Add more configuration options for ClamAV

- Scan alerts - On Access Scanning
2019-02-14 15:11:14 +08:00 · 2019-02-14 15:11:14 +08:00 · b0eb5989fa
commit b0eb5989fa
parent d8cc0c8477
5 changed files with 34 additions and 1 deletions
--- a/22
+++ b/22
@ -14,11 +14,31 @@ RUN apk --no-cache add clamav clamav-libunrar \
    && mkdir /run/clamav \
    && chown clamav:clamav /run/clamav

+# Configure clamAV to run in foreground with port 3310
 RUN sed -i 's/^#Foreground .*$/Foreground true/g' /etc/clamav/clamd.conf \
    && sed -i 's/^#TCPSocket .*$/TCPSocket 3310/g' /etc/clamav/clamd.conf \
    && sed -i 's/^#Foreground .*$/Foreground true/g' /etc/clamav/freshclam.conf

-RUN freshclam --quiet
+
+# Configure scan alerts
+RUN touch /var/log/clamav-infected.log && chmod 0777 /var/log/clamav-infected.log
+COPY ./alert.sh /opt/clamav-utils/
+RUN chmod -Rf 0755 /opt/clamav-utils/alert.sh
+RUN sed -i 's:^#VirusEvent .*$:VirusEvent /opt/clamav-utils/alert.sh:g' /etc/clamd.d/scan.conf
+
+
+# Configure ClamAV user, ScanOnAccess requires root
+#RUN sed -i 's/^User .*$/User root/g' /etc/clamd.d/scan.conf
+
+
+# ScanOnAccess configurations
+RUN mkdir /scan-target
+RUN sed -i 's/^#ScanOnAccess .*$/ScanOnAccess yes/g' /etc/clamav/clamd.conf \
+    && sed -i 's:#OnAccessMountPath /home/user:&\r\nOnAccessMountPath /scan-target:g' /etc/clamav/clamd.conf
+
+
+RUN freshclam -v --no-dns
+# --quiet

 # Build go package
 ADD . /go/src/clamav-rest/