summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app-antivirus/skyldav/Manifest1
-rw-r--r--app-antivirus/skyldav/files/skyldav-0.5-conf.patch27
-rw-r--r--app-antivirus/skyldav/files/skyldav-0.5-examples.patch11
-rw-r--r--app-antivirus/skyldav/files/skyldav-0.5-syslog.patch22
-rw-r--r--app-antivirus/skyldav/files/skyldav.confd11
-rwxr-xr-xapp-antivirus/skyldav/files/skyldav.initd26
-rw-r--r--app-antivirus/skyldav/files/skyldav.service-r115
-rw-r--r--app-antivirus/skyldav/files/skyldav.service.conf3
-rw-r--r--app-antivirus/skyldav/files/skyldav.tmpfilesd2
-rw-r--r--app-antivirus/skyldav/metadata.xml11
-rw-r--r--app-antivirus/skyldav/skyldav-0.5-r1.ebuild109
11 files changed, 238 insertions, 0 deletions
diff --git a/app-antivirus/skyldav/Manifest b/app-antivirus/skyldav/Manifest
new file mode 100644
index 000000000000..f729e27f856f
--- /dev/null
+++ b/app-antivirus/skyldav/Manifest
@@ -0,0 +1 @@
+DIST skyldav-0.5.tar.gz 105274 SHA256 308b7a15b920a33c2c381aeb607db5bece9560e0a85e3e65c2df0d153413f4cc SHA512 24b9e3805574a2498b1e250cde790d6263f6f751546ad906303099bad5e722430568b1081764843a3c52f38730e8f26132f32058bea33c18f19673ac9147c323 WHIRLPOOL 77e77c25eaf3d0d3add4e1b03366c75dd1acdf8152d2987af61418a4793b1b0873cd0088e2bfd00c9864316e3b6e068c4bc96bc064cfec706a1b1b0c318d3aa1
diff --git a/app-antivirus/skyldav/files/skyldav-0.5-conf.patch b/app-antivirus/skyldav/files/skyldav-0.5-conf.patch
new file mode 100644
index 000000000000..8255f7a20d12
--- /dev/null
+++ b/app-antivirus/skyldav/files/skyldav-0.5-conf.patch
@@ -0,0 +1,27 @@
+diff -urN skyldav-0.5.orig/examples/etc/skyldav.conf skyldav-0.5/examples/etc/skyldav.conf
+--- skyldav-0.5.orig/examples/etc/skyldav.conf 2015-02-15 20:32:57.000000000 +0100
++++ skyldav-0.5/examples/etc/skyldav.conf 2016-01-21 14:02:27.656666425 +0100
+@@ -19,14 +19,21 @@
+
+ # Directories that shall not be scanned (including subdirectories)
+ # EXCLUDE_PATH = /var/noscan, /opt/noscan
++EXCLUDE_PATH = /usr/portage, /var/db/pkg, /var/tmp/portage, /var/tmp/binpkgs
+
+ # File systems that are local, virus scan results may be cached.
+ # LOCAL_FS = ext3, ext4, iso9660, tmpfs, vfat
+-LOCAL_FS = ext3, ext4, iso9660, tmpfs, vfat
++LOCAL_FS = ext2, ext3, ext4, xfs, zfs, btrfs, reiserfs, vfat, ntfs, iso9660, tmpfs
+
+ # File systems that shall not be marked for virus scan.
+ # NOMARK_FS = proc, sysfs
+-NOMARK_FS = proc, sysfs, cifs
++#
++# Do not exclude devtmpfs and configs, as userspace could write malware onto them.
++# CIFS is also known to cause problems due to a background daemon, so we exclude it here
++# (https://github.com/xypron/skyldav/commit/63b01b912d3eed80f3db92aec8647770546f5c1c).
++# Note that FUSE file systems are automatically excluded from scanning
++# (https://github.com/xypron/skyldav/issues/3).
++NOMARK_FS = proc, sysfs, devpts, debugfs, securityfs, cgroup, rpc_pipefs, mqueue, autofs, cifs
+
+ # Mounts that shall not be marked for virus scan.
+ # NOMARK_MNT = /mnt/noscan
diff --git a/app-antivirus/skyldav/files/skyldav-0.5-examples.patch b/app-antivirus/skyldav/files/skyldav-0.5-examples.patch
new file mode 100644
index 000000000000..5c614685749e
--- /dev/null
+++ b/app-antivirus/skyldav/files/skyldav-0.5-examples.patch
@@ -0,0 +1,11 @@
+diff -urN skyldav-0.5.orig/Makefile.am skyldav-0.5/Makefile.am
+--- skyldav-0.5.orig/Makefile.am 2015-02-15 20:32:57.000000000 +0100
++++ skyldav-0.5/Makefile.am 2016-01-21 14:11:14.883632470 +0100
+@@ -9,7 +9,6 @@
+ rm -rf doc/doxygen
+
+ install-data-local: \
+- install-skyldav-examples \
+ install-skyldav-conf \
+ install-skyldavnotify-desktop
+
diff --git a/app-antivirus/skyldav/files/skyldav-0.5-syslog.patch b/app-antivirus/skyldav/files/skyldav-0.5-syslog.patch
new file mode 100644
index 000000000000..2e72ce2ab58b
--- /dev/null
+++ b/app-antivirus/skyldav/files/skyldav-0.5-syslog.patch
@@ -0,0 +1,22 @@
+diff -urN skyldav-0.5.orig/src/skyldav/Messaging.cc skyldav-0.5/src/skyldav/Messaging.cc
+--- skyldav-0.5.orig/src/skyldav/Messaging.cc 2015-02-15 20:32:57.000000000 +0100
++++ skyldav-0.5/src/skyldav/Messaging.cc 2016-01-21 14:17:12.492010594 +0100
+@@ -118,15 +118,17 @@
+ break;
+ case INFORMATION:
+ type = "I";
+- syslog(LOG_NOTICE, "%s", message.c_str());
++ syslog(LOG_INFO, "%s", message.c_str());
+ std::cout << message << std::endl;
+ break;
+ case DEBUG:
+ type = "D";
++ syslog(LOG_DEBUG, "%s", message.c_str());
+ std::cout << message << std::endl;
+ return;
+ default:
+ type = " ";
++ syslog(LOG_NOTICE, "%s", message.c_str());
+ std::cout << message << std::endl;
+ break;
+ }
diff --git a/app-antivirus/skyldav/files/skyldav.confd b/app-antivirus/skyldav/files/skyldav.confd
new file mode 100644
index 000000000000..aad4d2305900
--- /dev/null
+++ b/app-antivirus/skyldav/files/skyldav.confd
@@ -0,0 +1,11 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+# Config file for /etc/init.d/skyldav
+
+# Options to pass to the skyldav daemon.
+# Option -d for daemonizing is always passed!
+# See the skyldav(1) man page for more info.
+
+#SKYLDAV_OPTS="-m 1"
diff --git a/app-antivirus/skyldav/files/skyldav.initd b/app-antivirus/skyldav/files/skyldav.initd
new file mode 100755
index 000000000000..fd4bf09f7e33
--- /dev/null
+++ b/app-antivirus/skyldav/files/skyldav.initd
@@ -0,0 +1,26 @@
+#!/sbin/runscript
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: $
+
+SKYLDAV_BIN="/usr/sbin/skyldav"
+SKYLDAV_OPTS="${SKYLDAV_OPTS:--m 2}"
+SKYLDAV_CONFIGFILE="/etc/skyldav.conf"
+SKYLDAV_PIDFILE_DIR="${SKYLDAV_PIDFILE_DIR:-/var/run/${RC_SVCNAME}}"
+SKYLDAV_PIDFILE="${SKYLDAV_PIDFILE:-${SKYLDAV_PIDFILE_DIR}/${RC_SVCNAME}.pid}"
+
+name="${SKYLDAV_BIN##*/}"
+command="${SKYLDAV_BIN}"
+command_args="-d ${SKYLDAV_OPTS}"
+pidfile="${SKYLDAV_PIDFILE}"
+description="Skyld AV is an anti-virus on-access scanner based upon Clam AV and fanotify"
+required_files="${SKYLDAV_CONFIG}"
+
+depend() {
+ use logger
+ need localmount
+}
+
+start_pre() {
+ checkpath -d -m 0755 -o root:root "${SKYLDAV_PIDFILE_DIR}"
+}
diff --git a/app-antivirus/skyldav/files/skyldav.service-r1 b/app-antivirus/skyldav/files/skyldav.service-r1
new file mode 100644
index 000000000000..decd788a9f83
--- /dev/null
+++ b/app-antivirus/skyldav/files/skyldav.service-r1
@@ -0,0 +1,15 @@
+[Unit]
+Description=SkyldAV anti-virus on-access scanning daemon based upon Clam AV and fanotify
+Requires=local-fs.target clamd.service
+After=local-fs.target clamd.service
+Before=multi-user.target
+
+[Service]
+Type=simple
+Environment="SKYLDAV_MESSAGE_LEVEL=2"
+ExecStart=/usr/sbin/skyldav -d -m ${SKYLDAV_MESSAGE_LEVEL}
+#KillMode=process
+#KillSignal=SIGTERM
+
+[Install]
+WantedBy=multi-user.target
diff --git a/app-antivirus/skyldav/files/skyldav.service.conf b/app-antivirus/skyldav/files/skyldav.service.conf
new file mode 100644
index 000000000000..79c23a3ff05d
--- /dev/null
+++ b/app-antivirus/skyldav/files/skyldav.service.conf
@@ -0,0 +1,3 @@
+[Service]
+# skyldav message level (-m)
+#Environment="SKYLDAV_MESSAGE_LEVEL=1"
diff --git a/app-antivirus/skyldav/files/skyldav.tmpfilesd b/app-antivirus/skyldav/files/skyldav.tmpfilesd
new file mode 100644
index 000000000000..a4f7cdc47423
--- /dev/null
+++ b/app-antivirus/skyldav/files/skyldav.tmpfilesd
@@ -0,0 +1,2 @@
+# skyldav runtime directory for skyldav.pid and log (used by skyldavnotify)
+d /run/skyldav 0755 root root -
diff --git a/app-antivirus/skyldav/metadata.xml b/app-antivirus/skyldav/metadata.xml
new file mode 100644
index 000000000000..63306ff3a6d0
--- /dev/null
+++ b/app-antivirus/skyldav/metadata.xml
@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+ <maintainer type="person">
+ <email>wschlich@gentoo.org</email>
+ <name>Wolfram Schlich</name>
+ </maintainer>
+ <upstream>
+ <remote-id type="github">xypron/skyldav</remote-id>
+ </upstream>
+</pkgmetadata>
diff --git a/app-antivirus/skyldav/skyldav-0.5-r1.ebuild b/app-antivirus/skyldav/skyldav-0.5-r1.ebuild
new file mode 100644
index 000000000000..3175fc8e1c82
--- /dev/null
+++ b/app-antivirus/skyldav/skyldav-0.5-r1.ebuild
@@ -0,0 +1,109 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit flag-o-matic linux-info linux-mod autotools-utils readme.gentoo-r1 systemd
+
+DESCRIPTION="Skyld AV: on-access scanning daemon for ClamAV using fanotify"
+HOMEPAGE="http://xypron.github.io/skyldav/"
+
+## github release tarball
+MY_PV=${PV/_rc/rc}
+MY_P="${PN}-${MY_PV}"
+SRC_URI="https://github.com/xypron/skyldav/archive/${MY_PV}.tar.gz -> ${MY_P}.tar.gz"
+
+## selfmade tarball
+#MY_PVR=${PVR/_rc/rc}
+#MY_P="${PN}-${MY_PVR}"
+#SRC_URI="http://dev.gentoo.org/~wschlich/src/${CATEGORY}/${PN}/${MY_P}.tar.gz"
+
+## github commit tarball
+#MY_GIT_COMMIT="49bdb5e710b5a77c38ceb87da6015afb7009f1f9"
+#MY_P="xypron-${PN}-${MY_GIT_COMMIT:0:7}"
+#SRC_URI="https://github.com/xypron/${PN}/tarball/${MY_GIT_COMMIT} -> ${PF}.tar.gz"
+
+S="${WORKDIR}/${MY_P}"
+
+KEYWORDS="~amd64 ~x86"
+SLOT="0"
+LICENSE="Apache-2.0"
+IUSE="libnotify systemd"
+
+RDEPEND=">=app-antivirus/clamav-0.97.8
+ sys-apps/util-linux
+ sys-libs/libcap
+ libnotify? (
+ media-libs/libcanberra[gtk]
+ x11-libs/libnotify
+ x11-libs/gtk+:2
+ )"
+DEPEND="${RDEPEND}
+ sys-devel/autoconf-archive"
+
+## autotools-utils.eclass settings
+AUTOTOOLS_AUTORECONF="1"
+AUTOTOOLS_IN_SOURCE_BUILD="1"
+DOCS=( AUTHORS NEWS README )
+PATCHES=(
+ "${FILESDIR}/${P}-syslog.patch"
+ "${FILESDIR}/${P}-examples.patch"
+ "${FILESDIR}/${P}-conf.patch"
+)
+
+pkg_setup() {
+ linux-info_pkg_setup
+ kernel_is ge 3 8 0 || die "Linux 3.8.0 or newer recommended"
+ CONFIG_CHECK="FANOTIFY FANOTIFY_ACCESS_PERMISSIONS"
+ check_extra_config
+
+ ## define contents for README.gentoo
+ if use systemd; then
+ DOC_CONTENTS='SkyldAV provides a systemd service.'$'\n'
+ DOC_CONTENTS+='Please edit the systemd service config file to match your needs:'$'\n'
+ DOC_CONTENTS+='/etc/systemd/system/skyldav.service.d/00gentoo.conf'$'\n'
+ DOC_CONTENTS+='# systemctl daemon-reload'$'\n'
+ DOC_CONTENTS+='# systemctl restart skyldav.service'$'\n'
+ DOC_CONTENTS+='Example for enabling the SkyldAV service:'$'\n'
+ DOC_CONTENTS+='# systemctl enable skyldav.service'$'\n'
+ else
+ DOC_CONTENTS='SkyldAV provides an init script for OpenRC.'$'\n'
+ DOC_CONTENTS+='Please edit the init script config file to match your needs:'$'\n'
+ DOC_CONTENTS+='/etc/conf.d/skyldav'$'\n'
+ DOC_CONTENTS+='Example for enabling the SkyldAV init script:'$'\n'
+ DOC_CONTENTS+='# rc-update add skyldav default'$'\n'
+ fi
+}
+
+src_configure() {
+ local myeconfargs=(
+ $(use_with libnotify notification)
+ )
+ autotools-utils_src_configure
+}
+
+src_install() {
+ autotools-utils_src_install
+
+ ## install systemd service or OpenRC init scripts
+ if use systemd; then
+ systemd_newunit "${FILESDIR}/skyldav.service-r1" skyldav.service
+ systemd_install_serviced "${FILESDIR}"/skyldav.service.conf
+ systemd_newtmpfilesd "${FILESDIR}"/skyldav.tmpfilesd skyldav.conf
+ else
+ newinitd "${FILESDIR}/${PN}.initd" ${PN}
+ newconfd "${FILESDIR}/${PN}.confd" ${PN}
+ fi
+
+ ## create README.gentoo from ${DOC_CONTENTS}
+ DISABLE_AUTOFORMATTING=1 readme.gentoo_create_doc
+}
+
+pkg_postinst() {
+ ## workaround for /usr/lib/tmpfiles.d/skyldav.conf
+ ## not getting processed until the next reboot
+ if use systemd; then
+ install -d -m 0755 -o root -g root /run/skyldav
+ fi
+}