# -----------------------------------------------------------------
# clamd+daemontools HOWTO
# -----------------------------------------------------------------
# Author   : Jesse D. Guardiani 
# Email    : jesse (at) wingnet (dot) net
# Created  : 09/12/03
# Modified : 10/07/03
# Version  : 0.002
# -----------------------------------------------------------------
# This is an unofficial appendix to "Life with qmail"
# (http://www.lifewithqmail.org/).
#
# ChangeLog
# ---------
#
# 10/07/03 - JDG
# --------------
# - The new howto has been updated to be compliant with the UID
#   change in qmail-scanner-1.20rc3. clamd now runs as 'qscand'.
#
# - have added a "ClamAV Install" section to the top of the file.
#   This section provides a cut-and-paste method of adding the
#   clamav user to the FreeBSD password database. You'll probably
#   have to use different syntax/commands under a different OS.
# 
# - made a slight change at the bottom of the howto to better
#   indicate the end of the /usr/local/clamav/supervise/clamd/run
#   file.
#
# 09/12/03 - JDG
# --------------
# - Created
# -----------------------------------------------------------------

# -----------------------------------------------------------------
# 1.) do the Clam AV install
# -----------------------------------------------------------------
    wget http://aleron.dl.sourceforge.net/sourceforge/clamav/clamav-0.60.tar.gz
    tar -xvzf clamav-0.60.tar.gz
    cd clamav-0.60

# --
# NOTE: The below `pw` command is probably specific to FreeBSD.
#       You will probably have to use different syntax/commands
#       under a different OS.
# --
    pw groupadd clamav
    pw useradd clamav -g clamav -c "Clam AntiVirus" -s /nonexistent

    ./configure
    gmake
    gmake install
    cd ..


# -----------------------------------------------------------------
# 2.) do the Clam AV post-install configuration
# -----------------------------------------------------------------
    vim /usr/local/etc/clamav.conf
# --
# Do the following to the clamav.conf file:
# -----------------------------------------
# 1.) Comment out "Example" line.
# 2.) Uncomment "LogSyslog"
# 3.) Uncomment "StreamSaveToDisk"
# 4.) Uncomment "MaxThreads" and change value to "30"
# 5.) Uncomment "User" and change value to "qscand"
# 6.) Uncomment "Foreground"
# 7.) Uncomment "ScanMail"
# --



# --
# Create the clamav directory
# --
    mkdir -p /usr/local/clamav/bin

# --
# Create the clamdctl script
# --
    
    vim /usr/local/clamav/bin/clamdctl

# *****************************************************************
# NOTE: Place this script in /usr/local/clamav/bin/clamdctl
# *****************************************************************

#!/bin/sh

# For Red Hat chkconfig
# chkconfig: - 80 30
# description: the ClamAV clamd daemon

PATH=/usr/local/clamav/bin:/bin:/usr/bin:/usr/local/bin:/usr/local/sbin
export PATH

case "$1" in
  start)
    echo "Starting clamd"
    if svok /service/clamd ; then
      svc -u /service/clamd
    else
      echo clamd supervise not running
    fi  
    if [ -d /var/lock/subsys ]; then
      touch /var/lock/subsys/clamd
    fi
    ;;
  stop)
    echo "Stopping clamd..."
    echo "  clamd"
    svc -d /service/clamd
    if [ -f /var/lock/subsys/clamd ]; then
      rm /var/lock/subsys/clamd
    fi
    ;;
  stat)
    svstat /service/clamd
    svstat /service/clamd/log
    ;;
  restart)
    echo "Restarting clamd:"
    echo "* Stopping clamd."
    svc -d /service/clamd
    echo "* Sending clamd SIGTERM and restarting."
    svc -t /service/clamd
    echo "* Restarting clamd."
    svc -u /service/clamd
    ;;
  hup)
    echo "Sending HUP signal to clamd."
    svc -h /service/clamd
    ;;
  help)
    cat <<HELP
   stop -- stops clamd service (smtp connections refused, nothing goes out)
  start -- starts clamd service (smtp connection accepted, mail can go out)
   stat -- displays status of clamd service
restart -- stops and restarts the clamd service
    hup -- same as reload
HELP
    ;;
  *)
    echo "Usage: $0 {start|stop|stat|restart|hup|help}"
    exit 1
    ;;
esac

exit 0


# --
# Create your boot symlink to clamdctl:
# --
    ln -s /usr/local/clamav/bin/clamdctl /usr/local/etc/rc.d/clamdctl.sh


# --
# Make clamdctl an executable and link to path:
# --
    chmod 755 /usr/local/clamav/bin/clamdctl
    chown clamav /usr/local/clamav/bin/clamdctl
    ln -s /usr/local/clamav/bin/clamdctl /usr/local/bin


# --
# Create the supervise directories for the clamd service:
# --

    mkdir -p /usr/local/clamav/supervise/clamd/log

    vim /usr/local/clamav/supervise/clamd/run
# --
# Create the /usr/local/clamav/supervise/clamd/run file:
# --

#!/bin/sh
#
# --------------------------------------------------
# run
#
# Purpose     - Start the clamd daemon/service.
#                               
# Author      - Jesse D. Guardiani
# Created     - 09/10/03
# Modified    - 09/25/03
# --------------------------------------------------
# This script is designed to be run under DJB's
# daemontools package.
#         
#  ChangeLog
#  ---------
#
#  09/25/03 - JDG
#  --------------
#  - Changed clamd user to qscand in compliance with
#    the change to qmail-scanner-1.20rc3
#
#  09/10/03 - JDG
#  --------------
#  - Created
# --------------------------------------------------
# Copyright (C) 2003 WingNET Internet Services
# Contact: Jesse D. Guardiani (jesse at wingnet dot net)
# --------------------------------------------------

lockfile="/tmp/clamd"   # Location of clamd lock file
path_to_clamd="/usr/local/sbin/clamd"
                        # Location of the clamd binary
BAD_EXIT_CODE=1         # The exit code we use to announce that something bad has happened

# The following pipeline is designed to return the pid of each
# clamd process currently running.
get_clam_pids_pipeline=`ps -ax | grep -E "${path_to_clamd}\$" | grep -v grep | awk '{print $1}'`


# --------------------------------------------------
# Generic helper functions
# --------------------------------------------------

# Basic return code error message function
die_rcode() {
	EXIT_CODE=$1
	ERROR_MSG=$2

	if [ $EXIT_CODE -ne '0' ]; then
		echo "$ERROR_MSG" 1>&2
		echo "Exiting!" 1>&2
		exit "$BAD_EXIT_CODE"
	fi
}


# --------------------------------------------------
# Main
# --------------------------------------------------

ps_clamd=""
ps_clamd="$get_clam_pids_pipeline"

if [ -n "$ps_clamd" ]; then
	pid_count="0"
	for pid in $ps_clamd
	do
		pid_count=`expr $pid_count + 1`
	done
	
	die_rcode $BAD_EXIT_CODE "Error: $pid_count clamd process(es) already running!"

fi

if [ -e "$lockfile" ]; then
	rm "$lockfile"
	exit_code="$?"
	die_rcode $exit_code "Error: 'rm $lockfile' call failed."
fi

exec /usr/local/bin/setuidgid qscand $path_to_clamd

# --
# END /usr/local/clamav/supervise/clamd/run file.
# --


    vim /usr/local/clamav/supervise/clamd/log/run
# --
# Create the /usr/local/clamav/supervise/clamd/log/run file:
# --

#!/bin/sh
exec /usr/local/bin/setuidgid qscand /usr/local/bin/multilog t s1000000 n20 /var/log/clamd


# Make the run files executable:

    chmod 755 /usr/local/clamav/supervise/clamd/run
    chmod 755 /usr/local/clamav/supervise/clamd/log/run

# Then set up the log directories:

    mkdir -p /var/log/clamd
    chown qscand /var/log/clamd 

# Finally, link the supervise directory into /service:

    ln -s /usr/local/clamav/supervise/clamd /service

# *****************************************************************
# Note: The clamd script will start automatically shortly 
#       after these links are created. If you don't want it running
#       yet, do the following:
# *****************************************************************
    clamdctl stop