#!/bin/sh
# clamav-wrapper -- invoke ClamAV for use with mailscanner
#
# Adrian Bridgett <adrian@smop.co.uk>, 14/12/01
#
# MailScanner - SMTP E-Mail Virus Scanner
# Copyright (C) 2001 Julian Field
#
# $Id: clamav-wrapper 3184 2005-09-28 11:13:40Z jkf $
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
# The author, Julian Field, can be contacted by email at
# Jules@JulianField.net
# or by paper mail at
# Julian Field
# Dept of Electronics & Computer Science
# University of Southampton
# Southampton
# SO17 1BJ
# United Kingdom
#
#
# Modifications by Kevin Spicer <kevin@kevinspicer.co.uk> to get
# external unpackers working correctly. 9 Nov 2003
# Removed --unzip from ScanOptions, as its already in ExtraScanOptions
# (Clam usually uses own unzipper, -unzip just allows it to use external
# program so should be in ExtraScanOptions as it could cause a failure)
# Separate all unpackers and add missing ones.
# Add tmpdir (and check for it) in MailScanner incoming dir
# (to take advantage of ramdisk) - needed by external unpacker
###### IF YOU ARE RUNNING MAILSCANNER AS ROOT ######
# You need to set the following in MailScanner.conf so that external
# unpackers can be used...
# Incoming Work Group = clamav
# Incoming Work Permissions = 0640
# You may want to check this script for bash-isms
PATH=$PATH:/usr/local/bin
export PATH
TempDir="/tmp/clamav.$$"
ClamUser="clamav"
ClamGroup="clamav"
ScanOptions=""
ExtraScanOptions=""
# Extra options we try to pass to clam but we handle it failing
# For each option there are two alternatives...
# --option # if the required program is in the PATH
# --option=/path/to/program # If its in a non standard location
# If you use the second option make sure you set the correct path in each case
# Note that clam internally supports Zip, Gzip and Rar (v2.0) files,
# so for these the extra options are just a fallback should the internal
# unpacker fail (the internal unzipper should also support .jar files).
# Common external unpackers you probably have installed (hence
# enabled by default)
# Uncomment ONE of the following lines if you have unzip installed
ExtraScanOptions="$ExtraScanOptions --unzip"
#ExtraScanOptions="$ExtraScanOptions --unzip=/path/to/unzip"
# Uncomment ONE of the following lines if you have unzip installed
# And want to be able to use it to scan jar files should the internal
# unzipper fail
ExtraScanOptions="$ExtraScanOptions --jar"
#ExtraScanOptions="$ExtraScanOptions --jar=/path/to/unzip"
# Uncomment ONE of the following lines if you have tar installed
ExtraScanOptions="$ExtraScanOptions --tar"
#ExtraScanOptions="$ExtraScanOptions --tar=/path/to/tar"
# Uncomment ONE of the following lines if you have tar installed
# AND it is GNU tar with gzip support
ExtraScanOptions="$ExtraScanOptions --tgz"
#ExtraScanOptions="$ExtraScanOptions --tgz=/path/to/tar"
# Uncomment ONE of the following lines if you have tar installed and
# want to scan debian .deb packages
# Must be GNU tar with gzip support
ExtraScanOptions="$ExtraScanOptions --deb"
#ExtraScanOptions="$ExtraScanOptions --deb=/path/to/tar"
# LESS COMMON unpackers, which probably aren't installed by default
# (hence disabled)
# Uncomment ONE of the following lines if you have unrar installed
ExtraScanOptions="$ExtraScanOptions --unrar"
#ExtraScanOptions="$ExtraScanOptions --unrar=/path/to/unrar"
# Uncomment ONE of the following lines if you have unarj installed
ExtraScanOptions="$ExtraScanOptions --arj"
#ExtraScanOptions="$ExtraScanOptions --unarj=/path/to/unarj"
# Uncomment ONE of the following lines if you have lha installed
ExtraScanOptions="$ExtraScanOptions --lha"
#ExtraScanOptions="$ExtraScanOptions --lha=/path/to/lha"
# Uncomment ONE of the following lines if you have zoo installed
ExtraScanOptions="$ExtraScanOptions --unzoo"
#ExtraScanOptions="$ExtraScanOptions --zoo=/path/to/unzoo"
# Now increase the allowed expansion size of zip files
ExtraScanOptions="$ExtraScanOptions --max-ratio=500"
# Uncomment next line if you need to disable Clam's DoS protection
#ExtraScanOptions="--max-files=0 --max-space=0 --max-recursion=0 $ExtraScanOptions"
ClamScan=$1/bin/clamscan
shift
if [ ! -x $ClamScan ]; then
ClamScan=/usr/local/bin/clamscan
fi
if [ "x$1" = "x-IsItInstalled" ]; then
[ -x $ClamScan ] && exit 0
exit 1
fi
# Add this for Solaris users so they can find whoami
PATH=$PATH:/usr/ucb
export PATH
# Check if the tmpdir exists, if so delete so we start with a clean slate
if [ -x "${TempDir}" ]; then
rm -rf ${TempDir} >/dev/null 2>&1
fi
# Make the Temp dir
umask 0077
mkdir "${TempDir}" >/dev/null 2>&1
# In case we get interupted....
trap "rm -rf ${TempDir}" EXIT
if [ $? ]; then
ExtraScanOptions="$ExtraScanOptions --tempdir=${TempDir}"
# If we are root chown it to the clamav user/group
if [ `whoami` = "root" ]; then
chown ${ClamUser}:${ClamGroup} "${TempDir}"
fi
fi
$ClamScan $ExtraScanOptions $ScanOptions "$@"
retval=$?
#Clean up the temp directory
if [ -x "${TempDir}" ]; then
rm -rf ${TempDir}
fi
trap '' EXIT
if [ "$retval" = "40" ]; then
# Clam complained we passed an illegal command-line option
# (As this calls without external unpackers the temp dir isn't used)
exec $ClamScan $ScanOptions "$@"
else
exit $retval
fi
syntax highlighted by Code2HTML, v. 0.9.1