File size: 6,303 Bytes
e02c982
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
b10f399
e02c982
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
e0eb42c
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
e02c982
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
#!/sbin/tini /bin/sh
# SPDX-License-Identifier: GPL-2.0-or-later
#
# Copyright (C) 2021 Olliver Schinagl <oliver@schinagl.nl>
# Copyright (C) 2021-2022 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
#
# A beginning user should be able to docker run image bash (or sh) without
# needing to learn about --entrypoint
# https://github.com/docker-library/official-images#consistency

set -eu

if [ ! -d "/run/clamav" ]; then
        install -d -g "clamav" -m 775 -o "clamav" "/run/clamav"
fi

# Assign ownership to the database directory, just in case it is a mounted volume
#chown -R clamav:clamav /var/lib/clamav

# run command if it is not starting with a "-" and is an executable in PATH
if [ "${#}" -gt 0 ] && \
   [ "${1#-}" = "${1}" ] && \
   command -v "${1}" > "/dev/null" 2>&1; then
        # Ensure healthcheck always passes
        CLAMAV_NO_CLAMD="true" exec "${@}"
else
        if [ "${#}" -ge 1 ] && \
           [ "${1#-}" != "${1}" ]; then
                # If an argument starts with "-" pass it to clamd specifically
                exec clamd "${@}"
        fi
        # else default to running clamav's servers

        # Help tiny-init a little
        mkdir -p "/run/lock"
        ln -f -s "/run/lock" "/var/lock"

        # Ensure we have some virus data, otherwise clamd refuses to start
        if [ ! -f "/var/lib/clamav/main.cvd" ]; then
                echo "Updating initial database"
                freshclam --foreground --stdout
        fi

        if [ "${CLAMAV_NO_FRESHCLAMD:-false}" != "true" ]; then
                echo "Starting Freshclamd"
                freshclam \
                          --checks="${FRESHCLAM_CHECKS:-1}" \
                          --daemon \
                          --foreground \
                          --stdout \
                          --user="clamav" \
                          &
        fi

        if [ "${CLAMAV_NO_CLAMD:-false}" != "true" ]; then
                echo "Starting ClamAV"
                if [ -S "/run/clamav/clamd.sock" ]; then
                        unlink "/run/clamav/clamd.sock"
                fi
                if [ -S "/tmp/clamd.sock" ]; then
                        unlink "/tmp/clamd.sock"
                fi
                clamd --foreground &
                while [ ! -S "/run/clamav/clamd.sock" ] && [ ! -S "/tmp/clamd.sock" ]; do
                        if [ "${_timeout:=0}" -gt "${CLAMD_STARTUP_TIMEOUT:=1800}" ]; then
                                echo
                                echo "Failed to start clamd"
                                exit 1
                        fi
                        printf "\r%s" "Socket for clamd not found yet, retrying (${_timeout}/${CLAMD_STARTUP_TIMEOUT}) ..."
                        sleep 1
                        _timeout="$((_timeout + 1))"
                done
                echo "socket found, clamd started."
        fi

        if [ "${CLAMAV_NO_MILTERD:-true}" != "true" ]; then
                echo "Starting clamav milterd"
                clamav-milter &
        fi

        # Wait forever (or until canceled)
        exec tail -f "/dev/null"
fi

exit 0
/ $ cat /init
#!/sbin/tini /bin/sh
# SPDX-License-Identifier: GPL-2.0-or-later
#
# Copyright (C) 2021 Olliver Schinagl <oliver@schinagl.nl>
# Copyright (C) 2021-2022 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
#
# A beginning user should be able to docker run image bash (or sh) without
# needing to learn about --entrypoint
# https://github.com/docker-library/official-images#consistency

set -eu

if [ ! -d "/run/clamav" ]; then
        install -d -g "clamav" -m 775 -o "clamav" "/run/clamav"
fi

# Assign ownership to the database directory, just in case it is a mounted volume
#chown -R clamav:clamav /var/lib/clamav

# run command if it is not starting with a "-" and is an executable in PATH
if [ "${#}" -gt 0 ] && \
   [ "${1#-}" = "${1}" ] && \
   command -v "${1}" > "/dev/null" 2>&1; then
        # Ensure healthcheck always passes
        CLAMAV_NO_CLAMD="true" exec "${@}"
else
        if [ "${#}" -ge 1 ] && \
           [ "${1#-}" != "${1}" ]; then
                # If an argument starts with "-" pass it to clamd specifically
                exec clamd "${@}"
        fi
        # else default to running clamav's servers

        # Help tiny-init a little
        mkdir -p "/run/lock"
        ln -f -s "/run/lock" "/var/lock"

        # Ensure we have some virus data, otherwise clamd refuses to start
        if [ ! -f "/var/lib/clamav/main.cvd" ]; then
                echo "Updating initial database"
                freshclam --foreground --stdout
        fi

        if [ "${CLAMAV_NO_FRESHCLAMD:-false}" != "true" ]; then
                echo "Starting Freshclamd"
                freshclam \
                          --checks="${FRESHCLAM_CHECKS:-1}" \
                          --daemon \
                          --foreground \
                          --stdout \
                          --user="clamav" \
                          &
        fi

        if [ "${CLAMAV_NO_CLAMD:-false}" != "true" ]; then
                echo "Starting ClamAV"
                if [ -S "/run/clamav/clamd.sock" ]; then
                        unlink "/run/clamav/clamd.sock"
                fi
                if [ -S "/tmp/clamd.sock" ]; then
                        unlink "/tmp/clamd.sock"
                fi
                clamd --foreground &
                while [ ! -S "/run/clamav/clamd.sock" ] && [ ! -S "/tmp/clamd.sock" ]; do
                        if [ "${_timeout:=0}" -gt "${CLAMD_STARTUP_TIMEOUT:=1800}" ]; then
                                echo
                                echo "Failed to start clamd"
                                exit 1
                        fi
                        printf "\r%s" "Socket for clamd not found yet, retrying (${_timeout}/${CLAMD_STARTUP_TIMEOUT}) ..."
                        sleep 1
                        _timeout="$((_timeout + 1))"
                done
                echo "socket found, clamd started."
        fi

        if [ "${CLAMAV_NO_MILTERD:-true}" != "true" ]; then
                echo "Starting clamav milterd"
                clamav-milter &
        fi

        # Wait forever (or until canceled)
        exec tail -f "/dev/null"
fi

exit 0