diff -Naur clamav-0.95.1/etc/clamav-milter.conf clamav-0.95.1.mitya/etc/clamav-milter.conf --- clamav-0.95.1/etc/clamav-milter.conf 2009-04-01 13:48:55.000000000 +0200 +++ clamav-0.95.1.mitya/etc/clamav-milter.conf 2009-04-12 20:46:50.000000000 +0200 @@ -2,10 +2,6 @@ ## Example config file for clamav-milter ## -# Comment or remove the line below. -Example - - ## ## Main options ## @@ -19,21 +15,22 @@ # Default: no default #MilterSocket /tmp/clamav-milter.socket #MilterSocket inet:7357 +MilterSocket /var/lib/clamav/clamav-milter.socket # Remove stale socket after unclean shutdown. # # Default: yes -#FixStaleSocket yes +FixStaleSocket yes # Run as another user (clamav-milter must be started by root for this option to work) # # Default: unset (don't drop privileges) -#User clamav +User clamav # Initialize supplementary group access (clamav-milter must be started by root). # # Default: no -#AllowSupplementaryGroups no +AllowSupplementaryGroups yes # Waiting for data from clamd will timeout after this time (seconds). # Value of 0 disables the timeout. @@ -56,12 +53,12 @@ # daemon (main thread). # # Default: disabled -#PidFile /var/run/clamav-milter.pid +PidFile /var/run/clamav/clamav-milter.pid # Optional path to the global temporary directory. # Default: system specific (usually /tmp or /var/tmp). # -#TemporaryDirectory /var/tmp +TemporaryDirectory /var/lib/clamav/tmp ## ## Clamd options @@ -83,6 +80,7 @@ # # Default: no default #ClamdSocket tcp:scanner.mydomain:7357 +ClamdSocket unix:/var/lib/clamav/clamd.socket ## @@ -174,7 +172,7 @@ # A full path is required. # # Default: disabled -#LogFile /tmp/clamav-milter.log +LogFile /var/log/clamav/clamav-milter.log # By default the log file is locked for writing - the lock protects against # running clamav-milter multiple times. @@ -211,7 +209,7 @@ # Enable verbose logging. # # Default: no -#LogVerbose yes +LogVerbose yes # This option allows to tune what is logged when a message is infected. # Possible values are Off (the default - nothing is logged), diff -Naur clamav-0.95.1/etc/clamd.conf clamav-0.95.1.mitya/etc/clamd.conf --- clamav-0.95.1/etc/clamd.conf 2009-04-07 12:32:06.000000000 +0200 +++ clamav-0.95.1.mitya/etc/clamd.conf 2009-04-12 20:28:54.000000000 +0200 @@ -3,15 +3,11 @@ ## Please read the clamd.conf(5) manual before editing this file. ## - -# Comment or remove the line below. -Example - # Uncomment this option to enable logging. # LogFile must be writable for the user running daemon. # A full path is required. # Default: disabled -#LogFile /tmp/clamd.log +LogFile /var/log/clamav/clamd.log # By default the log file is locked for writing - the lock protects against # running clamd multiple times (if want to run another clamd, please @@ -49,31 +45,31 @@ # Enable verbose logging. # Default: no -#LogVerbose yes +LogVerbose yes # This option allows you to save a process identifier of the listening # daemon (main thread). # Default: disabled -#PidFile /var/run/clamd.pid +PidFile /var/run/clamav/clamd.pid # Optional path to the global temporary directory. # Default: system specific (usually /tmp or /var/tmp). -#TemporaryDirectory /var/tmp +TemporaryDirectory /var/lib/clamav/tmp # Path to the database directory. # Default: hardcoded (depends on installation options) -#DatabaseDirectory /var/lib/clamav +DatabaseDirectory /var/lib/clamav -# The daemon can work in local mode, network mode or both. +# The daemon can work in local mode, network mode or both. # Due to security reasons we recommend the local mode. # Path to a local socket file the daemon will listen on. # Default: disabled (must be specified by a user) -LocalSocket /tmp/clamd.socket +LocalSocket /var/lib/clamav/clamd.socket # Remove stale socket after unclean shutdown. # Default: yes -#FixStaleSocket yes +FixStaleSocket yes # TCP port address. # Default: no @@ -107,12 +103,12 @@ # Maximum number of threads running at the same time. # Default: 10 -#MaxThreads 20 +MaxThreads 64 # Waiting for data from a client socket will timeout after this time (seconds). # Value of 0 disables the timeout. # Default: 120 -#ReadTimeout 300 +ReadTimeout 300 # This option specifies the time (in seconds) after which clamd should # timeout if a client doesn't provide any initial command after connecting. @@ -132,7 +128,7 @@ # MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual max is 1024) # # Default: 100 -#MaxQueue 200 +MaxQueue 200 # Waiting for a new job will timeout after this time (seconds). # Default: 30 @@ -150,11 +146,11 @@ # Follow directory symlinks. # Default: no -#FollowDirectorySymlinks yes +FollowDirectorySymlinks yes # Follow regular file symlinks. # Default: no -#FollowFileSymlinks yes +FollowFileSymlinks yes # Perform a database check. # Default: 600 (10 min) @@ -167,11 +163,11 @@ # Run as another user (clamd must be started by root for this option to work) # Default: don't drop privileges -#User clamav +User clamav # Initialize supplementary group access (clamd must be started by root). # Default: no -#AllowSupplementaryGroups no +AllowSupplementaryGroups yes # Stop daemon when libclamav reports out of memory condition. #ExitOnOOM yes @@ -223,7 +219,7 @@ # required for decompression of popular executable packers such as UPX, FSG, # and Petite. # Default: yes -#ScanPE yes +ScanPE yes # Executable and Linking Format is a standard format for UN*X executables. # This option allows you to control the scanning of ELF files. @@ -243,7 +239,7 @@ # This option enables scanning of OLE2 files, such as Microsoft Office # documents and .msi files. # Default: yes -#ScanOLE2 yes +ScanOLE2 yes # This option enables scanning within PDF files. # Default: yes @@ -256,7 +252,7 @@ # Enable internal e-mail scanner. # Default: yes -#ScanMail yes +ScanMail yes # If an email contains URLs ClamAV can download and scan them. # WARNING: This option may open your system to a DoS attack. @@ -275,7 +271,7 @@ # With this option enabled ClamAV will try to detect phishing attempts by using # signatures. # Default: yes -#PhishingSignatures yes +PhishingSignatures yes # Scan URLs found in mails for phishing attempts using heuristics. # Default: yes @@ -301,9 +297,9 @@ # the end of a scan. If an archive contains both a heuristically detected # virus/phish, and a real malware, the real malware will be reported # -# Keep this disabled if you intend to handle "*.Heuristics.*" viruses +# Keep this disabled if you intend to handle "*.Heuristics.*" viruses # differently from "real" malware. -# If a non-heuristically-detected virus (signature-based) is found first, +# If a non-heuristically-detected virus (signature-based) is found first, # the scan is interrupted immediately, regardless of this config option. # # Default: no @@ -344,7 +340,7 @@ # Perform HTML normalisation and decryption of MS Script Encoder code. # Default: yes -#ScanHTML yes +ScanHTML yes ## @@ -353,7 +349,7 @@ # ClamAV can scan within archives and compressed files. # Default: yes -#ScanArchive yes +ScanArchive yes # Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR). # Default: no diff -Naur clamav-0.95.1/etc/freshclam.conf clamav-0.95.1.mitya/etc/freshclam.conf --- clamav-0.95.1/etc/freshclam.conf 2009-03-16 19:43:35.000000000 +0100 +++ clamav-0.95.1.mitya/etc/freshclam.conf 2009-04-12 20:28:54.000000000 +0200 @@ -3,18 +3,14 @@ ## Please read the freshclam.conf(5) manual before editing this file. ## - -# Comment or remove the line below. -Example - # Path to the database directory. # WARNING: It must match clamd.conf's directive! # Default: hardcoded (depends on installation options) -#DatabaseDirectory /var/lib/clamav +DatabaseDirectory /var/lib/clamav # Path to the log file (make sure it has proper permissions) # Default: disabled -#UpdateLogFile /var/log/freshclam.log +UpdateLogFile /var/log/clamav/freshclam.log # Maximum size of the log file. # Value of 0 disables the limit. @@ -30,7 +26,7 @@ # Enable verbose logging. # Default: no -#LogVerbose yes +LogVerbose yes # Use system logger (can work together with UpdateLogFile). # Default: no @@ -43,16 +39,16 @@ # This option allows you to save the process identifier of the daemon # Default: disabled -#PidFile /var/run/freshclam.pid +PidFile /var/run/clamav/freshclam.pid # By default when started freshclam drops privileges and switches to the # "clamav" user. This directive allows you to change the database owner. # Default: clamav (may depend on installation options) -#DatabaseOwner clamav +DatabaseOwner clamav # Initialize supplementary group access (freshclam must be started by root). # Default: no -#AllowSupplementaryGroups yes +AllowSupplementaryGroups yes # Use DNS to verify virus database version. Freshclam uses DNS TXT records # to verify database and software versions. With this directive you can change @@ -60,7 +56,7 @@ # WARNING: Do not touch it unless you're configuring freshclam to use your # own database verification domain. # Default: current.cvd.clamav.net -#DNSDatabaseInfo current.cvd.clamav.net +DNSDatabaseInfo current.cvd.clamav.net # Uncomment the following line and replace XY with your country # code. See http://www.iana.org/cctld/cctld-whois.htm for the full list. @@ -74,12 +70,12 @@ # How many attempts to make before giving up. # Default: 3 (per mirror) -#MaxAttempts 5 +MaxAttempts 5 # With this option you can control scripted updates. It's highly recommended # to keep it enabled. # Default: yes -#ScriptedUpdates yes +ScriptedUpdates yes # By default freshclam will keep the local databases (.cld) uncompressed to # make their handling faster. With this option you can enable the compression; @@ -89,7 +85,7 @@ # Number of database checks per day. # Default: 12 (every two hours) -#Checks 24 +Checks 24 # Proxy settings # Default: disabled @@ -111,7 +107,7 @@ # Send the RELOAD command to clamd. # Default: no -#NotifyClamd /path/to/clamd.conf +NotifyClamd /etc/clamd.conf # Run command after successful database update. # Default: disabled