ClamAV cli and Gui Antivirus for Porteus

Post links to your 64bit module repos here. Repo maintainers are responsible for resolving any issues caused by their xzm's.
Testuser
Samurai
Samurai
Posts: 137
Joined: 26 May 2021, 15:11
Distribution: Porteus-v5.0-64-LXDE

ClamAV cli and Gui Antivirus for Porteus

Post#1 by Testuser » 05 Apr 2022, 17:34

Hi Team,

I just created a clamav module cli and GUI just to check files I download for any malware.

Here is some information I got from Internet related to ClamAV.

First run command freshclam to download the latest signature database for clamav. This will need user clamav created, since freshclam runs as user clamav. We can change this using the config file of freshclam - /etc/freshclam.conf (Line 59).

After activating module you need to reboot, then only clamav user will be activated.

Please check script in folder /etc/rc.d/rc4.d/ for details

clamscan - Everytime signature databased loads to memory and takes around 1.2 GB memory then scan starts.

clamdscan - Once we run /etc/rc.d/rc.clamav.new, clamd is loaded with signtures in memory and we can do scan instantly. While opening GUI ask for password to load clamdscan in memory, if need you can disable.

GUI uses the clamscan version.

Included context Menu in PcmanFM as well for individaul file or folder checking.

Sorry for not being brief, just tried to explain everything. :)

Please feel free to ask.

https://www.mediafire.com/file/fban3v3f ... d.xzm/file

User avatar
Ed_P
Contributor
Contributor
Posts: 8341
Joined: 06 Feb 2013, 22:12
Distribution: Cinnamon 5.01 ISO
Location: Western NY, USA

ClamAV cli and Gui Antivirus for Porteus

Post#2 by Ed_P » 06 Apr 2022, 04:11

Thanks Testuser, I'll have to check it out. :)
Ed

Testuser
Samurai
Samurai
Posts: 137
Joined: 26 May 2021, 15:11
Distribution: Porteus-v5.0-64-LXDE

ClamAV cli and Gui Antivirus for Porteus

Post#3 by Testuser » 06 Apr 2022, 17:48

Hi Team,

Forgot to mention one thing.

The bin files in xzm packages are used from below links.

ClamAV
https://slackware.pkgs.org/current/slac ... f.txz.html

Convert to xzm will not create run the script to create user "clamav" for default freshclam scan.

ClamAV-GUI
https://www.linux-apps.com/p/1127892
Downloaded the source and then compiled it in Antix - OS.

:)

User avatar
Ed_P
Contributor
Contributor
Posts: 8341
Joined: 06 Feb 2013, 22:12
Distribution: Cinnamon 5.01 ISO
Location: Western NY, USA

ClamAV cli and Gui Antivirus for Porteus

Post#4 by Ed_P » 06 Apr 2022, 19:50

:%)
Testuser wrote:
06 Apr 2022, 17:48
Convert to xzm will not create run the script to create user "clamav" for default freshclam scan.
Can you post the script?
Testuser wrote:
06 Apr 2022, 17:48
ClamAV-GUI
https://www.linux-apps.com/p/1127892
Downloaded the source and then compiled it in Antix - OS.
Is this what's in your xzm file? :crazy:
Ed

Testuser
Samurai
Samurai
Posts: 137
Joined: 26 May 2021, 15:11
Distribution: Porteus-v5.0-64-LXDE

ClamAV cli and Gui Antivirus for Porteus

Post#5 by Testuser » 07 Apr 2022, 19:03

Hi Ed_P

The installation script (doinst.sh) is inside folder "install" of the package - clamav-0.104.2-x86_64-1cf.txz.

Below is the part where user "clamav" is created.

# Add user and group (uid=210 and gid=210 are SBo suggest)
if ! grep -q "^clamav:" etc/group; then
if ! grep -q ":210:" etc/group; then
chroot . groupadd -g 210 clamav &>/dev/null
else
chroot . groupadd clamav &>/dev/null
fi
fi
if ! grep -q "^clamav:" etc/passwd; then
if ! grep -q ":210:" etc/passwd; then
chroot . useradd -u 210 -d /dev/null -s /bin/false -c "Clam AntiVirus" -g clamav clamav &>/dev/null
else
chroot . useradd -d /dev/null -s /bin/false -c "Clam AntiVirus" -g clamav clamav &>/dev/null
fi
fi

So I included this in /etc/rc.d/rc4.d/S-clamv

Yes, I compiled the ClamAV-GUI from here.
https://www.linux-apps.com/p/1127892

Any risks or issues with that ? :o

User avatar
Rava
Contributor
Contributor
Posts: 5401
Joined: 11 Jan 2011, 02:46
Distribution: XFCE 5.01 x86_64 + 4.0 i586
Location: Forests of Germany

ClamAV cli and Gui Antivirus for Porteus

Post#6 by Rava » 07 Apr 2022, 22:04

Testuser wrote:
05 Apr 2022, 17:34
After activating module you need to reboot, then only clamav user will be activated.
But… root should be able to create and "activate" a user on the fly?
It would be very inconvenient on a real multi-user-system when the system had to reboot every time a new user gets created.

And since the scripts in var/log/scripts/ are run by root when you activate a module, it should be possible to insert the user creation command in there, e.g. by using an existing script or creating a new one.

As a simple example of one such script, this is /var/log/scripts/fbreader-0.12.10-x86_64-2ponce from my stripped fbreader module:

Code: Select all

if [ -x /usr/bin/update-desktop-database ]; then
  /usr/bin/update-desktop-database -q usr/share/applications >/dev/null 2>&1
fi

( cd usr/lib64 ; rm -rf libzltext.so.0.13 )
( cd usr/lib64 ; ln -sf libzltext.so.0.12.10 libzltext.so.0.13 )
( cd usr/lib64 ; rm -rf libzlcore.so.0.13 )
( cd usr/lib64 ; ln -sf libzlcore.so.0.12.10 libzlcore.so.0.13 )
I think it would be better when the user got created by one such script on the fly and not included in /etc/rc.d/rc4.d/S-clamv .
Testuser, can you try editing (or creating) the var/log/scripts/clamav-whatever instead and removing /etc/rc.d/rc4.d/S-clamv ?
When you create it make sure to make it executable. My quoted script has these access rights (check with stat, change with chmod):
0755/-rwxr-xr-x
clamscan - Everytime signature databased loads to memory and takes around 1.2 GB memory then scan starts.
That's a lot of memory used…
Is clamscan a GUI or a CLI program?

Last question, does ClamAV-GUI need QT5?
At least the some web search hits seem to say so, like this:
https://store.kde.org/p/1127892/
As reported there can be problems making ClamAV-GUI to fit more moderate screens, also with v. 0.4.2. Opening the "clamav_gui.ui" file located in the source "ui" directory with Qt5 Designer
(highlighting by me)

Added in 20 minutes 47 seconds:
Testuser wrote:
07 Apr 2022, 19:03
Yes, I compiled the ClamAV-GUI from here.
https://www.linux-apps.com/p/1127892

Any risks or issues with that ? :o
Dunno, at least a search for any hits for "ClamAV-GUI" on https://slakfinder.org gives no result. Could it be slackware calls it by a different name?
Cheers!
Yours Rava

beny
Full of knowledge
Full of knowledge
Posts: 2086
Joined: 02 Jan 2011, 11:33
Location: italy

ClamAV cli and Gui Antivirus for Porteus

Post#7 by beny » 07 Apr 2022, 23:05

yes in slackware the name of the clamav gui is:clamtk-6.11-x86_64-1ponce.tgz

User avatar
Rava
Contributor
Contributor
Posts: 5401
Joined: 11 Jan 2011, 02:46
Distribution: XFCE 5.01 x86_64 + 4.0 i586
Location: Forests of Germany

ClamAV cli and Gui Antivirus for Porteus

Post#8 by Rava » 07 Apr 2022, 23:19

^
and like so often, Ponce is ahead of the game.

The newest found via https://slakfinder.org if for Slackware 14.2 (not 15!) and the version is 5.26…
Cheers!
Yours Rava

Testuser
Samurai
Samurai
Posts: 137
Joined: 26 May 2021, 15:11
Distribution: Porteus-v5.0-64-LXDE

ClamAV cli and Gui Antivirus for Porteus

Post#9 by Testuser » 09 Apr 2022, 12:13

Yes Guys

Let me try by making removing script from rc.d and add it in var/log/scripts/

clamscan is cli and once scan is over, it unload the signature database from memory and 1.2 GB is freed.

yes Clam-GUI has QT5 dependency.

linux-vdso.so.1
libQt5Widgets.so.5 => /usr/lib64/libQt5Widgets.so.5
libQt5Gui.so.5 => /usr/lib64/libQt5Gui.so.5
libQt5Network.so.5 => /usr/lib64/libQt5Network.so.5
libQt5Core.so.5 => /usr/lib64/libQt5Core.so.5

Rest you can check with ldd /usr/bin/clamav-gui

I had VLC player module added, so QT5 libs are already in my OS.


Clamtk is a different GUI of clamscan, but I liked this one because It has option to chose multiple directories at once for scanning.

Testuser
Samurai
Samurai
Posts: 137
Joined: 26 May 2021, 15:11
Distribution: Porteus-v5.0-64-LXDE

ClamAV cli and Gui Antivirus for Porteus

Post#10 by Testuser » 09 Apr 2022, 17:24

I have tried adding the same script in /var/log/scripts/ as exectuable.

Still gettting below error unless I reboot.

guest@porteus:~$ sudo freshclam
Password:
WARNING: Can't get information about user clamav.
ERROR: Can't get information about user clamav.
ERROR: Failed to switch to clamav user.
ERROR: Initialization error!

I used below script from
Testuser wrote:
07 Apr 2022, 19:03

The installation script (doinst.sh) is inside folder "install" of the package - clamav-0.104.2-x86_64-1cf.txz.

Below is the part where user "clamav" is created.

# Add user and group (uid=210 and gid=210 are SBo suggest)
if ! grep -q "^clamav:" etc/group; then
if ! grep -q ":210:" etc/group; then
chroot . groupadd -g 210 clamav &>/dev/null
else
chroot . groupadd clamav &>/dev/null
fi
fi
if ! grep -q "^clamav:" etc/passwd; then
if ! grep -q ":210:" etc/passwd; then
chroot . useradd -u 210 -d /dev/null -s /bin/false -c "Clam AntiVirus" -g clamav clamav &>/dev/null
else
chroot . useradd -d /dev/null -s /bin/false -c "Clam AntiVirus" -g clamav clamav &>/dev/null
fi
fi
I am not familiar with bash scripts.

Can anyone make changes in the script to make it work without reboot ?

User avatar
Blaze
DEV Team
DEV Team
Posts: 3869
Joined: 28 Dec 2010, 11:31
Distribution: ⟰ Porteus current ☯ all DEs ☯
Location: ☭ Russian Federation, Lipetsk region, Dankov
Contact:

ClamAV cli and Gui Antivirus for Porteus

Post#11 by Blaze » 09 Apr 2022, 19:12

How about

Code: Select all

su
toor
groupadd -g 210 clamav
useradd -u 210 -d /dev/null -s /bin/false -g clamav clamav
freshclam
# or try this
su 210 -c "freshclam"
?
Linux 6.6.11-porteus #1 SMP PREEMPT_DYNAMIC Sun Jan 14 12:07:37 MSK 2024 x86_64 Intel(R) Xeon(R) CPU E3-1270 v6 @ 3.80GHz GenuineIntel GNU/Linux
MS-7A12 » [AMD/ATI] Navi 23 [Radeon RX 6600] [1002:73ff] (rev c7) » Vengeance LPX 16GB DDR4 K2 3200MHz C16

Testuser
Samurai
Samurai
Posts: 137
Joined: 26 May 2021, 15:11
Distribution: Porteus-v5.0-64-LXDE

ClamAV cli and Gui Antivirus for Porteus

Post#12 by Testuser » 10 Apr 2022, 15:16

Hi Blaze,

Thanks for the commands. This does help in creating user clamav.


Hi Rava
Rava wrote:
07 Apr 2022, 22:25

And since the scripts in var/log/scripts/ are run by root when you activate a module, it should be possible to insert the user creation command in there, e.g. by using an existing script or creating a new one.
I created a scipt in /var/log/scripts/ with below contents and confirmed it is 0755

sudo groupadd -g 210 clamav
sudo useradd -u 210 -d /dev/null -s /bin/false -g clamav clamav

files is getting copied in the mentioned folder but it is not executed.

I check with cat /etc/passwd and there i can see clamav is not yet added, unless I manually run the script.

:pardon: :o

Testuser
Samurai
Samurai
Posts: 137
Joined: 26 May 2021, 15:11
Distribution: Porteus-v5.0-64-LXDE

ClamAV cli and Gui Antivirus for Porteus

Post#13 by Testuser » 15 Apr 2022, 11:20

Hi Rava
Rava wrote:
07 Apr 2022, 22:25

And since the scripts in var/log/scripts/ are run by root when you activate a module, it should be possible to insert the user creation command in there, e.g. by using an existing script or creating a new one.
I found the actual path to create script is /var/lib/pkgtools/scripts

Still file is getting copied but not executed.

So I created a freshclam script which required sudo and this will add the user clamav before freshclam starts updating the database.

The modified and update Clamav package is below

https://www.mediafire.com/file/7ptnu8xy ... d.xzm/file

:)

User avatar
Rava
Contributor
Contributor
Posts: 5401
Joined: 11 Jan 2011, 02:46
Distribution: XFCE 5.01 x86_64 + 4.0 i586
Location: Forests of Germany

ClamAV cli and Gui Antivirus for Porteus

Post#14 by Rava » 21 Aug 2022, 18:15

Testuser does it work in 5.0 finale version?
Cheers!
Yours Rava

Post Reply