AnsibleRoles/ensure_clamav
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Ensure that clamonacc restarts when it fails

Browse Source
This commit is contained in:
Jason Rothstein 2021-07-15 00:51:34 +00:00
parent 33f99de4fe
commit 1559e309fe
2 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
templates/Fedora/34/etc/clamd.d/scan.conf
View File

@ -302,36 +302,30 @@ User clamscan
# ELF) and alert on them with the Broken.Executable heuristic signature. # ELF) and alert on them with the Broken.Executable heuristic signature.
# Default: no # Default: no
#AlertBrokenExecutables yes #AlertBrokenExecutables yes
AlertBrokenExecutables yes
# With this option clamav will try to detect broken media file (JPEG, # With this option clamav will try to detect broken media file (JPEG,
# TIFF, PNG, GIF) and alert on them with a Broken.Media heuristic signature. # TIFF, PNG, GIF) and alert on them with a Broken.Media heuristic signature.
# Default: no # Default: no
#AlertBrokenMedia yes #AlertBrokenMedia yes
AlertBrokenMedia yes
# Alert on encrypted archives _and_ documents with heuristic signature # Alert on encrypted archives _and_ documents with heuristic signature
# (encrypted .zip, .7zip, .rar, .pdf). # (encrypted .zip, .7zip, .rar, .pdf).
# Default: no # Default: no
#AlertEncrypted yes #AlertEncrypted yes
AlertEncrypted yes
# Alert on encrypted archives with heuristic signature (encrypted .zip, .7zip, # Alert on encrypted archives with heuristic signature (encrypted .zip, .7zip,
# .rar). # .rar).
# Default: no # Default: no
#AlertEncryptedArchive yes #AlertEncryptedArchive yes
AlertEncryptedArchive yes
# Alert on encrypted archives with heuristic signature (encrypted .pdf). # Alert on encrypted archives with heuristic signature (encrypted .pdf).
# Default: no # Default: no
#AlertEncryptedDoc yes #AlertEncryptedDoc yes
AlertEncryptedDoc yes
# With this option enabled OLE2 files containing VBA macros, which were not # With this option enabled OLE2 files containing VBA macros, which were not
# detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros". # detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros".
# Default: no # Default: no
#AlertOLE2Macros yes #AlertOLE2Macros yes
AlertOLE2Macros yes
# Alert on SSL mismatches in URLs, even if the URL isn't in the database. # Alert on SSL mismatches in URLs, even if the URL isn't in the database.
# This can lead to false positives. # This can lead to false positives.
@ -346,7 +340,6 @@ AlertOLE2Macros yes
# Alert on raw DMG image files containing partition intersections # Alert on raw DMG image files containing partition intersections
# Default: no # Default: no
#AlertPartitionIntersection yes #AlertPartitionIntersection yes
AlertPartitionIntersection yes
## ##
@ -691,6 +684,9 @@ AlertPartitionIntersection yes
# Set the exclude paths. All subdirectories are also excluded. # Set the exclude paths. All subdirectories are also excluded.
# Default: disabled # Default: disabled
#OnAccessExcludePath /home/user #OnAccessExcludePath /home/user
{% if quarantine_directory is defined %}
OnAccessExcludePath {{ quarantine_directory }}
{% endif %}
# Modifies fanotify blocking behaviour when handling permission events. # Modifies fanotify blocking behaviour when handling permission events.
# If off, fanotify will only notify if the file scanned is a virus, # If off, fanotify will only notify if the file scanned is a virus,

1
templates/Fedora/34/usr/lib/systemd/system/clamav-clamonacc.service
View File

@ -10,6 +10,7 @@ After=clamd@scan.service syslog.target network.target
Type=simple Type=simple
User=root User=root
ExecStart=/usr/sbin/clamonacc -F --config-file=/etc/clamd.d/scan.conf --move={{ quarantine_directory }} --fdpass ExecStart=/usr/sbin/clamonacc -F --config-file=/etc/clamd.d/scan.conf --move={{ quarantine_directory }} --fdpass
Restart=on-failure
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target