diff --git a/data/Dockerfiles/clamav/Dockerfile b/data/Dockerfiles/clamav/Dockerfile new file mode 100755 index 00000000..e043b98a --- /dev/null +++ b/data/Dockerfiles/clamav/Dockerfile @@ -0,0 +1,44 @@ +FROM debian:latest +MAINTAINER https://m-ko.de Markus Kosmal + +# Debian Base to use +ENV DEBIAN_VERSION jessie + +# initial install of av daemon +RUN echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION main contrib non-free" > /etc/apt/sources.list && \ + echo "deb http://http.debian.net/debian/ $DEBIAN_VERSION-updates main contrib non-free" >> /etc/apt/sources.list && \ + echo "deb http://security.debian.org/ $DEBIAN_VERSION/updates main contrib non-free" >> /etc/apt/sources.list && \ + apt-get update && \ + DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y -qq \ + clamav-daemon \ + clamav-freshclam \ + libclamunrar7 \ + wget && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* + +# initial update of av databases +RUN wget -O /var/lib/clamav/main.cvd http://database.clamav.net/main.cvd && \ + wget -O /var/lib/clamav/daily.cvd http://database.clamav.net/daily.cvd && \ + wget -O /var/lib/clamav/bytecode.cvd http://database.clamav.net/bytecode.cvd && \ + chown clamav:clamav /var/lib/clamav/*.cvd + +# permission juggling +RUN mkdir /var/run/clamav && \ + chown clamav:clamav /var/run/clamav && \ + chmod 750 /var/run/clamav + +# av configuration update +RUN sed -i 's/^Foreground .*$/Foreground true/g' /etc/clamav/clamd.conf && \ + echo "TCPSocket 3310" >> /etc/clamav/clamd.conf && \ + sed -i 's/^Foreground .*$/Foreground true/g' /etc/clamav/freshclam.conf + +# volume provision +VOLUME ["/var/lib/clamav"] + +# port provision +EXPOSE 3310 + +# av daemon bootstrapping +ADD bootstrap.sh / +CMD ["/bootstrap.sh"] diff --git a/data/Dockerfiles/clamav/bootstrap.sh b/data/Dockerfiles/clamav/bootstrap.sh new file mode 100755 index 00000000..635e93ea --- /dev/null +++ b/data/Dockerfiles/clamav/bootstrap.sh @@ -0,0 +1,35 @@ +#!/bin/bash +# bootstrap clam av service and clam av database updater shell script +# presented by mko (Markus Kosmal) +set -m + +# start clam service itself and the updater in background as daemon +freshclam -d & +clamd & + +# recognize PIDs +pidlist=`jobs -p` + +# initialize latest result var +latest_exit=0 + +# define shutdown helper +function shutdown() { + trap "" SUBS + + for single in $pidlist; do + if ! kill -0 $pidlist 2>/dev/null; then + wait $pidlist + exitcode=$? + fi + done + + kill $pidlist 2>/dev/null +} + +# run shutdown +trap terminate SUBS +wait + +# return received result +exit $latest_exit