#!/bin/sh set -e # Source debconf library . /usr/share/debconf/confmodule # This conf script is capable of backing up db_version 2.0 db_capb backup to_lower() { word="$1" lcword=$(echo "$word" | tr A-Z a-z) echo "$lcword" } is_true() { var="$1" lcvar=$(to_lower "$var") [ 'true' = "$lcvar" ] || [ 'yes' = "$lcvar" ] || [ 1 = "$lcvar" ] return $? } ucf_cleanup() { # This only does something if I've fucked up before # Not entirely impossible :( configfile=$1 if [ `grep "$configfile" /var/lib/ucf/hashfile | wc -l` -gt 1 ]; then grep -v "$configfile" /var/lib/ucf/hashfile > /var/lib/ucf/hashfile.tmp grep "$configfile" /var/lib/ucf/hashfile | tail -n 1 >> /var/lib/ucf/hashfile.tmp mv /var/lib/ucf/hashfile.tmp /var/lib/ucf/hashfile fi } add_to_ucf() { configfile=$1 ucffile=$2 if ! grep -q "$configfile" /var/lib/ucf/hashfile; then md5sum $configfile >> /var/lib/ucf/hashfile cp $configfile $ucffile fi } ucf_upgrade_check() { configfile=$1 sourcefile=$2 ucffile=$3 if [ -f "$configfile" ]; then add_to_ucf $configfile $ucffile ucf --three-way --debconf-ok "$sourcefile" "$configfile" else [ -d /var/lib/ucf/cache ] || mkdir -p /var/lib/ucf/cache cp $sourcefile $configfile add_to_ucf $configfile $ucffile fi } slurp_config() { CLAMAVCONF="$1" if [ -e "$CLAMAVCONF" ]; then for variable in `egrep -v '^[[:space:]]*(#|$)' "$CLAMAVCONF" | awk '{print $1}'`; do if [ "$variable" = 'DatabaseMirror' ]; then if [ -z "$DatabaseMirror" ]; then for i in `grep ^$variable $CLAMAVCONF | awk '{print $2}'`; do value="$i $value" done else continue fi elif [ "$variable" = 'IncludePUA' ]; then if [ -z "$IncludePUA" ]; then for i in `grep ^$variable $CLAMAVCONF | awk '{print $2}'`; do value="$i $value" done else continue fi elif [ "$variable" = 'ExcludePUA' ]; then if [ -z "$ExcludePUA" ]; then for i in `grep ^$variable $CLAMAVCONF | awk '{print $2}'`; do value="$i $value" done else continue fi elif [ "$variable" = 'VirusEvent' ] || [ "$variable" = 'OnUpdateExecute' ] || [ "$variable" = 'OnErrorExecute' ]; then value=`grep ^$variable $CLAMAVCONF | head -n1 | sed -e s/$variable\ //` else value=`grep ^$variable $CLAMAVCONF | head -n1 | awk '{print $2}'` fi if [ -z "$value" ]; then export "$variable"="true" elif [ "$value" != "$variable" ]; then export "$variable"="$value" else export "$variable"="true" fi unset value done fi } make_dir() { DIR=$1 if [ -d "$DIR" ]; then return 0; fi [ -n "$User" ] || User=clamav mkdir -p -m 0755 "$DIR" chown "$User:$User" "$DIR" } # migrate settings from previous /etc/default/clamav-milter if [ -e "/etc/default/clamav-milter" ] ; then . /etc/default/clamav-milter if [ -n "$SOCKET" ] ; then MilterSocket=$SOCKET fi if [ -n "$PIDFILE" ] ; then PidFile=$PIDFILE fi fi CLAMAVMILTERCONF='/etc/clamav/clamav-milter.conf' CLAMDCONF='/etc/clamav/clamd.conf' HAVEMILTERCONF=true if ! [ -e "$CLAMAVMILTERCONF" ]; then if [ -e "$CLAMDCONF" ]; then slurp_config "$CLAMDCONF" fi HAVEMILTERCONF=false else slurp_config "$CLAMAVMILTERCONF" fi # Store conf file values as debconf answers - make sure user changes made # outside of debconf are preserved if [ -n "$MilterSocket" ]; then db_set clamav-milter/MilterSocket "$MilterSocket" || true fi if [ "$FixStaleSocket" = "true" ]; then db_set clamav-milter/FixStaleSocket true || true fi if [ -n "$User" ]; then db_set clamav-milter/User "$User" || true if ! [ "$User" = 'root' ]; then AddGroups=`groups "$User" | awk -F ':' '{print $2}' | sed -e s/"$User"//` fi if [ -n "$AddGroups" ]; then db_set clamav-milter/AddGroups "$AddGroups" || true fi fi if [ -n "$ReadTimeout" ]; then db_set clamav-milter/ReadTimeout "$ReadTimeout" || true fi if [ "$Foreground" = "true" ]; then db_set clamav-milter/Foreground true || true fi if [ -n "$Chroot" ]; then db_set clamav-milter/Chroot "$Chroot" || true fi if [ "$HAVEMILTERCONF" = 'true' ] && [ -n "$PidFile" ]; then db_set clamav-milter/PidFile "$PidFile" || true fi if [ -n "$TemporaryDirectory" ]; then db_set clamav-milter/TemporaryDirectory "$TemporaryDirectory" || true fi if [ -n "$ClamdSocket" ]; then db_set clamav-milter/ClamdSocket "$ClamdSocket" || true else if [ "$HAVEMILTERCONF" = 'false' ]; then if [ -n "$LocalSocket" ]; then db_set clamav-milter/ClamdSocket "unix:${LocalSocket}" || true elif [ -n "$TCPSocket" ]; then if [ -n "$TCPAddr" ] ; then db_set clamav-milter/ClamdSocket "tcp:${TCPAddr}:${TCPSocket}" || true else db_set clamav-milter/ClamdSocket "tcp:127.0.0.1:${TCPSocket}" || true fi fi fi fi if [ -n "$LocalNet" ]; then db_set clamav-milter/LocalNet "$LocalNet" || true fi if [ -n "$Whitelist" ]; then db_set clamav-milter/Whitelist "$Whitelist" || true fi if [ -n "$OnClean" ]; then db_set clamav-milter/OnClean "$OnClean" || true fi if [ -n "$OnInfected" ]; then db_set clamav-milter/OnInfected "$OnInfected" || true fi if [ -n "$OnFail" ]; then db_set clamav-milter/OnFail "$OnFail" || true fi if [ -n "$RejectMsg" ]; then db_set clamav-milter/RejectMsg "$RejectMsg" || true fi if [ "$AddHeader" = "true" ]; then db_set clamav-milter/AddHeader true || true fi if [ "$HAVEMILTERCONF" = 'true' ] && [ -n "$LogFile" ]; then db_set clamav-milter/LogFile "$LogFile" || true fi if [ "$LogFileUnlock" = "true" ]; then db_set clamav-milter/LogFileUnlock true || true fi if [ -n "$LogFileMaxSize" ]; then LogFileMaxSize="`echo $LogFileMaxSize | sed -e s/M//`" db_set clamav-milter/LogFileMaxSize "$LogFileMaxSize" || true fi if [ "$LogTime" = "true" ]; then db_set clamav-milter/LogTime true || true fi if [ "$LogSyslog" = "true" ]; then db_set clamav-milter/LogSyslog true || true fi if [ -n "$LogFacility" ]; then db_set clamav-milter/LogFacility "$LogFacility" || true fi if [ "$LogVerbose" = "true" ]; then db_set clamav-milter/LogVerbose true || true fi if [ -n "$LogInfected" ]; then db_set clamav-milter/LogInfected "$LogInfected" || true fi if [ -n "$MaxFileSize" ]; then MaxFileSize="`echo $RET | sed -e s/M//g`" else MaxFileSize=25 fi db_set clamav-milter/MaxFileSize "$MaxFileSize" || true # Functions isdigit () { case $1 in [[:digit:]]*) ISDIGIT=1 ;; *) ISDIGIT=0 ;; esac } inputdigit () { ISDIGIT=0 while [ "$ISDIGIT" = '0' ]; do db_input "$1" "$2" || true if ! db_go; then return 30 fi db_get $2 || true isdigit $RET if [ "$ISDIGIT" = '0' ]; then db_input critical clamav-milter/numinfo || true db_go fi done return 0 } # States StateDebconf() { db_input medium clamav-milter/debconf || true if ! db_go; then STATE="End" else db_get clamav-milter/debconf || true if [ "$RET" = "false" ]; then STATE="End" else STATE="MilterSocket" fi fi } StateMilterSocket() { db_input low clamav-milter/MilterSocket || true if db_go; then STATE="FixStaleSocket" else STATE="Debconf" fi } StateFixStaleSocket() { db_input low clamav-milter/FixStaleSocket || true if db_go; then STATE="User" else STATE="MilterSocket" fi } StateUser() { db_input medium clamav-milter/User || true if db_go; then db_metaget clamav-milter/User value if [ "$RET" = "" ]; then db_set clamav-milter/User "clamav" || true fi STATE="ReadTimeout" else STATE="FixStaleSocket" fi } StateReadTimeout() { if inputdigit low clamav-milter/ReadTimeout ; then STATE="Foreground" else STATE="User" fi } StateForeground() { db_input low clamav-milter/Foreground || true if db_go; then STATE="Chroot" else STATE="ReadTimeout" fi } StateChroot() { db_input low clamav-milter/Chroot || true if db_go; then STATE="PidFile" else STATE="Foreground" fi } StatePidFile() { db_input low clamav-milter/PidFile || true if db_go; then STATE="TemporaryDirectory" else STATE="Chroot" fi } StateTemporaryDirectory() { db_input low clamav-milter/TemporaryDirectory || true if db_go; then STATE="ClamdSocket" else STATE="PidFile" fi } StateClamdSocket() { db_input low clamav-milter/ClamdSocket || true if db_go; then STATE="LocalNet" else STATE="TemporaryDirectory" fi } StateLocalNet() { db_input low clamav-milter/LocalNet || true if db_go; then STATE="Whitelist" else STATE="ClamdSocket" fi } StateWhitelist() { db_input low clamav-milter/Whitelist || true if db_go; then STATE="OnClean" else STATE="LocalNet" fi } StateOnClean() { db_input low clamav-milter/OnClean || true if db_go; then STATE="OnInfected" else STATE="Whitelist" fi } StateOnInfected() { db_input low clamav-milter/OnInfected || true if db_go; then STATE="OnFail" else STATE="OnClean" fi } StateOnFail() { db_input low clamav-milter/OnFail || true if db_go; then STATE="RejectMsg" else STATE="OnInfected" fi } StateRejectMsg() { db_input low clamav-milter/RejectMsg || true if db_go; then STATE="AddHeader" else STATE="OnFail" fi } StateAddHeader() { db_input low clamav-milter/AddHeader || true if db_go; then STATE="LogFile" else STATE="RejectMsg" fi } StateLogFile() { db_input low clamav-milter/LogFile || true if db_go; then db_metaget clamav-milter/LogFile value if [ "$RET" = "" ]; then db_set clamav-milter/LogFile "/var/log/clamav/clamav-milter.log" || true STATE="LogFileUnlock" elif [ "$RET" = 'none' ]; then db_set clamav-milter/LogFile "" || true STATE="LogSyslog" else STATE="LogFileUnlock" fi else STATE="AddHeader" fi } StateLogFileUnlock() { db_input low clamav-milter/LogFileUnlock || true if db_go; then STATE="LogFileMaxSize" else STATE="LogFile" fi } StateLogFileMaxSize() { if inputdigit low clamav-milter/LogFileMaxSize ; then STATE="LogTime" else STATE="LogFileUnlock" fi } StateLogTime() { db_input low clamav-milter/LogTime || true if db_go; then STATE="LogSyslog" else STATE="LogFileMaxSize" fi } StateLogSyslog() { db_input low clamav-milter/LogSyslog || true if db_go; then STATE="LogFacility" else STATE="LogTime" fi } StateLogFacility() { db_input low clamav-milter/LogFacility || true if db_go; then STATE="LogVerbose" else STATE="LogSyslog" fi } StateLogVerbose() { db_input low clamav-milter/LogVerbose || true if db_go; then STATE="LogInfected" else STATE="LogFacility" fi } StateLogInfected() { db_input low clamav-milter/LogInfected || true if db_go; then STATE="MaxFileSize" else STATE="LogVerbose" fi } StateMaxFileSize() { if inputdigit low clamav-milter/MaxFileSize ; then STATE="End" else STATE="LogInfected" fi } # To many options to configure at configure if [ "$1" = "reconfigure" ]; then STATE="Init" elif [ -n "$2" ]; then if [ -z "$User" ]; then STATE="User" fi else STATE="End" fi [ -z "$STATE" ] && STATE='End' # This is the statemachine that controls execution. All the 'real' work is # performed by subfunctions above. while [ "$STATE" != "End" ]; do case "$STATE" in "Init") StateDebconf ;; "MilterSocket") StateMilterSocket ;; "FixStaleSocket") StateFixStaleSocket ;; "User") StateUser ;; "ReadTimeout") StateReadTimeout ;; "Foreground") StateForeground ;; "Chroot") StateChroot ;; "PidFile") StatePidFile ;; "TemporaryDirectory") StateTemporaryDirectory ;; "ClamdSocket") StateClamdSocket ;; "LocalNet") StateLocalNet ;; "Whitelist") StateWhitelist ;; "OnClean") StateOnClean ;; "OnInfected") StateOnInfected ;; "OnFail") StateOnFail ;; "RejectMsg") StateRejectMsg ;; "AddHeader") StateAddHeader ;; "LogFile") StateLogFile ;; "LogFileUnlock") StateLogFileUnlock ;; "LogFileMaxSize") StateLogFileMaxSize ;; "LogTime") StateLogTime ;; "LogSyslog") StateLogSyslog ;; "LogFacility") StateLogFacility ;; "LogVerbose") StateLogVerbose ;; "LogInfected") StateLogInfected ;; "MaxFileSize") StateMaxFileSize ;; esac done db_stop || true exit 0