 3600 / 60))
-- xshok_pretty_echo_and_log "$yararules_update_hours hours have not yet
elapsed since the last linux malware detect update check"
-+ xshok_pretty_echo_and_log "$yararules_update_hours hours have not yet
elapsed since the last Yara update check"
- xshok_pretty_echo_and_log "No update check was performed at this time" "-"
- xshok_pretty_echo_and_log "Next check will be performed in approximately
$hours_left hour(s), $minutes_left minute(s)"
- fi
Index: patches/patch-config_os_os_openbsd_conf
===================================================================
RCS file: patches/patch-config_os_os_openbsd_conf
diff -N patches/patch-config_os_os_openbsd_conf
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-config_os_os_openbsd_conf 16 Nov 2022 16:28:55 -0000
@@ -0,0 +1,19 @@
+Index: config/os/os.openbsd.conf
+--- config/os/os.openbsd.conf.orig
++++ config/os/os.openbsd.conf
+@@ -27,13 +27,13 @@ clam_group="_clamav"
+
+ clam_dbs="/var/db/clamav"
+
+-clamd_pid="/var/run/clamav/clamd.pid"
++clamd_pid="/var/run/clamd.pid"
+
+ work_dir="/var/db/clamav-unofficial-sigs"
+
+ #ham_dir="/var/db/clamav-unofficial-sigs/ham-test"
+
+-log_file_path="/var/clamav/log"
++log_file_path="/var/log"
+
+ clamd_restart_opt="rcctl restart clamd"
+
Index: pkg/DESCR
===================================================================
RCS file: /cvs/ports/security/clamav-unofficial-sigs/pkg/DESCR,v
retrieving revision 1.2
diff -u -p -r1.2 DESCR
--- pkg/DESCR 22 Apr 2013 11:32:29 -0000 1.2
+++ pkg/DESCR 16 Nov 2022 15:59:37 -0000
@@ -1,3 +1,6 @@
-The clamav-unofficial-sigs script provides a simple way to download, test
-and update third-party signature databases for ClamAV. Various databases
-(primarily for email-borne malware/phishing) are available.
+The clamav-unofficial-sigs script provides a simple way to download, test,
+and update third-party signature databases provided by Sanesecurity,
+FOXHOLE, OITC, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol,
+Yara-Rules Project, urlhaus, MalwareExpert, interServer etc.
+
+The script will also generate and install cron, logrotate, and man files.
Index: pkg/MESSAGE
===================================================================
RCS file: /cvs/ports/security/clamav-unofficial-sigs/pkg/MESSAGE,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 MESSAGE
--- pkg/MESSAGE 26 Mar 2011 12:26:44 -0000 1.1.1.1
+++ pkg/MESSAGE 16 Nov 2022 16:56:24 -0000
@@ -1,4 +1,4 @@
-After configuring ${SYSCONFDIR}/clamav-unofficial-sigs.conf you can add the
following
-to root's crontab to update the signatures regularly:
+After configuring ${SYSCONFDIR}/clamav-unofficial-sigs/user.conf you can add
+the following to root's crontab to update the signatures regularly:
35 * * * * /usr/local/bin/clamav-unofficial-sigs.sh 2>&1 > /dev/null
Index: pkg/PLIST
===================================================================
RCS file: /cvs/ports/security/clamav-unofficial-sigs/pkg/PLIST,v
retrieving revision 1.3
diff -u -p -r1.3 PLIST
--- pkg/PLIST 11 Mar 2022 19:53:20 -0000 1.3
+++ pkg/PLIST 16 Nov 2022 16:52:54 -0000
@@ -5,7 +5,11 @@
@owner
@group
bin/clamav-unofficial-sigs.sh
-@man man/man8/clamav-unofficial-sigs.8
share/examples/clamav-unofficial-sigs/
-share/examples/clamav-unofficial-sigs/clamav-unofficial-sigs.conf
-@sample ${SYSCONFDIR}/clamav-unofficial-sigs.conf
+@sample ${SYSCONFDIR}/clamav-unofficial-sigs/
+share/examples/clamav-unofficial-sigs/master.conf
+@sample ${SYSCONFDIR}/clamav-unofficial-sigs/master.conf
+share/examples/clamav-unofficial-sigs/os.conf
+@sample ${SYSCONFDIR}/clamav-unofficial-sigs/os.conf
+share/examples/clamav-unofficial-sigs/user.conf
+@sample ${SYSCONFDIR}/clamav-unofficial-sigs/user.conf
