3.5. 设置 Clamd 并与 Daemontools 一起使用
编辑 /etc/clamd.conf 并进行以下更改。
| 取消注释 "LogSyslog" |
| 取消注释 "StreamSaveToDisk" |
| 取消注释 "MaxThreads" 并将值更改为 "30" |
| 取消注释 "User" 并将值更改为 "qscand" |
| 取消注释 "Foreground" |
| 取消注释 "ScanMail" |
创建 clamav 目录。
#mkdir -p /usr/local/clamav/bin |
现在为 clamd 创建一个启动/关闭脚本。复制并粘贴下面显示的脚本。此脚本由 Jesse D. Guardiani 编写。
#vi /usr/local/clamav/bin/clamdctl
#!/bin/sh
# For Red Hat chkconfig
# chkconfig: - 80 30
# description: the ClamAV clamd daemon
PATH=/usr/local/clamav/bin:/bin:/usr/bin:/usr/local/bin:/usr/local/sbin
export PATH
case "$1" in
start)
echo "Starting clamd"
if svok /service/clamd ; then
svc -u /service/clamd
else
echo clamd supervise not running
fi
if [ -d /var/lock/subsys ]; then
touch /var/lock/subsys/clamd
fi
;;
stop)
echo "Stopping clamd..."
echo " clamd"
svc -d /service/clamd
if [ -f /var/lock/subsys/clamd ]; then
rm /var/lock/subsys/clamd
fi
;;
stat)
svstat /service/clamd
svstat /service/clamd/log
;;
restart)
echo "Restarting clamd:"
echo "* Stopping clamd."
svc -d /service/clamd
echo "* Sending clamd SIGTERM and restarting."
svc -t /service/clamd
echo "* Restarting clamd."
svc -u /service/clamd
;;
hup)
echo "Sending HUP signal to clamd."
svc -h /service/clamd
;;
help)
cat <<HELP
stop -- stops clamd service (smtp connections refused, nothing goes out)
start -- starts clamd service (smtp connection accepted, mail can go out)
stat -- displays status of clamd service
restart -- stops and restarts the clamd service
hup -- same as reload
HELP
;;
*)
echo "Usage: $0 {start|stop|stat|restart|hup|help}"
exit 1
;;
esac
exit 0
|
使 clamdctl 可执行并链接到路径
#chmod 755 /usr/local/clamav/bin/clamdctl |
#chown clamav /usr/local/clamav/bin/clamdctl |
#ln -s /usr/local/clamav/bin/clamdctl /usr/local/bin |
为 clamd 服务创建 supervise 目录
#mkdir -p /usr/local/clamav/supervise/clamd/log |
现在您必须创建 /usr/local/clamav/supervise/clamd/run 文件,或者只需复制并粘贴下面显示的脚本。此脚本也由 Jesse D. Guardiani 创建
vi /usr/local/clamav/supervise/clamd/run
#!/bin/sh
#
# --------------------------------------------------
# run
#
# Purpose - Start the clamd daemon/service.
#
# Author - Jesse D. Guardiani
# Created - 09/10/03
# Modified - 09/25/03
# --------------------------------------------------
# This script is designed to be run under DJB's
# daemontools package.
#
# ChangeLog
# ---------
#
# 09/25/03 - JDG
# --------------
# - Changed clamd user to qscand in compliance with
# the change to qmail-scanner-1.20rc3
#
# 09/10/03 - JDG
# --------------
# - Created
# --------------------------------------------------
# Copyright (C) 2003 WingNET Internet Services
# Contact: Jesse D. Guardiani (jesse at wingnet dot net)
# --------------------------------------------------
lockfile="/tmp/clamd" # Location of clamd lock file
path_to_clamd="/usr/local/sbin/clamd"
# Location of the clamd binary
BAD_EXIT_CODE=1 # The exit code we use to announce that something bad has happened
# The following pipeline is designed to return the pid of each
# clamd process currently running.
get_clam_pids_pipeline=`ps -ax | grep -E "${path_to_clamd}\$" | grep -v grep | awk '{print $1}'`
# --------------------------------------------------
# Generic helper functions
# --------------------------------------------------
# Basic return code error message function
die_rcode() {
EXIT_CODE=$1
ERROR_MSG=$2
if [ $EXIT_CODE -ne '0' ]; then
echo "$ERROR_MSG" 1>&2
echo "Exiting!" 1>&2
exit "$BAD_EXIT_CODE"
fi
}
# --------------------------------------------------
# Main
# --------------------------------------------------
ps_clamd=""
ps_clamd="$get_clam_pids_pipeline"
if [ -n "$ps_clamd" ]; then
pid_count="0"
for pid in $ps_clamd
do
pid_count=`expr $pid_count + 1`
done
die_rcode $BAD_EXIT_CODE "Error: $pid_count clamd process(es) already running!"
fi
if [ -e "$lockfile" ]; then
rm "$lockfile"
exit_code="$?"
die_rcode $exit_code "Error: 'rm $lockfile' call failed."
fi
exec /usr/local/bin/setuidgid qscand $path_to_clamd
# --
# END /usr/local/clamav/supervise/clamd/run file.
# --
Create the /usr/local/clamav/supervise/clamd/log/run file:
#vi /usr/local/clamav/supervise/clamd/log/run
#!/bin/sh
exec /usr/local/bin/setuidgid qscand /usr/local/bin/multilog t /var/log/clamd
|
使 run 文件可执行
#chmod 755 /usr/local/clamav/supervise/clamd/run |
#chmod 755 /usr/local/clamav/supervise/clamd/log/run |
现在设置日志目录
chown qscand /var/log/clamd |
最后,将 supervise 目录链接到 /service
#ln -s /usr/local/clamav/supervise/clamd /service |
* 注意:在创建这些链接后不久,clamd 脚本将自动启动。如果您不希望它运行,请执行以下操作
要启动 clamd 备份,请执行以下操作