diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2020-02-05 18:44:56 +0000 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2020-02-05 18:44:56 +0000 |
commit | 29aabba0ea759c6a2864ff5631735b67ee38e5e0 (patch) | |
tree | ab466b4dfa7abecb401b2f8039d08af4689306bb /app-antivirus/clamav-unofficial-sigs/files | |
parent | d42200bec37eef2a7478d88988ff00addd0a9202 (diff) |
gentoo resync : 05.02.2020
Diffstat (limited to 'app-antivirus/clamav-unofficial-sigs/files')
6 files changed, 175 insertions, 2 deletions
diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-disable-run-as-root.patch b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-disable-run-as-root.patch new file mode 100644 index 000000000000..2b40c982309b --- /dev/null +++ b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-disable-run-as-root.patch @@ -0,0 +1,39 @@ +From 5235a5e518a1b17f50eb0f56c088f3808d939626 Mon Sep 17 00:00:00 2001 +From: Michael Orlitzky <michael@orlitzky.com> +Date: Tue, 4 Feb 2020 19:34:56 -0500 +Subject: [PATCH 1/1] clamav-unofficial-sigs.sh: disable running as root. + +The only way I'm going to let this be installed on my machine is if +it never runs as root. The shit that it does is insane (a priori) +and also implemented insecurely. There's no good reason to run the +script as root on Gentoo anyway. A cron job is provided for you, +or you can use "su -s /bin/bash -c ... clamav" to run it as the +clamav user. +--- + clamav-unofficial-sigs.sh | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/clamav-unofficial-sigs.sh b/clamav-unofficial-sigs.sh +index aa70db1..60d305b 100644 +--- a/clamav-unofficial-sigs.sh ++++ b/clamav-unofficial-sigs.sh +@@ -3,6 +3,16 @@ + # shellcheck disable=SC2120 + # shellcheck disable=SC2128 + # shellcheck disable=SC2154 ++ ++if [[ ${EUID} -eq 0 ]]; then ++ exec 1>&2 ++ echo "This script has been patched by the Gentoo maintainer to disable" ++ echo "running it as root (effective UID 0). When run as root, the script" ++ echo "performs a number of operations insecurely. You should never need" ++ echo "to run this as root on Gentoo in the first place." ++ exit 1; ++fi ++ + ################################################################################ + # This is property of eXtremeSHOK.com + # You are free to use, modify and distribute, however you may not remove this notice. +-- +2.24.1 + diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-database-name.patch b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-database-name.patch new file mode 100644 index 000000000000..c991dacb412f --- /dev/null +++ b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-database-name.patch @@ -0,0 +1,35 @@ +From 837439354cd4692a7228f9f356e0c4acd32202f3 Mon Sep 17 00:00:00 2001 +From: Michael Orlitzky <michael@orlitzky.com> +Date: Tue, 4 Feb 2020 20:11:16 -0500 +Subject: [PATCH 1/1] clamav-unofficial-sigs.sh: fix malwarepatrol extended + database name. + +The database suffix needs to be ".db" regardless of whether you choose +the "basic" signatures or the "extended" ones. This patch is a quick +fix, and just forces the correct name at the beginning of the script. + +Issue: https://github.com/extremeshok/clamav-unofficial-sigs/issues/300 +--- + clamav-unofficial-sigs.sh | 6 +----- + 1 file changed, 1 insertion(+), 5 deletions(-) + +diff --git a/clamav-unofficial-sigs.sh b/clamav-unofficial-sigs.sh +index aa70db1..d8031c8 100644 +--- a/clamav-unofficial-sigs.sh ++++ b/clamav-unofficial-sigs.sh +@@ -2235,11 +2235,7 @@ else + fi + fi + +-if [ $malwarepatrol_list == "clamav_basic" ] ; then +- malwarepatrol_db="malwarepatrol.db" +-else +- malwarepatrol_db="malwarepatrol.ndb" +-fi ++malwarepatrol_db="malwarepatrol.db" + malwarepatrol_url="${malwarepatrol_url}?receipt=${malwarepatrol_receipt_code}&product=${malwarepatrol_product_code}&list=${malwarepatrol_list}" + + # If "ham_dir" variable is set, then create initial whitelist files (skipped if first-time script run). +-- +2.24.1 + diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-url.patch b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-url.patch new file mode 100644 index 000000000000..e647ec9beea6 --- /dev/null +++ b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-url.patch @@ -0,0 +1,22 @@ +From be934c77f029aa52c84ede976cf7ab91bf053c03 Mon Sep 17 00:00:00 2001 +From: Michael Urspringer <michael@urspringer.de> +Date: Sun, 26 Jan 2020 11:46:07 +0100 +Subject: [PATCH] Fixed wrong download URL for MalwarePatrol + +--- + clamav-unofficial-sigs.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/clamav-unofficial-sigs.sh b/clamav-unofficial-sigs.sh +index aa70db1..c2f31d6 100644 +--- a/clamav-unofficial-sigs.sh ++++ b/clamav-unofficial-sigs.sh +@@ -2979,7 +2979,7 @@ if [ "$malwarepatrol_enabled" == "yes" ] ; then + xshok_pretty_echo_and_log "Checking for updated MalwarePatrol database file: ${malwarepatrol_db}" + malwarepatrol_db_update="0" + +- xshok_file_download "${work_dir_malwarepatrol}/${malwarepatrol_db}" "${malwarepatrol_url}&receipt=${malwarepatrol_receipt_code}" ++ xshok_file_download "${work_dir_malwarepatrol}/${malwarepatrol_db}" "${malwarepatrol_url}" + + ret="$?" + if [ "$ret" -eq 0 ] ; then diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1.man.8 b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1.man.8 new file mode 100644 index 000000000000..7f5555e27f06 --- /dev/null +++ b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1.man.8 @@ -0,0 +1,77 @@ + +.\" Manual page for eXtremeSHOK.com ClamAV Unofficial Signature Updater +.TH clamav-unofficial-sigs 8 "2020-01-25" "Version: 7.0.1" "SCRIPT COMMANDS" +.SH NAME +clamav-unofficial-sigs \- Download, test, and install third-party ClamAV signature databases. +.SH SYNOPSIS +.B clamav-unofficial-sigs +.RI [ options ] +.SH DESCRIPTION +\fBclamav-unofficial-sigs\fP provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol, Yara-Rules Project, etc. It will also generate and install cron, logrotate, and man files. +.SH UPDATES +Script updates can be found at: \fBhttps://github.com/extremeshok/clamav-unofficial-sigs\fP +.SH OPTIONS +This script follows the standard GNU command line syntax. +.LP +\fB Usage: clamav\-unofficial\-sigs.sh \fR [OPTION] [PATH|FILE] +.TP +\fB \-c, \-\-config \fR Use a specific configuration file or directory eg: '\-c /your/dir' or ' \-c /your/file.name' Note: If a directory is specified the directory must contain atleast: master.conf, os.conf or user.conf Default Directory: /etc/clamav\-unofficial\-sigs +.TP +\fB \-F, \-\-force \fR Force all databases to be downloaded, could cause ip to be blocked +.TP +\fB \-h, \-\-help \fR Display this script's help and usage information +.TP +\fB \-V, \-\-version \fR Output script version and date information +.TP +\fB \-v, \-\-verbose \fR Be verbose, enabled when not run under cron +.TP +\fB \-s, \-\-silence \fR Only output error messages, enabled when run under cron +.TP +\fB \-d, \-\-decode\-sig \fR Decode a third\-party signature either by signature name (eg: Sanesecurity.Junk.15248) or hexadecimal string. This flag will 'NOT' decode image signatures +.TP +\fB \-e, \-\-encode\-string \fR Hexadecimal encode an entire input string that can be used in any '*.ndb' signature database file +.TP +\fB \-f, \-\-encode\-formatted \fR Hexadecimal encode a formatted input string containing signature spacing fields '{}, (), *', without encoding the spacing fields, so that the encoded signature can be used in any '*.ndb' signature database file +.TP +\fB \-g, \-\-gpg\-verify \fR GPG verify a specific Sanesecurity database file eg: '\-g filename.ext' (do not include file path) +.TP +\fB \-i, \-\-information \fR Output system and configuration information for viewing or possible debugging purposes +.TP +\fB \-m, \-\-make\-database \fR Make a signature database from an ascii file containing data strings, with one data string per line. Additional information is provided when using this flag +.TP +\fB \-t, \-\-test\-database \fR Clamscan integrity test a specific database file eg: '\-t filename.ext' (do not include file path) +.TP +\fB \-o, \-\-output\-triggered \fR If HAM directory scanning is enabled in the script's configuration file, then output names of any third\-party signatures that triggered during the HAM directory scan +.TP +\fB \-w, \-\-whitelist <signature\-name> \fR Adds a signature whitelist entry in the newer ClamAV IGN2 format to 'my\-whitelist.ign2' in order to temporarily resolve a false\-positive issue with a specific third\-party signature. Script added whitelist entries will automatically be removed if the original signature is either modified or removed from the third\-party signature database +.TP +\fB \-\-check\-clamav \fR If ClamD status check is enabled and the socket path is correctly specifiedthen test to see if clamd is running or not +.TP +\fB \-\-upgrade \fR Upgrades this script and master.conf to the latest available version +.TP +\fB \-\-install\-all \fR Install and generate the cron, logroate and man files, autodetects the values based on your config files +.TP +\fB \-\-install\-cron \fR Install and generate the cron file, autodetects the values based on your config files +.TP +\fB \-\-install\-logrotate \fR Install and generate the logrotate file, autodetects the values based on your config files +.TP +\fB \-\-install\-man \fR Install and generate the man file, autodetects the values based on your config files +.TP +\fB \-\-remove\-script \fR Remove the clamav\-unofficial\-sigs script and all of its associated files and databases from the system +.TP +.SH SEE ALSO +.BR clamd (8), +.BR clamscan (1) +.SH COPYRIGHT +Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com +.TP +You are free to use, modify and distribute, however you may not remove this notice. +.SH LICENSE +BSD (Berkeley Software Distribution) +.SH BUGS +Report bugs to \fBhttps://github.com/extremeshok/clamav-unofficial-sigs\fP +.SH AUTHOR +Adrian Jon Kriel :: admin@extremeshok.com +Originially based on Script provide by Bill Landry + + diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.crond b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.crond index 49ef1db3034b..6c35c18e74b0 100644 --- a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.crond +++ b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.crond @@ -16,4 +16,4 @@ HOME=/var/lib/clamav-unofficial-sigs SHELL=/bin/bash -01 * * * * clamav /usr/sbin/clamav-unofficial-sigs.sh +01 * * * * clamav /usr/bin/clamav-unofficial-sigs.sh diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.service b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.service index ed9fa7e9f04d..51727dafc9ff 100644 --- a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.service +++ b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.service @@ -10,6 +10,6 @@ Description=ClamAV unofficial signature update service Documentation=man:clamav-unofficial-sigs(8) [Service] -ExecStart=bash /usr/sbin/clamav-unofficial-sigs.sh +ExecStart=bash /usr/bin/clamav-unofficial-sigs.sh User=clamav WorkingDirectory=/var/lib/clamav-unofficial-sigs |