diff -Naur clamav-0.100.1/etc/clamav-milter.conf.sample clamav-0.100.1.oden/etc/clamav-milter.conf.sample --- clamav-0.100.1/etc/clamav-milter.conf.sample 2014-05-06 20:39:56.000000000 +0200 +++ clamav-0.100.1.oden/etc/clamav-milter.conf.sample 2018-07-19 09:01:10.130997997 +0200 @@ -2,10 +2,6 @@ ## Example config file for clamav-milter ## -# Comment or remove the line below. -Example - - ## ## Main options ## @@ -19,6 +15,7 @@ # Default: no default #MilterSocket /tmp/clamav-milter.socket #MilterSocket inet:7357 +MilterSocket /var/lib/clamav/clamav-milter.socket # Define the group ownership for the (unix) milter socket. # Default: disabled (the primary group of the user running clamd) @@ -31,13 +28,13 @@ # Remove stale socket after unclean shutdown. # # Default: yes -#FixStaleSocket yes +FixStaleSocket yes # Run as another user (clamav-milter must be started by root for this option # to work) # # Default: unset (don't drop privileges) -#User clamav +User clamav # Waiting for data from clamd will timeout after this time (seconds). # Value of 0 disables the timeout. @@ -61,12 +58,12 @@ # daemon (main thread). # # Default: disabled -#PidFile /var/run/clamav-milter.pid +PidFile /run/clamav/clamav-milter.pid # Optional path to the global temporary directory. # Default: system specific (usually /tmp or /var/tmp). # -#TemporaryDirectory /var/tmp +TemporaryDirectory /var/lib/clamav/tmp ## ## Clamd options @@ -89,6 +86,7 @@ # # Default: no default #ClamdSocket tcp:scanner.mydomain:7357 +ClamdSocket unix:/var/lib/clamav/clamd.socket ## @@ -211,7 +209,7 @@ # A full path is required. # # Default: disabled -#LogFile /tmp/clamav-milter.log +LogFile /var/log/clamav/clamav-milter.log # By default the log file is locked for writing - the lock protects against # running clamav-milter multiple times. @@ -249,7 +247,7 @@ # Enable verbose logging. # # Default: no -#LogVerbose yes +LogVerbose yes # Enable log rotation. Always enabled when LogFileMaxSize is enabled. # Default: no diff -Naur clamav-0.101.4/etc/clamd.conf.sample clamav-0.101.4.oden/etc/clamd.conf.sample --- clamav-0.101.4/etc/clamd.conf.sample 2014-05-06 20:39:56.000000000 +0200 +++ clamav-0.101.4.oden/etc/clamd.conf.sample 2018-07-19 09:01:24.222998785 +0200 @@ -3,15 +3,11 @@ ## Please read the clamd.conf(5) manual before editing this file. ## - -# Comment or remove the line below. -Example - # Uncomment this option to enable logging. # LogFile must be writable for the user running daemon. # A full path is required. # Default: disabled -#LogFile /tmp/clamd.log +LogFile /var/log/clamav/clamd.log # By default the log file is locked for writing - the lock protects against # running clamd multiple times (if want to run another clamd, please @@ -50,7 +46,7 @@ # Enable verbose logging. # Default: no -#LogVerbose yes +LogVerbose yes # Enable log rotation. Always enabled when LogFileMaxSize is enabled. # Default: no @@ -71,15 +67,15 @@ # This option allows you to save a process identifier of the listening # daemon (main thread). # Default: disabled -#PidFile /var/run/clamd.pid +PidFile /run/clamav/clamd.pid # Optional path to the global temporary directory. # Default: system specific (usually /tmp or /var/tmp). -#TemporaryDirectory /var/tmp +TemporaryDirectory /var/lib/clamav/tmp # Path to the database directory. # Default: hardcoded (depends on installation options) -#DatabaseDirectory /var/lib/clamav +DatabaseDirectory /var/lib/clamav # Only load the official signatures published by the ClamAV project. # Default: no @@ -90,7 +86,7 @@ # Path to a local socket file the daemon will listen on. # Default: disabled (must be specified by a user) -#LocalSocket /tmp/clamd.socket +LocalSocket /var/lib/clamav/clamd.socket # Sets the group ownership on the unix socket. # Default: disabled (the primary group of the user running clamd) @@ -102,7 +98,7 @@ # Remove stale socket after unclean shutdown. # Default: yes -#FixStaleSocket yes +FixStaleSocket yes # TCP port address. # Default: no @@ -137,11 +133,11 @@ # Maximum number of threads running at the same time. # Default: 10 -#MaxThreads 20 +MaxThreads 64 # Waiting for data from a client socket will timeout after this time (seconds). # Default: 120 -#ReadTimeout 300 +ReadTimeout 300 # This option specifies the time (in seconds) after which clamd should # timeout if a client doesn't provide any initial command after connecting. @@ -165,7 +161,7 @@ # max is 1024). # # Default: 100 -#MaxQueue 200 +MaxQueue 200 # Waiting for a new job will timeout after this time (seconds). # Default: 30 @@ -183,11 +179,11 @@ # Follow directory symlinks. # Default: no -#FollowDirectorySymlinks yes +FollowDirectorySymlinks yes # Follow regular file symlinks. # Default: no -#FollowFileSymlinks yes +FollowFileSymlinks yes # Scan files and directories on other filesystems. # Default: yes @@ -204,7 +200,7 @@ # Run as another user (clamd must be started by root for this option to work) # Default: don't drop privileges -#User clamav +User clamav # Stop daemon when libclamav reports out of memory condition. #ExitOnOOM yes @@ -332,7 +328,7 @@ # and Petite. If you turn off this option, the original files will still be # scanned, but without additional processing. # Default: yes -#ScanPE yes +ScanPE yes # Certain PE files contain an authenticode signature. By default, we check # the signature chain in the PE file against a database of trusted and @@ -361,7 +357,7 @@ # If you turn off this option, the original files will still be scanned, but # without additional processing. # Default: yes -#ScanOLE2 yes +ScanOLE2 yes # This option enables scanning within PDF files. # If you turn off this option, the original files will still be scanned, but @@ -396,7 +392,7 @@ # If you turn off this option, the original files will still be scanned, but # without parsing individual messages/attachments. # Default: yes -#ScanMail yes +ScanMail yes # Scan RFC1341 messages split over many emails. # You will need to periodically clean up $TemporaryDirectory/clamav-partial @@ -409,7 +405,7 @@ # With this option enabled ClamAV will try to detect phishing attempts by using # HTML.Phishing and Email.Phishing NDB signatures. # Default: yes -#PhishingSignatures no +PhishingSignatures yes # With this option enabled ClamAV will try to detect phishing attempts by # analyzing URLs found in emails using WDB and PDB signature databases. @@ -454,7 +450,7 @@ # Default: yes # If you turn off this option, the original files will still be scanned, but # without additional processing. -#ScanHTML yes +ScanHTML yes ## @@ -465,7 +461,7 @@ # If you turn off this option, the original files will still be scanned, but # without unpacking and additional processing. # Default: yes -#ScanArchive yes +ScanArchive yes ## diff -Naur clamav-0.100.2/etc/freshclam.conf.sample clamav-0.100.2.oden/etc/freshclam.conf.sample --- clamav-0.100.2/etc/freshclam.conf.sample 2014-05-06 20:39:56.000000000 +0200 +++ clamav-0.100.2.oden/etc/freshclam.conf.sample 2018-07-19 09:01:10.144997998 +0200 @@ -3,18 +3,14 @@ ## Please read the freshclam.conf(5) manual before editing this file. ## - -# Comment or remove the line below. -Example - # Path to the database directory. # WARNING: It must match clamd.conf's directive! # Default: hardcoded (depends on installation options) -#DatabaseDirectory /var/lib/clamav +DatabaseDirectory /var/lib/clamav # Path to the log file (make sure it has proper permissions) # Default: disabled -#UpdateLogFile /var/log/freshclam.log +UpdateLogFile /var/log/clamav/freshclam.log # Maximum size of the log file. # Value of 0 disables the limit. @@ -31,7 +27,7 @@ # Enable verbose logging. # Default: no -#LogVerbose yes +LogVerbose yes # Use system logger (can work together with UpdateLogFile). # Default: no @@ -48,12 +44,12 @@ # This option allows you to save the process identifier of the daemon # Default: disabled -#PidFile /var/run/freshclam.pid +PidFile /run/clamav/freshclam.pid # By default when started freshclam drops privileges and switches to the # "clamav" user. This directive allows you to change the database owner. # Default: clamav (may depend on installation options) -#DatabaseOwner clamav +DatabaseOwner clamav # Use DNS to verify virus database version. Freshclam uses DNS TXT records # to verify database and software versions. With this directive you can change @@ -61,7 +57,7 @@ # WARNING: Do not touch it unless you're configuring freshclam to use your # own database verification domain. # Default: current.cvd.clamav.net -#DNSDatabaseInfo current.cvd.clamav.net +DNSDatabaseInfo current.cvd.clamav.net # database.clamav.net is now the primary domain name to be used world-wide. # Now that CloudFlare is being used as our Content Delivery Network (CDN), @@ -71,12 +67,12 @@ # How many attempts to make before giving up. # Default: 3 (per mirror) -#MaxAttempts 5 +MaxAttempts 5 # With this option you can control scripted updates. It's highly recommended # to keep it enabled. # Default: yes -#ScriptedUpdates yes +ScriptedUpdates yes # By default freshclam will keep the local databases (.cld) uncompressed to # make their handling faster. With this option you can enable the compression; @@ -105,7 +101,7 @@ # Number of database checks per day. # Default: 12 (every two hours) -#Checks 24 +Checks 24 # Proxy settings # The HTTPProxyServer may be prefixed with [scheme]:// to specify which kind @@ -127,7 +123,7 @@ # Send the RELOAD command to clamd. # Default: no -#NotifyClamd /path/to/clamd.conf +NotifyClamd /etc/clamd.conf # Run command after successful database update. # Default: disabled --- clamav-0.101.4/clamd/clamav-daemon.socket.in 2019-08-20 18:08:49.000000000 +0200 +++ clamav-0.101.4/clamd/clamav-daemon.socket.in.new 2019-11-26 15:24:01.671617402 +0100 @@ -6,7 +6,7 @@ ConditionPathExistsGlob=@DBDIR@/daily.{c[vl]d,inc} [Socket] -ListenStream=/run/clamav/clamd.ctl +ListenStream=/var/lib/clamav/clamd.socket #ListenStream=127.0.0.1:1024 SocketUser=clamav SocketGroup=clamav