Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-antivirus
diff options
context:
space:
mode:
Diffstat (limited to 'app-antivirus')
-rw-r--r--app-antivirus/clamav-unofficial-sigs/Manifest1
-rw-r--r--app-antivirus/clamav-unofficial-sigs/clamav-unofficial-sigs-7.0.1.ebuild107
-rw-r--r--app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-disable-run-as-root.patch39
-rw-r--r--app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-database-name.patch35
-rw-r--r--app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-url.patch22
-rw-r--r--app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1.man.877
6 files changed, 281 insertions, 0 deletions
diff --git a/app-antivirus/clamav-unofficial-sigs/Manifest b/app-antivirus/clamav-unofficial-sigs/Manifest
index a557118db755..639d0b6e0124 100644
--- a/app-antivirus/clamav-unofficial-sigs/Manifest
+++ b/app-antivirus/clamav-unofficial-sigs/Manifest
@@ -1,2 +1,3 @@
DIST clamav-unofficial-sigs-5.6.2.tar.gz 50931 BLAKE2B 6fea42f8f76ae5344c2b96c9203d2b09e755573d03f2b9d3d9ee2a488150fbb6f598e052b730daf12c551920a71fd8daad1dc10002fca12fa4a74554cf7d445e SHA512 79978db065a22d778490d0a2673f5a0bb7ab73e42de64563e7d26ac23459f7e5b2e73b0548e1ea6483e3c5f43eed65cdbc6814037cc0c46a339366a0150e5427
DIST clamav-unofficial-sigs-6.0.1.tar.gz 52262 BLAKE2B 9523da749e88c5e93f0986d7d4a234c3b1eff7c207ceb266e63cd76d7cffdf4a85aedf90aa746f7e1c82be97018f40896bbaa2dfd8f749f3c167d3bff74293d7 SHA512 d4f619628c9b2804a6d5ad533adaad72e323bb0604334c045cf92fc550ffb114493653d097b68337b33f51dc1215dc073b4ec9dc42abea8707cb03aefa40b289
+DIST clamav-unofficial-sigs-7.0.1.tar.gz 59517 BLAKE2B 36da6d7748cd7fcf35dde4790a8fb6777a97a6c0a7b2c080e0f0ac939041b5fd2372f0d58fb00558a7f57db78866c3235205e2cb8a8083575efcf1a5e73c9a3b SHA512 2cba341bce50b03d17f46662b499a3378d4e5750f4abe837bbddee5c671636553660723243c4b90de96c84210926f6406f554b7936600c3ae618644af40bf802
diff --git a/app-antivirus/clamav-unofficial-sigs/clamav-unofficial-sigs-7.0.1.ebuild b/app-antivirus/clamav-unofficial-sigs/clamav-unofficial-sigs-7.0.1.ebuild
new file mode 100644
index 000000000000..d906ed530acb
--- /dev/null
+++ b/app-antivirus/clamav-unofficial-sigs/clamav-unofficial-sigs-7.0.1.ebuild
@@ -0,0 +1,107 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit systemd
+
+DESCRIPTION="Download and install third-party clamav signatures"
+HOMEPAGE="https://github.com/extremeshok/clamav-unofficial-sigs"
+SRC_URI="https://github.com/extremeshok/clamav-unofficial-sigs/archive/${PV}.tar.gz -> ${P}.tar.gz"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="cron"
+
+# Require acct-{user,group}/clamav at build time so that we can set
+# the permissions on /var/lib/${PN} in src_install rather than in
+# pkg_postinst; calling "chown" on the live filesystem scares me.
+DEPEND="acct-group/clamav
+ acct-user/clamav"
+
+# The script relies on either net-misc/socat, or Perl's
+# IO::Socket::UNIX. We already depend on Perl, and Gentoo's Perl ships
+# with IO::Socket::UNIX, so we can leave out net-misc/socat here.
+#
+# Recent versions will crash if you don't have "clamscan" available,
+# so we are forced to depend on app-antivirus/clamav finally.
+RDEPEND="${DEPEND}
+ app-antivirus/clamav
+ app-crypt/gnupg
+ dev-lang/perl
+ net-dns/bind-tools
+ || ( net-misc/wget net-misc/curl )"
+
+# This script is cccrrraaaaaaazzzzzzzzyyyyyy. It does a million
+# insecure things. Let's not accidentally run it as root.
+PATCHES=(
+ "${FILESDIR}/${P}-disable-run-as-root.patch"
+ "${FILESDIR}/${P}-fix-mbl-database-name.patch"
+ "${FILESDIR}/${P}-fix-mbl-url.patch"
+)
+
+src_prepare() {
+ default
+
+ # https://github.com/extremeshok/clamav-unofficial-sigs/pull/301
+ echo 'allow_upgrades="no"' >> config/os/os.gentoo.conf || die
+ echo 'allow_update_checks="no"' >> config/os/os.gentoo.conf || die
+}
+
+src_install() {
+ dobin "${PN}.sh"
+
+ insinto /etc/logrotate.d
+ newins "${FILESDIR}/${PN}.logrotate" "${PN}"
+
+ insinto "/etc/${PN}"
+ doins config/{master,user}.conf
+ newins config/os/os.gentoo.conf os.conf
+
+ # To generate the man page, you have to first install the package,
+ # and then issue some ridiculous command like
+ #
+ # $ sudo su -s /bin/sh \
+ # -c 'man_dir=/tmp clamav-unofficial-sigs.sh --install-man' \
+ # clamav
+ #
+ # That'll stick it in /tmp, which is unsafe-ish, but the example is
+ # easily modified.
+ newman "${FILESDIR}/${P}.man.8" "${PN}.8"
+ dodoc README.md
+
+ if use cron; then
+ # Beware, this directory is not completely standard. However,
+ # we need this to run as "clamav" with a non-default shell and
+ # home directory (bug 694054), and this seems like the most
+ # reliable way to accomplish that.
+ insinto "/etc/cron.d"
+ newins "${FILESDIR}/${PN}.crond" "${PN}"
+ else
+ dodoc "${FILESDIR}/${PN}.crond"
+ fi
+
+ # Install the systemd service and timer unconditionally, because
+ # the timer is disabled by default (and won't annoy people until
+ # after they've configured the script).
+ systemd_dounit "${FILESDIR}/${PN}".{service,timer}
+
+ # The script's working directory, as set in the configuration
+ # file. By default, the script runs as clamav:clamav because
+ # it needs write access to the clamav databases.
+ diropts -o clamav -g clamav
+ keepdir "/var/lib/${PN}"
+}
+
+pkg_postinst() {
+ elog ''
+ elog "You will need to select databases in /etc/${PN}/master.conf."
+ elog "For details, please see the ${PN}(8) manual page."
+ elog ''
+ elog 'An up-to-date description of the available Sanesecurity'
+ elog 'databases is available at,'
+ elog ''
+ elog ' http://sanesecurity.com/usage/signatures/'
+ elog ''
+}
diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-disable-run-as-root.patch b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-disable-run-as-root.patch
new file mode 100644
index 000000000000..2b40c982309b
--- /dev/null
+++ b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-disable-run-as-root.patch
@@ -0,0 +1,39 @@
+From 5235a5e518a1b17f50eb0f56c088f3808d939626 Mon Sep 17 00:00:00 2001
+From: Michael Orlitzky <michael@orlitzky.com>
+Date: Tue, 4 Feb 2020 19:34:56 -0500
+Subject: [PATCH 1/1] clamav-unofficial-sigs.sh: disable running as root.
+
+The only way I'm going to let this be installed on my machine is if
+it never runs as root. The shit that it does is insane (a priori)
+and also implemented insecurely. There's no good reason to run the
+script as root on Gentoo anyway. A cron job is provided for you,
+or you can use "su -s /bin/bash -c ... clamav" to run it as the
+clamav user.
+---
+ clamav-unofficial-sigs.sh | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/clamav-unofficial-sigs.sh b/clamav-unofficial-sigs.sh
+index aa70db1..60d305b 100644
+--- a/clamav-unofficial-sigs.sh
++++ b/clamav-unofficial-sigs.sh
+@@ -3,6 +3,16 @@
+ # shellcheck disable=SC2120
+ # shellcheck disable=SC2128
+ # shellcheck disable=SC2154
++
++if [[ ${EUID} -eq 0 ]]; then
++ exec 1>&2
++ echo "This script has been patched by the Gentoo maintainer to disable"
++ echo "running it as root (effective UID 0). When run as root, the script"
++ echo "performs a number of operations insecurely. You should never need"
++ echo "to run this as root on Gentoo in the first place."
++ exit 1;
++fi
++
+ ################################################################################
+ # This is property of eXtremeSHOK.com
+ # You are free to use, modify and distribute, however you may not remove this notice.
+--
+2.24.1
+
diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-database-name.patch b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-database-name.patch
new file mode 100644
index 000000000000..c991dacb412f
--- /dev/null
+++ b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-database-name.patch
@@ -0,0 +1,35 @@
+From 837439354cd4692a7228f9f356e0c4acd32202f3 Mon Sep 17 00:00:00 2001
+From: Michael Orlitzky <michael@orlitzky.com>
+Date: Tue, 4 Feb 2020 20:11:16 -0500
+Subject: [PATCH 1/1] clamav-unofficial-sigs.sh: fix malwarepatrol extended
+ database name.
+
+The database suffix needs to be ".db" regardless of whether you choose
+the "basic" signatures or the "extended" ones. This patch is a quick
+fix, and just forces the correct name at the beginning of the script.
+
+Issue: https://github.com/extremeshok/clamav-unofficial-sigs/issues/300
+---
+ clamav-unofficial-sigs.sh | 6 +-----
+ 1 file changed, 1 insertion(+), 5 deletions(-)
+
+diff --git a/clamav-unofficial-sigs.sh b/clamav-unofficial-sigs.sh
+index aa70db1..d8031c8 100644
+--- a/clamav-unofficial-sigs.sh
++++ b/clamav-unofficial-sigs.sh
+@@ -2235,11 +2235,7 @@ else
+ fi
+ fi
+
+-if [ $malwarepatrol_list == "clamav_basic" ] ; then
+- malwarepatrol_db="malwarepatrol.db"
+-else
+- malwarepatrol_db="malwarepatrol.ndb"
+-fi
++malwarepatrol_db="malwarepatrol.db"
+ malwarepatrol_url="${malwarepatrol_url}?receipt=${malwarepatrol_receipt_code}&product=${malwarepatrol_product_code}&list=${malwarepatrol_list}"
+
+ # If "ham_dir" variable is set, then create initial whitelist files (skipped if first-time script run).
+--
+2.24.1
+
diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-url.patch b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-url.patch
new file mode 100644
index 000000000000..e647ec9beea6
--- /dev/null
+++ b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1-fix-mbl-url.patch
@@ -0,0 +1,22 @@
+From be934c77f029aa52c84ede976cf7ab91bf053c03 Mon Sep 17 00:00:00 2001
+From: Michael Urspringer <michael@urspringer.de>
+Date: Sun, 26 Jan 2020 11:46:07 +0100
+Subject: [PATCH] Fixed wrong download URL for MalwarePatrol
+
+---
+ clamav-unofficial-sigs.sh | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/clamav-unofficial-sigs.sh b/clamav-unofficial-sigs.sh
+index aa70db1..c2f31d6 100644
+--- a/clamav-unofficial-sigs.sh
++++ b/clamav-unofficial-sigs.sh
+@@ -2979,7 +2979,7 @@ if [ "$malwarepatrol_enabled" == "yes" ] ; then
+ xshok_pretty_echo_and_log "Checking for updated MalwarePatrol database file: ${malwarepatrol_db}"
+ malwarepatrol_db_update="0"
+
+- xshok_file_download "${work_dir_malwarepatrol}/${malwarepatrol_db}" "${malwarepatrol_url}&receipt=${malwarepatrol_receipt_code}"
++ xshok_file_download "${work_dir_malwarepatrol}/${malwarepatrol_db}" "${malwarepatrol_url}"
+
+ ret="$?"
+ if [ "$ret" -eq 0 ] ; then
diff --git a/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1.man.8 b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1.man.8
new file mode 100644
index 000000000000..7f5555e27f06
--- /dev/null
+++ b/app-antivirus/clamav-unofficial-sigs/files/clamav-unofficial-sigs-7.0.1.man.8
@@ -0,0 +1,77 @@
+
+.\" Manual page for eXtremeSHOK.com ClamAV Unofficial Signature Updater
+.TH clamav-unofficial-sigs 8 "2020-01-25" "Version: 7.0.1" "SCRIPT COMMANDS"
+.SH NAME
+clamav-unofficial-sigs \- Download, test, and install third-party ClamAV signature databases.
+.SH SYNOPSIS
+.B clamav-unofficial-sigs
+.RI [ options ]
+.SH DESCRIPTION
+\fBclamav-unofficial-sigs\fP provides a simple way to download, test, and update third-party signature databases provided by Sanesecurity, FOXHOLE, OITC, Scamnailer, BOFHLAND, CRDF, Porcupine, Securiteinfo, MalwarePatrol, Yara-Rules Project, etc. It will also generate and install cron, logrotate, and man files.
+.SH UPDATES
+Script updates can be found at: \fBhttps://github.com/extremeshok/clamav-unofficial-sigs\fP
+.SH OPTIONS
+This script follows the standard GNU command line syntax.
+.LP
+\fB Usage: clamav\-unofficial\-sigs.sh \fR [OPTION] [PATH|FILE]
+.TP
+\fB \-c, \-\-config \fR Use a specific configuration file or directory eg: '\-c /your/dir' or ' \-c /your/file.name' Note: If a directory is specified the directory must contain atleast: master.conf, os.conf or user.conf Default Directory: /etc/clamav\-unofficial\-sigs
+.TP
+\fB \-F, \-\-force \fR Force all databases to be downloaded, could cause ip to be blocked
+.TP
+\fB \-h, \-\-help \fR Display this script's help and usage information
+.TP
+\fB \-V, \-\-version \fR Output script version and date information
+.TP
+\fB \-v, \-\-verbose \fR Be verbose, enabled when not run under cron
+.TP
+\fB \-s, \-\-silence \fR Only output error messages, enabled when run under cron
+.TP
+\fB \-d, \-\-decode\-sig \fR Decode a third\-party signature either by signature name (eg: Sanesecurity.Junk.15248) or hexadecimal string. This flag will 'NOT' decode image signatures
+.TP
+\fB \-e, \-\-encode\-string \fR Hexadecimal encode an entire input string that can be used in any '*.ndb' signature database file
+.TP
+\fB \-f, \-\-encode\-formatted \fR Hexadecimal encode a formatted input string containing signature spacing fields '{}, (), *', without encoding the spacing fields, so that the encoded signature can be used in any '*.ndb' signature database file
+.TP
+\fB \-g, \-\-gpg\-verify \fR GPG verify a specific Sanesecurity database file eg: '\-g filename.ext' (do not include file path)
+.TP
+\fB \-i, \-\-information \fR Output system and configuration information for viewing or possible debugging purposes
+.TP
+\fB \-m, \-\-make\-database \fR Make a signature database from an ascii file containing data strings, with one data string per line. Additional information is provided when using this flag
+.TP
+\fB \-t, \-\-test\-database \fR Clamscan integrity test a specific database file eg: '\-t filename.ext' (do not include file path)
+.TP
+\fB \-o, \-\-output\-triggered \fR If HAM directory scanning is enabled in the script's configuration file, then output names of any third\-party signatures that triggered during the HAM directory scan
+.TP
+\fB \-w, \-\-whitelist <signature\-name> \fR Adds a signature whitelist entry in the newer ClamAV IGN2 format to 'my\-whitelist.ign2' in order to temporarily resolve a false\-positive issue with a specific third\-party signature. Script added whitelist entries will automatically be removed if the original signature is either modified or removed from the third\-party signature database
+.TP
+\fB \-\-check\-clamav \fR If ClamD status check is enabled and the socket path is correctly specifiedthen test to see if clamd is running or not
+.TP
+\fB \-\-upgrade \fR Upgrades this script and master.conf to the latest available version
+.TP
+\fB \-\-install\-all \fR Install and generate the cron, logroate and man files, autodetects the values based on your config files
+.TP
+\fB \-\-install\-cron \fR Install and generate the cron file, autodetects the values based on your config files
+.TP
+\fB \-\-install\-logrotate \fR Install and generate the logrotate file, autodetects the values based on your config files
+.TP
+\fB \-\-install\-man \fR Install and generate the man file, autodetects the values based on your config files
+.TP
+\fB \-\-remove\-script \fR Remove the clamav\-unofficial\-sigs script and all of its associated files and databases from the system
+.TP
+.SH SEE ALSO
+.BR clamd (8),
+.BR clamscan (1)
+.SH COPYRIGHT
+Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com
+.TP
+You are free to use, modify and distribute, however you may not remove this notice.
+.SH LICENSE
+BSD (Berkeley Software Distribution)
+.SH BUGS
+Report bugs to \fBhttps://github.com/extremeshok/clamav-unofficial-sigs\fP
+.SH AUTHOR
+Adrian Jon Kriel :: admin@extremeshok.com
+Originially based on Script provide by Bill Landry
+
+