Package Details: clamav-unofficial-sigs 7.2.5-1

Git Clone URL: https://aur.archlinux.org/clamav-unofficial-sigs.git (read-only, click to copy)
Package Base: clamav-unofficial-sigs
Description: ClamAV Unofficial Signatures Updater maintained by eXtremeSHOK.com
Upstream URL: https://github.com/extremeshok/clamav-unofficial-sigs
Licenses: BSD
Submitter: sinkuu
Maintainer: amish
Last Packager: amish
Votes: 62
Popularity: 0.43
First Submitted: 2015-12-29 01:37 (UTC)
Last Updated: 2021-05-08 14:36 (UTC)

Pinned Comments

Latest Comments

eXtremeSHOK commented on 2020-12-07 08:51 (UTC)

7.2 was just released : https://github.com/extremeshok/clamav-unofficial-sigs/releases/tag/7.2

boris220 commented on 2020-06-14 14:30 (UTC)

The checksum of the .tar.gz-file seems to have changed back again to the previous value.

berilac commented on 2020-06-10 12:04 (UTC)

@amish thank you!

berilac commented on 2020-06-09 10:28 (UTC)

I'm getting an incorrect sha256 sum for the tar.gz

ValHue commented on 2018-05-17 17:38 (UTC) (edited on 2018-05-17 17:40 (UTC) by ValHue)

@amish - It's done.

I have my attention in other packages and projects, I pass you the relay.

ValHue commented on 2018-05-17 16:53 (UTC)

@amish:

Do you want to take charge of the maintenance of this package?

I do not dedicate the time that it deserves and I always go behind your contributions, I would not mind giving it to you.

Best regards

mat_weiss commented on 2018-05-16 06:35 (UTC)

One or more of the yara signature databases causes a crash and coredumps of clamav 0.100.0

After deleting all yara signature databases no more crashes occurred. What I do not quite understand is that there were error messages in version 0.99.4, but it never came to coredumps and crashes. I have not yet figured out which yara database is responsible for the errors. Currently I have deactivated all yara databases and clamav is running stable.

See my Bugreport

https://bugs.archlinux.org/task/58513

ValHue commented on 2018-05-01 10:59 (UTC)

@amish, Thanks for your contribution.

mawcomw commented on 2018-03-19 12:23 (UTC)

I am getting the fllowing error: "(CRON) ERROR chdir failed (/dev/null): Not a directory."

The file /etc/cron.d/clamav-unofficial-sigs listing:

14 * * clamav [ -x /usr/bin/clamav-unofficial-sigs.sh ] && /usr/bin/bash /usr/bin/clamav-unofficial-sigs.sh > /dev/null

Can you give some help? Thanks!

ValHue commented on 2018-01-01 11:12 (UTC)

I have adopted this package, I hope to live up to it.

If a new version were to be marked as obsolete, I will receive a notification and as soon as possible I will update it.

Thank you.

eXtremeSHOK commented on 2017-03-17 12:31 (UTC)

PGP dependency can be removed. Version 5.6.1 (updated 2017-03-18) eXtremeSHOK.com Maintenance Packers/Javascript_exploit_and_obfuscation.yar false positive rating increased to HIGH Codeclimate fixes Incremented the config to version 73 Version 5.6 (updated 2017-03-17) eXtremeSHOK.com Maintenance PGP is now optional and no longer a requirement and pgp support is auto-detected Full support for MacOS / OS X and added clamav install guide Full support for pfSense and added clamav install guide Added os configs for Zimbra and Debian 8 with systemd Much better error messages with possible solutions given Better checking of possible issues Update all SANESECURITY signature databases Support for clamav-devel (clamav compiled from source) Added full proxy support to wget and curl Replace allot of "echo | cut | sed" with bash substitutions Added fallbacks/substitutions for various commands xshok_file_download and xshok_draw_time_remaining functions added to replace redundant code blocks Removed SANESECURITY mbl.ndb as this file is not showing up on the rsync mirrors Allow exit code 23 for rsync Major refactoring : Normalize comments, quotes, functions, conditions Protect various arguments and "POSIX-ize" script integrity Enhanced testing with travis-ci, including clamav 0.99 Incremented the config to version 72

MaJia321 commented on 2016-06-10 05:14 (UTC) (edited on 2016-06-10 06:02 (UTC) by MaJia321)

Please correct the command line of '/usr/lib/systemd/system/clamav-unofficial-sigs.service' to ... [Service] ExecStart=/usr/bin/clamav-unofficial-sigs.sh ... By the way, should I modify 'DatabaseDirectory' in 'clamd.conf'?

JDCNS commented on 2016-04-25 03:14 (UTC)

I'm getting: Failed curl connection to https://www.securiteinfo.com/get/signatures/ - SKIPPED for all files at securiteinfo. I also noticed that the link in the master.conf was incorrect, so obviously something has changed since the last release of this package.

sinkuu commented on 2016-04-13 06:49 (UTC)

The configuration files have restructured since 5.0. `user_configuration_complete is disabled in order to ensure you have completed (re-)configuration before execution.

widowild commented on 2016-04-12 14:51 (UTC)

Please add in .install uncomment file /etc/clamav-unofficial-sigs/user.conf #user_configuration_complete="yes" and user_configuration_complete="yes"

widowild commented on 2016-04-12 14:29 (UTC)

hello, $ sudo clamav-unofficial-sigs.sh ################################################################################ eXtremeSHOK.com ClamAV Unofficial Signature Updater Version: v5.1.0 (08 April 2016) Required Configuration Version: v60 Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com ################################################################################ ======================================================= Loading config: /etc/clamav-unofficial-sigs/master.conf ======================================================= =================================================== Loading config: /etc/clamav-unofficial-sigs/os.conf =================================================== ===================================================== Loading config: /etc/clamav-unofficial-sigs/user.conf ===================================================== **************************************************** WARNING: SCRIPT CONFIGURATION HAS NOT BEEN COMPLETED **************************************************** Please review the script configuration files.

Utini commented on 2016-02-19 18:45 (UTC)

Thanks for that link but I am thinking about adding /tmp/ in general (which should include the pacaur tmp folder in any case). This is a standard folder for "malicious files" on windows, so maybe it is also a smart choice to add on Arch?

sinkuu commented on 2016-02-13 22:26 (UTC)

https://github.com/rmarquis/pacaur/blob/master/pacaur#L41 I think you need to configure pacaur's TMPDIR somewhere persistent. If clamd during startup can't find some paths included for on-access scan, it doesn't watch them.

Utini commented on 2016-02-13 16:27 (UTC) (edited on 2016-02-13 16:27 (UTC) by Utini)

Hmm in my case it will be used on my Laptop which is use for everything (work, office, multimedia, coding, ....). I am using cower + pacaur. Also I am wondering if I should exlude any directories?

sinkuu commented on 2016-02-13 15:16 (UTC) (edited on 2016-02-13 15:20 (UTC) by sinkuu)

I'm using on-access scanning just for file servers, so I don't know. At least "OnAccessPrevention yes" prevents detected files to be accessed even from root. > So which directory should I use for "OnAccessIncludePath" ? Depends on your AUR helper and its configuration.

Utini commented on 2016-02-13 14:43 (UTC) (edited on 2016-02-13 15:11 (UTC) by Utini)

Thanks, did you already try to configure ClamAV as on-access scanner? Or do you have any idea on how to automatically scan any AUR packages befire installing? Btw I made a thread to improve the ClamAV setup in general: https://bbs.archlinux.org/viewtopic.php?pid=1603867 @edit: woopsie, didn't see you edit. So which directory should I use for "OnAccessIncludePath" ? I will defeniately include my download folder. But which AUR directories or is there any general "good practice" ?

sinkuu commented on 2016-02-13 13:37 (UTC) (edited on 2016-02-13 13:47 (UTC) by sinkuu)

> Is there a way to verify that everything is working and signatures are being downloaded + used by ClamAV? Run `clamconf`. It will print various information including the list of databases currently used by ClamAV. > On-Access scanner Edit clamd.conf: ~~~ #User clamav # <- comment out this line! On-Access scanning requires root ScanOnAccess yes OnAccessPrevention yes OnAccessIncludePath /path/to/be/watched ~~~ and restart clamd service. AUR cache directory may contain a bunch of files, but Clamd can watch as many files as `sysctl fs.inotify.max_user_watches` says (default value is 8192). If you see errors on /var/log/clamav/clamd.log, try increasing it.

Utini commented on 2016-02-13 12:34 (UTC)

Thanks, you are awesome ! Just one more question: Is there a way to verify that everything is working and signatures are being downloaded + used by ClamAV? ....my next task will be to get ClamAV to be an On-Access scanner which will somehow can all AUR packages when downloading/building. Not sure how to do that though. Maybe by constantly watching + scanning the "local AUR folder".

sinkuu commented on 2016-02-13 08:43 (UTC)

> Do I need to enable the timer or the .service file? Enable and start timer. # systemctl enable --now clamav-unofficial-sigs.timer > And how often will it run? It will run hourly. Edit /usr/lib/systemd/system/clamav-unofficial-sigs.timer if you want to change. > Can I just update or should I uninstall/remove first and then install again? Yes. Just update it.

Utini commented on 2016-02-13 08:13 (UTC)

Oh well you are right, I shouldn't need to run the script as a normal user. Do I need to enable the timer or the .service file? And how often will it run? Also: Can I just update or should I uninstall/remove first and then install again? Thanks for the great effort !

sinkuu commented on 2016-02-13 01:56 (UTC)

Added a systemd service. Note that it's incompatible with normal user usage (after automatic update root user owns databases).

sinkuu commented on 2016-02-12 23:25 (UTC) (edited on 2016-02-12 23:26 (UTC) by sinkuu)

Ok, I think I found the way to update database without root. Make sure you belong to clamav group. 1) Remove /var/lib/clamav-unofficial-sigs, and reinstall clamav-unofficial-sigs 2) Edit /etc/clamav-unofficial-sigs.conf to comment-out "clamav_user" and "clamav_group", also set "setmode" to "no" 3) Run `chmod g+w /var/lib/{clamav,clamav-unofficial-sigs} /var/log/clamav -R` as root 4) Run clamav-unofficial-sigs.sh Well, I don't recommend making malware database writable by normal user though :) > Also the cron.d doesn't exist on my system? It isn't installed by default. You need to turn on the flag (_install_cron_file) on top of the PKGBUILD if you want it.

Utini commented on 2016-02-12 16:50 (UTC) (edited on 2016-02-12 16:51 (UTC) by Utini)

Hmm when executing the .sh as "normal user" I still get an error. /usr/bin/clamav-unofficial-sigs.sh ################################################################################ eXtremeSHOK.com ClamAV Unofficial Signature Updater Version: v4.9.2 (02 December 2015) Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com ################################################################################ ================================================ Loading config: /etc/clamav-unofficial-sigs.conf ================================================ mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-si': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-mbl': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-lmd': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-ss': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/configs': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/gpg-key': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-add': Permission denied chmod: cannot access '/var/lib/clamav-unofficial-sigs/gpg-key': No such file or directory curl: (23) Failed writing body (0 != 1762) ***************************************************** ALERT: Could not download Sanesecurity public GPG key ***************************************************** /usr/bin/clamav-unofficial-sigs.sh: line 81: /var/log/clamav/clamav-unofficial-sigs.log: Permission denied ______________________________________________________________________________________ Also the cron.d doesn't exist on my system? /etc/cron.d/clamav-unofficial-sigs-cron Why even using crontab? It requires the installation of a "cron package" first as Arch uses systemd/timers?

Utini commented on 2016-02-12 15:14 (UTC)

Great, I will try it when I am back home :) Btw I added your AUR package to the official ClamAV archwiki entry. Great job !

sinkuu commented on 2016-02-12 11:55 (UTC)

Ah, I forgot to set clamav group. I'll update.

Utini commented on 2016-02-12 09:56 (UTC)

/usr/bin/clamav-unofficial-sigs.sh ################################################################################ eXtremeSHOK.com ClamAV Unofficial Signature Updater Version: v4.9.2 (02 December 2015) Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com ################################################################################ ================================================ Loading config: /etc/clamav-unofficial-sigs.conf ================================================ mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs': Permission denied chmod: cannot access '/var/lib/clamav-unofficial-sigs/gpg-key': No such file or directory curl: (23) Failed writing body (0 != 1762) ***************************************************** ALERT: Could not download Sanesecurity public GPG key ***************************************************** /usr/bin/clamav-unofficial-sigs.sh: line 81: /var/log/clamav/clamav-unofficial-sigs.log: Permission denied ......@_____:~$ sudo mkdir /var/lib/clamav-unofficial-sigs/ [sudo] password for ......: .....@_____:~$ /usr/bin/clamav-unofficial-sigs.sh ################################################################################ eXtremeSHOK.com ClamAV Unofficial Signature Updater Version: v4.9.2 (02 December 2015) Copyright (c) Adrian Jon Kriel :: admin@extremeshok.com ################################################################################ ================================================ Loading config: /etc/clamav-unofficial-sigs.conf ================================================ mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-si': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-mbl': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-lmd': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-ss': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/configs': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/gpg-key': Permission denied mkdir: cannot create directory '/var/lib/clamav-unofficial-sigs/dbs-add': Permission denied chmod: cannot access '/var/lib/clamav-unofficial-sigs/gpg-key': No such file or directory curl: (23) Failed writing body (0 != 1762) ***************************************************** ALERT: Could not download Sanesecurity public GPG key ***************************************************** /usr/bin/clamav-unofficial-sigs.sh: line 81: /var/log/clamav/clamav-unofficial-sigs.log: Permission denied

Utini commented on 2016-02-12 09:55 (UTC)

It seems like to update any signatures the following must be run as root? /usr/bin/clamav-unofficial-sigs.sh