diff options
Diffstat (limited to 'app-antivirus/clamav-unofficial-sigs/files')
9 files changed, 0 insertions, 298 deletions
diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-disable-run-as-root.patch b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-disable-run-as-root.patch deleted file mode 100644 index 2b40c982309b..000000000000 --- a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-disable-run-as-root.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 5235a5e518a1b17f50eb0f56c088f3808d939626 Mon Sep 17 00:00:00 2001 -From: Michael Orlitzky <michael@orlitzky.com> -Date: Tue, 4 Feb 2020 19:34:56 -0500 -Subject: [PATCH 1/1] clamav-unofficial-sigs.sh: disable running as root. - -The only way I'm going to let this be installed on my machine is if -it never runs as root. The shit that it does is insane (a priori) -and also implemented insecurely. There's no good reason to run the -script as root on Gentoo anyway. A cron job is provided for you, -or you can use "su -s /bin/bash -c ... clamav" to run it as the -clamav user. ---- - clamav-unofficial-sigs.sh | 10 ++++++++++ - 1 file changed, 10 insertions(+) - -diff --git a/clamav-unofficial-sigs.sh b/clamav-unofficial-sigs.sh -index aa70db1..60d305b 100644 ---- a/clamav-unofficial-sigs.sh -+++ b/clamav-unofficial-sigs.sh -@@ -3,6 +3,16 @@ - # shellcheck disable=SC2120 - # shellcheck disable=SC2128 - # shellcheck disable=SC2154 -+ -+if [[ ${EUID} -eq 0 ]]; then -+ exec 1>&2 -+ echo "This script has been patched by the Gentoo maintainer to disable" -+ echo "running it as root (effective UID 0). When run as root, the script" -+ echo "performs a number of operations insecurely. You should never need" -+ echo "to run this as root on Gentoo in the first place." -+ exit 1; -+fi -+ - ################################################################################ - # This is property of eXtremeSHOK.com - # You are free to use, modify and distribute, however you may not remove this notice. --- -2.24.1 - diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-database-name.patch b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-database-name.patch deleted file mode 100644 index c991dacb412f..000000000000 --- a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-database-name.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 837439354cd4692a7228f9f356e0c4acd32202f3 Mon Sep 17 00:00:00 2001 -From: Michael Orlitzky <michael@orlitzky.com> -Date: Tue, 4 Feb 2020 20:11:16 -0500 -Subject: [PATCH 1/1] clamav-unofficial-sigs.sh: fix malwarepatrol extended - database name. - -The database suffix needs to be ".db" regardless of whether you choose -the "basic" signatures or the "extended" ones. This patch is a quick -fix, and just forces the correct name at the beginning of the script. - -Issue: https://github.com/extremeshok/clamav-unofficial-sigs/issues/300 ---- - clamav-unofficial-sigs.sh | 6 +----- - 1 file changed, 1 insertion(+), 5 deletions(-) - -diff --git a/clamav-unofficial-sigs.sh b/clamav-unofficial-sigs.sh -index aa70db1..d8031c8 100644 ---- a/clamav-unofficial-sigs.sh -+++ b/clamav-unofficial-sigs.sh -@@ -2235,11 +2235,7 @@ else - fi - fi - --if [ $malwarepatrol_list == "clamav_basic" ] ; then -- malwarepatrol_db="malwarepatrol.db" --else -- malwarepatrol_db="malwarepatrol.ndb" --fi -+malwarepatrol_db="malwarepatrol.db" - malwarepatrol_url="${malwarepatrol_url}?receipt=${malwarepatrol_receipt_code}&product=${malwarepatrol_product_code}&list=${malwarepatrol_list}" - - # If "ham_dir" variable is set, then create initial whitelist files (skipped if first-time script run). --- -2.24.1 - diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-url.patch b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-url.patch deleted file mode 100644 index e647ec9beea6..000000000000 --- a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-url.patch +++ /dev/null @@ -1,22 +0,0 @@ -From be934c77f029aa52c84ede976cf7ab91bf053c03 Mon Sep 17 00:00:00 2001 -From: Michael Urspringer <michael@urspringer.de> -Date: Sun, 26 Jan 2020 11:46:07 +0100 -Subject: [PATCH] Fixed wrong download URL for MalwarePatrol - ---- - clamav-unofficial-sigs.sh | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/clamav-unofficial-sigs.sh b/clamav-unofficial-sigs.sh -index aa70db1..c2f31d6 100644 ---- a/clamav-unofficial-sigs.sh -+++ b/clamav-unofficial-sigs.sh -@@ -2979,7 +2979,7 @@ if [ "$malwarepatrol_enabled" == "yes" ] ; then - xshok_pretty_echo_and_log "Checking for updated MalwarePatrol database file: ${malwarepatrol_db}" - malwarepatrol_db_update="0" - -- xshok_file_download "${work_dir_malwarepatrol}/${malwarepatrol_db}" "${malwarepatrol_url}&receipt=${malwarepatrol_receipt_code}" -+ xshok_file_download "${work_dir_malwarepatrol}/${malwarepatrol_db}" "${malwarepatrol_url}" - - ret="$?" - if [ "$ret" -eq 0 ] ; then diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1.man.8 b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1.man.8 deleted file mode 100644 index 7f5555e27f06..000000000000 --- a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1.man.8 +++ /dev/null @@ -1,77 +0,0 @@ - -.\" Manual page for eXtremeSHOK.com ClamAV Unofficial Signature Updater -.TH clamav-unofficial-sigs 8 "2020-01-25" "Version: 7.0.1" "SCRIPT COMMANDS" -.SH NAME -clamav-unofficial-sigs \- Download, test, and install third-party ClamAV signature databases. -.SH SYNOPSIS -.B clamav-unofficial-sigs -.RI [ options ] -.SH DESCRIPTION -\fBclamav-unofficial-sigs\fP provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol, Yara-Rules Project, etc. It will also generate and install cron, logrotate, and man files. -.SH UPDATES -Script updates can be found at: \fBhttps://github.com/extremeshok/clamav-unofficial-sigs\fP -.SH OPTIONS -This script follows the standard GNU command line syntax. -.LP -\fB Usage: clamav\-unofficial\-sigs.sh \fR [OPTION] [PATH|FILE] -.TP -\fB \-c, \-\-config \fR Use a specific configuration file or directory eg: '\-c /your/dir' or ' \-c /your/file.name' Note: If a directory is specified the directory must contain atleast: master.conf, os.conf or user.conf Default Directory: /etc/clamav\-unofficial\-sigs -.TP -\fB \-F, \-\-force \fR Force all databases to be downloaded, could cause ip to be blocked -.TP -\fB \-h, \-\-help \fR Display this script's help and usage information -.TP -\fB \-V, \-\-version \fR Output script version and date information -.TP -\fB \-v, \-\-verbose \fR Be verbose, enabled when not run under cron -.TP -\fB \-s, \-\-silence \fR Only output error messages, enabled when run under cron -.TP -\fB \-d, \-\-decode\-sig \fR Decode a third\-party signature either by signature name (eg: Sanesecurity.Junk.15248) or hexadecimal string. This flag will 'NOT' decode image signatures -.TP -\fB \-e, \-\-encode\-string \fR Hexadecimal encode an entire input string that can be used in any '*.ndb' signature database file -.TP -\fB \-f, \-\-encode\-formatted \fR Hexadecimal encode a formatted input string containing signature spacing fields '{}, (), *', without encoding the spacing fields, so that the encoded signature can be used in any '*.ndb' signature database file -.TP -\fB \-g, \-\-gpg\-verify \fR GPG verify a specific Sanesecurity database file eg: '\-g filename.ext' (do not include file path) -.TP -\fB \-i, \-\-information \fR Output system and configuration information for viewing or possible debugging purposes -.TP -\fB \-m, \-\-make\-database \fR Make a signature database from an ascii file containing data strings, with one data string per line. Additional information is provided when using this flag -.TP -\fB \-t, \-\-test\-database \fR Clamscan integrity test a specific database file eg: '\-t filename.ext' (do not include file path) -.TP -\fB \-o, \-\-output\-triggered \fR If HAM directory scanning is enabled in the script's configuration file, then output names of any third\-party signatures that triggered during the HAM directory scan -.TP -\fB \-w, \-\-whitelist <signature\-name> \fR Adds a signature whitelist entry in the newer ClamAV IGN2 format to 'my\-whitelist.ign2' in order to temporarily resolve a false\-positive issue with a specific third\-party signature. Script added whitelist entries will automatically be removed if the original signature is either modified or removed from the third\-party signature database -.TP -\fB \-\-check\-clamav \fR If ClamD status check is enabled and the socket path is correctly specifiedthen test to see if clamd is running or not -.TP -\fB \-\-upgrade \fR Upgrades this script and master.conf to the latest available version -.TP -\fB \-\-install\-all \fR Install and generate the cron, logroate and man files, autodetects the values based on your config files -.TP -\fB \-\-install\-cron \fR Install and generate the cron file, autodetects the values based on your config files -.TP -\fB \-\-install\-logrotate \fR Install and generate the logrotate file, autodetects the values based on your config files -.TP -\fB \-\-install\-man \fR Install and generate the man file, autodetects the values based on your config files -.TP -\fB \-\-remove\-script \fR Remove the clamav\-unofficial\-sigs script and all of its associated files and databases from the system -.TP -.SH SEE ALSO -.BR clamd (8), -.BR clamscan (1) -.SH COPYRIGHT -Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com -.TP -You are free to use, modify and distribute, however you may not remove this notice. -.SH LICENSE -BSD (Berkeley Software Distribution) -.SH BUGS -Report bugs to \fBhttps://github.com/extremeshok/clamav-unofficial-sigs\fP -.SH AUTHOR -Adrian Jon Kriel :: admin@extremeshok.com -Originially based on Script provide by Bill Landry - - diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.8 b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.8 deleted file mode 100644 index d7cd1926f2fa..000000000000 --- a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.8 +++ /dev/null @@ -1,75 +0,0 @@ - -.\" Manual page for eXtremeSHOK.com ClamAV Unofficial Signature Updater -.TH clamav-unofficial-sigs 8 "07 May 2016" "Version: 5.3.0" "SCRIPT COMMANDS" -.SH NAME -clamav-unofficial-sigs \- Download, test, and install third-party ClamAV signature databases. -.SH SYNOPSIS -.B clamav-unofficial-sigs -.RI [ options ] -.SH DESCRIPTION -\fBclamav-unofficial-sigs\fP provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol, Yara-Rules Project, etc. It will also generate and install cron, logrotate, and man files. -.SH UPDATES -Script updates can be found at: \fBhttps://github.com/extremeshok/clamav-unofficial-sigs\fP -.SH OPTIONS -This script follows the standard GNU command line syntax. -.LP -\fB Usage: clamav\-unofficial\-sigs.sh \fR [OPTION] [PATH|FILE] -.TP -\fB \-c, \-\-config \fR Use a specific configuration file or directory eg: '\-c /your/dir' or ' \-c /your/file.name' Note: If a directory is specified the directory must contain atleast: master.conf, os.conf or user.conf Default Directory: configgentoo -.TP -\fB \-F, \-\-force \fR Force all databases to be downloaded, could cause ip to be blocked -.TP -\fB \-h, \-\-help \fR Display this script's help and usage information -.TP -\fB \-V, \-\-version \fR Output script version and date information -.TP -\fB \-v, \-\-verbose \fR Be verbose, enabled when not run under cron -.TP -\fB \-s, \-\-silence \fR Only output error messages, enabled when run under cron -.TP -\fB \-d, \-\-decode\-sig \fR Decode a third\-party signature either by signature name (eg: Sanesecurity.Junk.15248) or hexadecimal string. This flag will 'NOT' decode image signatures -.TP -\fB \-e, \-\-encode\-string \fR Hexadecimal encode an entire input string that can be used in any '*.ndb' signature database file -.TP -\fB \-f, \-\-encode\-formatted \fR Hexadecimal encode a formatted input string containing signature spacing fields '{}, (), *', without encoding the spacing fields, so that the encoded signature can be used in any '*.ndb' signature database file -.TP -\fB \-g, \-\-gpg\-verify \fR GPG verify a specific Sanesecurity database file eg: '\-g filename.ext' (do not include file path) -.TP -\fB \-i, \-\-information \fR Output system and configuration information for viewing or possible debugging purposes -.TP -\fB \-m, \-\-make\-database \fR Make a signature database from an ascii file containing data strings, with one data string per line. Additional information is provided when using this flag -.TP -\fB \-t, \-\-test\-database \fR Clamscan integrity test a specific database file eg: '\-s filename.ext' (do not include file path) -.TP -\fB \-o, \-\-output\-triggered \fR If HAM directory scanning is enabled in the script's configuration file, then output names of any third\-party signatures that triggered during the HAM directory scan -.TP -\fB \-w, \-\-whitelist \fR Adds a signature whitelist entry in the newer ClamAV IGN2 format to 'my\-whitelist.ign2' in order to temporarily resolve a false\-positive issue with a specific third\-party signature. Script added whitelist entries will automatically be removed if the original signature is either modified or removed from the third\-party signature database -.TP -\fB \-\-check\-clamav \fR If ClamD status check is enabled and the socket path is correctly specifiedthen test to see if clamd is running or not -.TP -\fB \-\-install\-all \fR Install and generate the cron, logroate and man files, autodetects the values based on your config files -.TP -\fB \-\-install\-cron \fR Install and generate the cron file, autodetects the values based on your config files -.TP -\fB \-\-install\-logrotate \fR Install and generate the logrotate file, autodetects the values based on your config files -.TP -\fB \-\-install\-man \fR Install and generate the man file, autodetects the values based on your config files -.TP -\fB \-\-remove\-script \fR Remove the clamav\-unofficial\-sigs script and all of its associated files and databases from the system -.TP -.SH SEE ALSO -.BR clamd (8), -.BR clamscan (1) -.SH COPYRIGHT -Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com -.TP -You are free to use, modify and distribute, however you may not remove this notice. -.SH LICENSE -BSD (Berkeley Software Distribution) -.SH BUGS -Report bugs to \fBhttps://github.com/extremeshok/clamav-unofficial-sigs\fP -.SH AUTHOR -Adrian Jon Kriel :: admin@extremeshok.com -Originially based on Script provide by Bill Landry - - diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.crond b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.crond deleted file mode 100644 index 6c35c18e74b0..000000000000 --- a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.crond +++ /dev/null @@ -1,19 +0,0 @@ -# -# Run clamav-unofficial-sigs hourly. -# -# This file should be copied to /etc/cron.d rather than, say, -# /etc/cron.hourly because it needs to run as the clamav user (to -# alter the databases), but the default settings for that user in -# Gentoo are insufficient (see bug 694054). -# -# In particular, the clamav user needs a Bash shell and a home -# directory since clamav-unofficial-sigs is written in Bash and -# because otherwise cron will complain about trying to chdir to a -# nonexistent home directory. When run out of /etc/cron.d, we can set -# HOME and SHELL to appropriate values, unlike with scripts in -# /etc/cron.hourly. -# -HOME=/var/lib/clamav-unofficial-sigs -SHELL=/bin/bash - -01 * * * * clamav /usr/bin/clamav-unofficial-sigs.sh diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.logrotate b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.logrotate deleted file mode 100644 index 1d18581588de..000000000000 --- a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.logrotate +++ /dev/null @@ -1,4 +0,0 @@ -/var/log/clamav-unofficial-sigs/clamav-unofficial-sigs.log { - create 0640 clamav clamav - missingok -} diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.service b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.service deleted file mode 100644 index 51727dafc9ff..000000000000 --- a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.service +++ /dev/null @@ -1,15 +0,0 @@ -# -# Service file corresponding to clamav-unofficial-sigs.timer. -# Upstream provides a similar file, but with the wrong path -# and running as root, so it's just less of a headache to -# include our own. -# - -[Unit] -Description=ClamAV unofficial signature update service -Documentation=man:clamav-unofficial-sigs(8) - -[Service] -ExecStart=bash /usr/bin/clamav-unofficial-sigs.sh -User=clamav -WorkingDirectory=/var/lib/clamav-unofficial-sigs diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.timer b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.timer deleted file mode 100644 index 299ffd841329..000000000000 --- a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs.timer +++ /dev/null @@ -1,12 +0,0 @@ -# -# Run clamav-unofficial-sigs.service every hour, at 45 minutes past the hour. -# We do not include an [Install] section because this package does not -# technically depend on clamav to function. -# - -[Unit] -Description=ClamAV unofficial signature update timer -Documentation=man:clamav-unofficial-sigs(8) - -[Timer] -OnCalendar=*-*-* *:45:00 |