5. Setting up Clamd and Using With Daemontools

Edit /etc/clamd.conf and make the following changes.

#vi /etc/clamd.conf
Uncomment "LogSyslog"
Uncomment "StreamSaveToDisk"
Uncomment "MaxThreads" and change value to "30"
Uncomment "User" and change value to "qscand"
Uncomment "Foreground"
Uncomment "ScanMail"

Create the clamav directory.

#mkdir -p /usr/local/clamav/bin

Now create a startup/shutdown script for clamd. Copy and paste the script shown below. This script was written by Jesse D. Guardiani.

     
#vi /usr/local/clamav/bin/clamdctl

#!/bin/sh

# For Red Hat chkconfig
# chkconfig: - 80 30
# description: the ClamAV clamd daemon

PATH=/usr/local/clamav/bin:/bin:/usr/bin:/usr/local/bin:/usr/local/sbin
export PATH

case "$1" in
  start)
    echo "Starting clamd"
    if svok /service/clamd ; then
      svc -u /service/clamd
    else
      echo clamd supervise not running
    fi  
    if [ -d /var/lock/subsys ]; then
      touch /var/lock/subsys/clamd
    fi
    ;;
  stop)
    echo "Stopping clamd..."
    echo "  clamd"
    svc -d /service/clamd
    if [ -f /var/lock/subsys/clamd ]; then
      rm /var/lock/subsys/clamd
    fi
    ;;
  stat)
    svstat /service/clamd
    svstat /service/clamd/log
    ;;
  restart)
    echo "Restarting clamd:"
    echo "* Stopping clamd."
    svc -d /service/clamd
    echo "* Sending clamd SIGTERM and restarting."
    svc -t /service/clamd
    echo "* Restarting clamd."
    svc -u /service/clamd
    ;;
  hup)
    echo "Sending HUP signal to clamd."
    svc -h /service/clamd
    ;;
  help)
    cat <<HELP
   stop -- stops clamd service (smtp connections refused, nothing goes out)
  start -- starts clamd service (smtp connection accepted, mail can go out)
   stat -- displays status of clamd service
restart -- stops and restarts the clamd service
    hup -- same as reload
HELP
    ;;
  *)
    echo "Usage: $0 {start|stop|stat|restart|hup|help}"
    exit 1
    ;;
esac

exit 0


			

Make clamdctl an executable and link to path:

#chmod 755 /usr/local/clamav/bin/clamdctl
#chown clamav /usr/local/clamav/bin/clamdctl
#ln -s /usr/local/clamav/bin/clamdctl /usr/local/bin

Create the supervise directories for the clamd service:

#mkdir -p /usr/local/clamav/supervise/clamd/log

Now you must create the /usr/local/clamav/supervise/clamd/run file, or just copy and paste the script shown below. This script was also created by Jesse D. Guardiani:

vi /usr/local/clamav/supervise/clamd/run

#!/bin/sh
#
# --------------------------------------------------
# run
#
# Purpose     - Start the clamd daemon/service.
#                               
# Author      - Jesse D. Guardiani
# Created     - 09/10/03
# Modified    - 09/25/03
# --------------------------------------------------
# This script is designed to be run under DJB's
# daemontools package.
#         
#  ChangeLog
#  ---------
#
#  09/25/03 - JDG
#  --------------
#  - Changed clamd user to qscand in compliance with
#    the change to qmail-scanner-1.20rc3
#
#  09/10/03 - JDG
#  --------------
#  - Created
# --------------------------------------------------
# Copyright (C) 2003 WingNET Internet Services
# Contact: Jesse D. Guardiani (jesse at wingnet dot net)
# --------------------------------------------------

lockfile="/tmp/clamd"   # Location of clamd lock file
path_to_clamd="/usr/local/sbin/clamd"
                        # Location of the clamd binary
BAD_EXIT_CODE=1         # The exit code we use to announce that something bad has happened

# The following pipeline is designed to return the pid of each
# clamd process currently running.
get_clam_pids_pipeline=`ps -ax | grep -E "${path_to_clamd}\$" | grep -v grep | awk '{print $1}'`


# --------------------------------------------------
# Generic helper functions
# --------------------------------------------------

# Basic return code error message function
die_rcode() {
	EXIT_CODE=$1
	ERROR_MSG=$2

	if [ $EXIT_CODE -ne '0' ]; then
		echo "$ERROR_MSG" 1>&2
		echo "Exiting!" 1>&2
		exit "$BAD_EXIT_CODE"
	fi
}


# --------------------------------------------------
# Main
# --------------------------------------------------

ps_clamd=""
ps_clamd="$get_clam_pids_pipeline"

if [ -n "$ps_clamd" ]; then
	pid_count="0"
	for pid in $ps_clamd
	do
		pid_count=`expr $pid_count + 1`
	done
	
	die_rcode $BAD_EXIT_CODE "Error: $pid_count clamd process(es) already running!"

fi

if [ -e "$lockfile" ]; then
	rm "$lockfile"
	exit_code="$?"
	die_rcode $exit_code "Error: 'rm $lockfile' call failed."
fi

exec /usr/local/bin/setuidgid qscand $path_to_clamd

# --
# END /usr/local/clamav/supervise/clamd/run file.
# --

Create the /usr/local/clamav/supervise/clamd/log/run file:

#vi /usr/local/clamav/supervise/clamd/log/run

#!/bin/sh
exec /usr/local/bin/setuidgid qscand /usr/local/bin/multilog t /var/log/clamd
			

Make the run files executable:

#chmod 755 /usr/local/clamav/supervise/clamd/run
#chmod 755 /usr/local/clamav/supervise/clamd/log/run

Now set up the log directories:

#mkdir -p /var/log/clamd
chown qscand /var/log/clamd

Finally, link the supervise directory into /service:

#ln -s /usr/local/clamav/supervise/clamd /service

* Note: The clamd script will start automatically shortly after these links are created. If you don't want it running, do the following:

#clamdctl stop

To start clamd backup, do the following

#clamdctl start