On Access Virus Protection ?

[Rich]

Hi remus

So do I just delete the /tmp/package/usr/local/share/doc/ dir and thats my doc free tcz right ?
And do it in reverse to create the rlog-doc.tcz ?

That sounds right. If that  eicar  is not too big, you might want to add it so an end user can quickly
and easily test that they have properly configured clamfs.

[remus]

Including the eicar test file is doable, its only 68 bytes.

I'm running the command  submitqc4 in the dir that contains all the required files for an extension.
And its taking a long time with no output, is this normal ?

[Rich]

Hi remus
Depending on the number of files in the extension and the speed of you hardware, it may take a
little while before you see a response. I used it for an extension containing only one executable
file and it took 10 seconds before I saw any output.

[remus]

I've submitted the deps for ClamFS as extensions, and am preparing to do the same for ClamFS.

I'm getting around to writing up the steps needed to get everything working (as the comments in the info file) and need a bit of guidance.

The default clamd.conf file (which is for the clam antivirus daemon) has the default location for the clamd log file as

Code: [Select]

/tmp/clamd.logI did a bit of research (self inflicted learning) and discovered that log files are often located at

Code: [Select]

/var/log
Should I change the location to /var/log or leave it in the default location ?

[Juanito]

If it's not too much trouble, I think /var/log makes more sense (and this is probably what fhs recommends)

[remus]

There is a required entry

Code: [Select]

LocalSocket /tmp/clamd.socket
I've done some googling but can't seem to find a Filesystem Hierarchy Standard reference to where socket files are supposed to go. I'll stick with >/tmp/clamd.socket< unless anyone has some input

[Rich]

Hi remus
Cups uses   /var/run/cups/cups.sock

[remus]

Thx Rich,
I also looked up "mysql socket" on google, and its non consistent, sometimes its /tmp/mysql.sock or /var/lib/mysql/mysql.sock

Part of my setup guide gets the user to check if they already have clamd running BEFORE making changes to the clamd.conf file.

Code: [Select]

$ top output might be too busy for some.

I've got this so far.

Code: [Select]

$ ps | grep clamd
 2568 root     clamd
 2648 tc       grep clamd

Is there a command that just gives a single line of output ?

[Rich]

Hi remus
This might work:

Code: [Select]

ps | grep clamd | grep -v grep

[remus]

Thx Rich,
Does the trick.

[Rich]

Hi remus
And  geany  uses  /tmp/geany_socket.XXXXXXXX  where  XXXXXXXX  appears to be a hex number.

[remus]

I've put together clamfs as a tcz extension, and have started writing a simple guide to setting it up.

A little problem I'm hitting is that the clamd.conf file AND the clamfs.xml file both need to be edited in order to get things working. However a default install of clamav and clamfs give me what I think are links to the actual files. If I try to edit the link or the actual file I get the following error.

Code: [Select]

Error writing clamfs.xml: Read-only file system
Heres what the link looks like

Code: [Select]

tc@box:/usr/local/etc/clamfs$ ls -l
total 0
lrwxrwxrwx 1 root root 50 Feb  7 13:15 clamfs.xml -> /tmp/tcloop/clamfs/usr/local/etc/clamfs/clamfs.xml
Heres the tce.insalled/clamfs.xml file I'm using

Code: [Select]

#!/bin/sh

[ -d /usr/local/etc/clamfs ] || mkdir /usr/local/etc/clamfs

[ -f /usr/local/etc/clamfs/clamfs.xml ] || cp -p /usr/local/share/clamfs/files/
clamfs.xml /usr/local/etc/clamfs/

I've run into this problem before and was instructed to copy the file from /tmp/tcloop/clamfs/usr/local/etc/clamfs/clamfs.xml and replace the file located at /usr/local/etc/clamfs/clamfs.xml which works.

Is this the way it should be done to conform to anti bloat policy for creating extensions ?
Is it OK to setup the extension's tce.installed script so that a real writable file is saved to /usr/local/etc/clamfs/clamfs.xml ? And if so, how do I do that in my tce.installed script ?

[gerald_clark]

If the default config file is sufficient, you need do nothing, and no additional memory is used.
If you need to edit the config file, rename it to clamfs.xml.bak.
Then cp clamfs.xml.bak clamfs.xml.
Make your changes, add usr/local.etc.clamfs/clamfs.xml to /opt/.filetool.lst and do a backup.

[remus]

Default config files are insufficient.

So the end user has no choice but to:

cd /usr/local/etc/clamfs
sudo mv clamfs.xml clamfs.xml.bak
sudo cp /tmp/tcloop/clamfs/usr/local/etc/clamfs/clamfs.xml .
sudo echo "usr/local/etc/clamfs/clamfs.xml" >> /opt/.filetool.lst

Just thought I'd ask, I understand and support the goals of tinycore
LESSS IS MORE

I could include a script for the end user to run.

[Rich]

Hi remus
Or you could do what other extensions do and give the instructions in the  Comments  field of the
info file.