Arch Linux User Repository

MAINTAINER NOTE:

Upstream for this project seems to be dead. There has been no commit from 3 years.

Users are recommended to migrate to python-fangfrisch. More or less drop in replacement and possibly more secure.

AUR: https://aur.archlinux.org/packages/python-fangfrisch

Upstream: https://rseichter.github.io/fangfrisch/

Thanks, did you already try to configure ClamAV as on-access scanner? Or do you have any idea on how to automatically scan any AUR packages befire installing? Btw I made a thread to improve the ClamAV setup in general: https://bbs.archlinux.org/viewtopic.php?pid=1603867 @edit: woopsie, didn't see you edit. So which directory should I use for "OnAccessIncludePath" ? I will defeniately include my download folder. But which AUR directories or is there any general "good practice" ?

> Is there a way to verify that everything is working and signatures are being downloaded + used by ClamAV? Run `clamconf`. It will print various information including the list of databases currently used by ClamAV. > On-Access scanner Edit clamd.conf: ~~~ #User clamav # <- comment out this line! On-Access scanning requires root ScanOnAccess yes OnAccessPrevention yes OnAccessIncludePath /path/to/be/watched ~~~ and restart clamd service. AUR cache directory may contain a bunch of files, but Clamd can watch as many files as `sysctl fs.inotify.max_user_watches` says (default value is 8192). If you see errors on /var/log/clamav/clamd.log, try increasing it.

Thanks, you are awesome ! Just one more question: Is there a way to verify that everything is working and signatures are being downloaded + used by ClamAV? ....my next task will be to get ClamAV to be an On-Access scanner which will somehow can all AUR packages when downloading/building. Not sure how to do that though. Maybe by constantly watching + scanning the "local AUR folder".

> Do I need to enable the timer or the .service file? Enable and start timer. # systemctl enable --now clamav-unofficial-sigs.timer > And how often will it run? It will run hourly. Edit /usr/lib/systemd/system/clamav-unofficial-sigs.timer if you want to change. > Can I just update or should I uninstall/remove first and then install again? Yes. Just update it.

Oh well you are right, I shouldn't need to run the script as a normal user. Do I need to enable the timer or the .service file? And how often will it run? Also: Can I just update or should I uninstall/remove first and then install again? Thanks for the great effort !

Added a systemd service. Note that it's incompatible with normal user usage (after automatic update root user owns databases).

Ok, I think I found the way to update database without root. Make sure you belong to clamav group. 1) Remove /var/lib/clamav-unofficial-sigs, and reinstall clamav-unofficial-sigs 2) Edit /etc/clamav-unofficial-sigs.conf to comment-out "clamav_user" and "clamav_group", also set "setmode" to "no" 3) Run `chmod g+w /var/lib/{clamav,clamav-unofficial-sigs} /var/log/clamav -R` as root 4) Run clamav-unofficial-sigs.sh Well, I don't recommend making malware database writable by normal user though :) > Also the cron.d doesn't exist on my system? It isn't installed by default. You need to turn on the flag (_install_cron_file) on top of the PKGBUILD if you want it.

Hmm when executing the .sh as "normal user" I still get an error. /usr/bin/clamav-unofficial-sigs.sh ################################################################################ eXtremeSHOK.com ClamAV Unofficial Signature Updater Version: v4.9.2 (02 December 2015) Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com ################################################################################ ================================================ Loading config: /etc/clamav-unofficial-sigs.conf ================================================ mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-si': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-mbl': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-lmd': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-ss': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/configs': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/gpg-key': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-add': Permission denied chmod: cannot access '/var/lib/clamav-unofficial-sigs/gpg-key': No such file or directory curl: (23) Failed writing body (0 != 1762) ***************************************************** ALERT: Could not download Sanesecurity public GPG key ***************************************************** /usr/bin/clamav-unofficial-sigs.sh: line 81: /var/log/clamav/clamav-unofficial-sigs.log: Permission denied ______________________________________________________________________________________ Also the cron.d doesn't exist on my system? /etc/cron.d/clamav-unofficial-sigs-cron Why even using crontab? It requires the installation of a "cron package" first as Arch uses systemd/timers?

Great, I will try it when I am back home :) Btw I added your AUR package to the official ClamAV archwiki entry. Great job !

Ah, I forgot to set clamav group. I'll update.