2
* Copyright (C) 2002 - 2005 Tomasz Kojm <tkojm@clamav.net>
4
* This program is free software; you can redistribute it and/or modify
5
* it under the terms of the GNU General Public License as published by
6
* the Free Software Foundation; either version 2 of the License, or
7
* (at your option) any later version.
9
* This program is distributed in the hope that it will be useful,
10
* but WITHOUT ANY WARRANTY; without even the implied warranty of
11
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12
* GNU General Public License for more details.
14
* You should have received a copy of the GNU General Public License
15
* along with this program; if not, write to the Free Software
16
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
21
#include "clamav-config.h"
29
#include <sys/types.h>
37
#if defined(USE_SYSLOG) && !defined(C_AIX)
42
#include <sys/resource.h>
46
#include "cfgparser.h"
48
/* Fixes gcc warning */
49
#include "../libclamav/others.h"
50
#include "tcpserver.h"
51
#include "localserver.h"
62
short debug_mode = 0, logok = 0;
66
void clamd(struct optstruct *opt)
68
struct cfgstruct *copt, *cpt;
71
struct cl_node *root = NULL;
72
const char *dbdir, *cfgfile;
73
int ret, virnum = 0, tcpsock = 0, localsock = 0;
74
int lsockets[2], nlsockets = 0;
75
unsigned int dboptions = 0;
80
/* initialize some important variables */
91
if(optl(opt, "debug")) {
93
/* njh@bandsman.co.uk: create a dump if needed */
96
rlim.rlim_cur = rlim.rlim_max = RLIM_INFINITY;
97
if(setrlimit(RLIMIT_CORE, &rlim) < 0)
104
/* parse the config file */
106
cfgfile = getargc(opt, 'c');
108
cfgfile = CONFDIR"/clamd.conf";
110
if((copt = getcfg(cfgfile, 1)) == NULL) {
111
fprintf(stderr, "ERROR: Can't open/parse the config file %s\n", cfgfile);
117
/* drop privileges */
119
if(geteuid() == 0 && (cpt = cfgopt(copt, "User"))->enabled) {
120
if((user = getpwnam(cpt->strarg)) == NULL) {
121
fprintf(stderr, "ERROR: Can't get information about user %s.\n", cpt->strarg);
122
logg("!Can't get information about user %s.\n", cpt->strarg);
126
if(cfgopt(copt, "AllowSupplementaryGroups")->enabled) {
127
#ifdef HAVE_INITGROUPS
128
if(initgroups(cpt->strarg, user->pw_gid)) {
129
fprintf(stderr, "ERROR: initgroups() failed.\n");
130
logg("!initgroups() failed.\n");
134
logg("AllowSupplementaryGroups: initgroups() not supported.\n");
137
#ifdef HAVE_SETGROUPS
138
if(setgroups(1, &user->pw_gid)) {
139
fprintf(stderr, "ERROR: setgroups() failed.\n");
140
logg("!setgroups() failed.\n");
146
if(setgid(user->pw_gid)) {
147
fprintf(stderr, "ERROR: setgid(%d) failed.\n", (int) user->pw_gid);
148
logg("!setgid(%d) failed.\n", (int) user->pw_gid);
152
if(setuid(user->pw_uid)) {
153
fprintf(stderr, "ERROR: setuid(%d) failed.\n", (int) user->pw_uid);
154
logg("!setuid(%d) failed.\n", (int) user->pw_uid);
158
logg("Running as user %s (UID %d, GID %d)\n", user->pw_name, user->pw_uid, user->pw_gid);
162
/* initialize logger */
164
logg_lock = cfgopt(copt, "LogFileUnlock")->enabled;
165
logg_time = cfgopt(copt, "LogTime")->enabled;
166
logok = cfgopt(copt, "LogClean")->enabled;
167
logg_size = cfgopt(copt, "LogFileMaxSize")->numarg;
168
logg_verbose = mprintf_verbose = cfgopt(copt, "LogVerbose")->enabled;
170
if(cfgopt(copt, "Debug")->enabled) /* enable debug messages in libclamav */
173
if((cpt = cfgopt(copt, "LogFile"))->enabled) {
174
logg_file = cpt->strarg;
175
if(strlen(logg_file) < 2 || (logg_file[0] != '/' && logg_file[0] != '\\' && logg_file[1] != ':')) {
176
fprintf(stderr, "ERROR: LogFile requires full path.\n");
180
if(logg("+++ Started at %s", ctime(&currtime))) {
181
fprintf(stderr, "ERROR: Problem with internal logger. Please check the permissions on the %s file.\n", logg_file);
187
#if defined(USE_SYSLOG) && !defined(C_AIX)
188
if(cfgopt(copt, "LogSyslog")->enabled) {
189
int fac = LOG_LOCAL6;
191
cpt = cfgopt(copt, "LogFacility");
192
if((fac = logg_facility(cpt->strarg)) == -1) {
193
fprintf(stderr, "ERROR: LogFacility: %s: No such facility.\n", cpt->strarg);
197
openlog("clamd", LOG_PID, fac);
202
logg("clamd daemon "VERSION" (OS: "TARGET_OS_TYPE", ARCH: "TARGET_ARCH_TYPE", CPU: "TARGET_CPU_TYPE")\n");
205
logg("Log file size limited to %d bytes.\n", logg_size);
207
logg("Log file size limit disabled.\n");
209
logg("*Verbose logging activated.\n");
213
if(stat("/proc", &sb) != -1 && !sb.st_size)
217
/* check socket type */
219
if(cfgopt(copt, "TCPSocket")->enabled)
222
if(cfgopt(copt, "LocalSocket")->enabled)
225
if(!tcpsock && !localsock) {
226
fprintf(stderr, "ERROR: You must select server type (local/tcp).\n");
227
logg("!Please select server type (local/TCP).\n");
231
/* set the temporary dir */
232
if((cpt = cfgopt(copt, "TemporaryDirectory"))->enabled)
233
cl_settempdir(cpt->strarg, 0);
235
if(cfgopt(copt, "LeaveTemporaryFiles")->enabled)
236
cl_settempdir(NULL, 1);
238
/* load the database(s) */
239
dbdir = cfgopt(copt, "DatabaseDirectory")->strarg;
240
logg("Reading databases from %s\n", dbdir);
242
if(!cfgopt(copt, "DetectPhishing")->enabled) {
243
dboptions |= CL_DB_NOPHISHING;
244
logg("Not loading phishing signatures.\n");
247
if((ret = cl_load(dbdir, &root, &virnum, dboptions))) {
248
fprintf(stderr, "ERROR: %s\n", cl_strerror(ret));
249
logg("!%s\n", cl_strerror(ret));
254
fprintf(stderr, "ERROR: Database initialization error.\n");
255
logg("!Database initialization error.\n");
259
logg("Protecting against %d viruses.\n", virnum);
260
if((ret = cl_build(root)) != 0) {
261
fprintf(stderr, "ERROR: Database initialization error: %s\n", cl_strerror(ret));;
262
logg("!Database initialization error: %s\n", cl_strerror(ret));;
267
/* fork into background */
268
if(!cfgopt(copt, "Foreground")->enabled)
274
lsockets[nlsockets++] = tcpserver(copt, root);
277
lsockets[nlsockets++] = localserver(copt, root);
279
ret = acceptloop_th(lsockets, nlsockets, root, copt);
289
printf(" Clam AntiVirus Daemon "VERSION"\n");
290
printf(" (C) 2002 - 2005 ClamAV Team - http://www.clamav.net/team.html\n\n");
292
printf(" --help -h Show this help.\n");
293
printf(" --version -V Show version number.\n");
294
printf(" --debug Enable debug mode.\n");
295
printf(" --config-file=FILE -c FILE Read configuration from FILE.\n\n");
309
if((i = open("/dev/null", O_WRONLY)) == -1) {
310
logg("!Cannot open /dev/null. Only use Debug if Foreground is enabled.\n");
311
for(i = 0; i <= 2; i++)