| e3aaff8e |
/* |
| 6ccc6990 |
* Copyright (C) 2002 - 2004 Tomasz Kojm <tkojm@clamav.net> |
| e3aaff8e |
* Damien Curtain <damien@pagefault.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
|
| 5ca6034b |
|
| 6d6e8271 |
#if HAVE_CONFIG_H
#include "clamav-config.h"
#endif
|
| e3aaff8e |
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h> |
| dd95cc2d |
#include <errno.h> |
| 5ca6034b |
#include <signal.h> |
| 8000d078 |
#include <time.h> |
| e3aaff8e |
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <pwd.h>
#include <grp.h>
|
| afb48b28 |
#if defined(USE_SYSLOG) && !defined(C_AIX) |
| fb787a06 |
#include <syslog.h>
#endif
|
| e3aaff8e |
#include "options.h"
#include "manager.h"
#include "defaults.h"
#include "freshclam.h" |
| afb48b28 |
#include "output.h" |
| cc71d7c2 |
#include "target.h" |
| 7b304dee |
#include "misc.h" |
| e3aaff8e |
|
| dd95cc2d |
static short terminate = 0;
static void daemon_sighandler(int sig) {
char *action = NULL;
switch(sig) { |
| 95c4e7b0 |
case SIGALRM: |
| dd95cc2d |
case SIGUSR1:
action = "wake up"; |
| 85e6e26a |
terminate = -1; |
| dd95cc2d |
break;
case SIGHUP:
action = "re-opening log file"; |
| e3eaadd0 |
terminate = -2; |
| dd95cc2d |
break;
default:
action = "terminating";
terminate = 1;
break;
} |
| e3eaadd0 |
|
| dd95cc2d |
logg("Received signal %d, %s\n", sig, action);
return;
}
static void writepid(char *pidfile) {
FILE *fd;
int old_umask;
old_umask = umask(0006);
if((fd = fopen(pidfile, "w")) == NULL) {
logg("!Can't save PID to file %s: %s\n", pidfile, strerror(errno));
} else { |
| c32360c1 |
fprintf(fd, "%d", (int) getpid()); |
| dd95cc2d |
fclose(fd);
}
umask(old_umask);
}
|
| 2d70a403 |
int freshclam(struct optstruct *opt) |
| e3aaff8e |
{ |
| c32360c1 |
int ret = 52; |
| 95d401c4 |
char *newdir, *cfgfile; |
| dd95cc2d |
char *pidfile = NULL; |
| 95d401c4 |
struct cfgstruct *copt, *cpt; |
| dd95cc2d |
struct sigaction sigact;
struct sigaction oldact; |
| e3aaff8e |
#ifndef C_CYGWIN |
| 22801d05 |
char *unpuser; |
| 95d401c4 |
struct passwd *user;
#endif |
| c2a3cdf9 |
struct stat statbuf; |
| e3aaff8e |
|
| ee039e40 |
if(optc(opt, 'h')) {
free_opt(opt);
help();
} |
| e3aaff8e |
|
| 95d401c4 |
/* parse the config file */ |
| 6ccc6990 |
if((cfgfile = getargl(opt, "config-file"))) { |
| cc71d7c2 |
copt = parsecfg(cfgfile, 1); |
| 95d401c4 |
} else {
/* TODO: force strict permissions on freshclam.conf */ |
| cc71d7c2 |
if((copt = parsecfg((cfgfile = CONFDIR"/freshclam.conf"), 1)) == NULL) |
| b2d28e76 |
copt = parsecfg((cfgfile = CONFDIR"/clamd.conf"), 1); |
| 95d401c4 |
}
if(!copt) {
mprintf("!Can't parse the config file %s\n", cfgfile);
return 56;
}
|
| af22ece1 |
if(optl(opt, "http-proxy") || optl(opt, "proxy-user"))
mprintf("WARNING: Proxy settings are now only configurable in the config file.\n");
|
| c2a3cdf9 |
if(cfgopt(copt, "HTTPProxyPassword")) {
if(stat(cfgfile, &statbuf) == -1) {
mprintf("@Can't stat %s (critical error)\n");
return 56;
} |
| b782aece |
#ifndef C_CYGWIN |
| c2a3cdf9 |
if(statbuf.st_mode & (S_IRGRP | S_IWGRP | S_IXGRP | S_IROTH | S_IWOTH | S_IXOTH)) {
mprintf("@Insecure permissions (for HTTPProxyPassword): %s must have no more than 0700 permissions.\n", cfgfile);
return 56;
} |
| b782aece |
#endif |
| c2a3cdf9 |
} |
| af22ece1 |
|
| 95d401c4 |
#ifndef C_CYGWIN |
| c2a3cdf9 |
/* freshclam shouldn't work with root privileges */ |
| af22ece1 |
if(optc(opt, 'u')) {
unpuser = getargc(opt, 'u'); |
| d685f6dd |
} else if((cpt = cfgopt(copt, "DatabaseOwner"))) { |
| 95d401c4 |
unpuser = cpt->strarg; |
| af22ece1 |
} else {
unpuser = UNPUSER;
} |
| 95d401c4 |
|
| 11f30313 |
if(!geteuid()) { |
| e3aaff8e |
if((user = getpwnam(unpuser)) == NULL) {
mprintf("@Can't get information about user %s.\n", unpuser);
exit(60); /* this is critical problem, so we just exit here */
}
|
| a7d9bef2 |
#ifdef HAVE_SETGROUPS |
| 9f51cb51 |
if(setgroups(1, &user->pw_gid)) {
mprintf("@setgroups() failed.\n");
exit(61);
} |
| a7d9bef2 |
#endif |
| 9f51cb51 |
if(setgid(user->pw_gid)) {
mprintf("@setgid(%d) failed.\n", (int) user->pw_gid);
exit(61);
}
if(setuid(user->pw_uid)) {
mprintf("@setuid(%d) failed.\n", (int) user->pw_uid);
exit(61);
} |
| e3aaff8e |
}
#endif
/* initialize some important variables */
|
| 95d401c4 |
if(optl(opt, "debug") || cfgopt(copt, "Debug")) |
| e4ae7726 |
cl_debug();
|
| 58bcf502 |
if(optc(opt, 'v'))
mprintf_verbose = 1; |
| e3aaff8e |
|
| 58bcf502 |
if(optl(opt, "quiet"))
mprintf_quiet = 1; |
| e3aaff8e |
|
| 58bcf502 |
if(optl(opt, "stdout"))
mprintf_stdout = 1; |
| e3aaff8e |
if(optc(opt, 'V')) { |
| 7b304dee |
print_version(); |
| 58bcf502 |
exit(0); |
| e3aaff8e |
}
/* initialize logger */
|
| fb787a06 |
if(cfgopt(copt, "LogVerbose")) |
| afb48b28 |
logg_verbose = 1; |
| fb787a06 |
|
| af22ece1 |
if(optc(opt, 'l')) { |
| afb48b28 |
logg_file = getargc(opt, 'l'); |
| af22ece1 |
if(logg("--------------------------------------\n")) {
mprintf("!Problem with internal logger.\n"); |
| 58bcf502 |
exit(1); |
| af22ece1 |
}
} else if((cpt = cfgopt(copt, "UpdateLogFile"))) { |
| afb48b28 |
logg_file = cpt->strarg; |
| e3aaff8e |
if(logg("--------------------------------------\n")) {
mprintf("!Problem with internal logger.\n"); |
| 58bcf502 |
exit(1); |
| e3aaff8e |
} |
| 95d401c4 |
} else |
| afb48b28 |
logg_file = NULL; |
| e3aaff8e |
|
| afb48b28 |
#if defined(USE_SYSLOG) && !defined(C_AIX) |
| c695dab4 |
if(cfgopt(copt, "LogSyslog")) {
int fac = LOG_LOCAL6;
if((cpt = cfgopt(copt, "LogFacility"))) {
if((fac = logg_facility(cpt->strarg)) == -1) {
mprintf("!LogFacility: %s: No such facility.\n", cpt->strarg);
exit(1);
}
}
openlog("freshclam", LOG_PID, fac); |
| afb48b28 |
logg_syslog = 1; |
| c695dab4 |
syslog(LOG_INFO, "Daemon started.\n"); |
| 58bcf502 |
} |
| fb787a06 |
#endif
|
| 95d401c4 |
/* change the current working directory */
if(optl(opt, "datadir")) { |
| e3aaff8e |
newdir = getargl(opt, "datadir"); |
| 95d401c4 |
} else {
if((cpt = cfgopt(copt, "DatabaseDirectory")))
newdir = cpt->strarg;
else
newdir = VIRUSDBDIR;
} |
| e3aaff8e |
if(chdir(newdir)) {
mprintf("Can't change dir to %s\n", newdir);
exit(50);
} else |
| e4ae7726 |
mprintf("*Current working dir is %s\n", newdir); |
| e3aaff8e |
if(optc(opt, 'd')) {
int bigsleep, checks; |
| 85e6e26a |
time_t now, wakeup; |
| e3aaff8e |
|
| dd95cc2d |
memset(&sigact, 0, sizeof(struct sigaction));
sigact.sa_handler = daemon_sighandler; |
| af22ece1 |
if(optc(opt, 'c')) {
checks = atoi(getargc(opt, 'c')); |
| d685f6dd |
} else if((cpt = cfgopt(copt, "Checks"))) { |
| 95d401c4 |
checks = cpt->numarg; |
| af22ece1 |
} else { |
| 95d401c4 |
checks = CL_DEFAULT_CHECKS; |
| af22ece1 |
} |
| e3aaff8e |
|
| 3e92581e |
if(checks <= 0) {
mprintf("@Number of checks must be a positive integer.\n"); |
| 58bcf502 |
exit(41); |
| e3aaff8e |
}
|
| 3e92581e |
if(!cfgopt(copt, "DNSDatabaseInfo")) {
if(checks > 50) {
mprintf("@Number of checks must be between 1 and 50.\n");
exit(41);
}
}
|
| 95d401c4 |
bigsleep = 24 * 3600 / checks; |
| e3aaff8e |
daemonize(); |
| 2df0f7e9 |
if (optc(opt, 'p')) {
pidfile = getargc(opt, 'p'); |
| c32360c1 |
} else if ((cpt = cfgopt(copt, "PidFile"))) { |
| dd95cc2d |
pidfile = cpt->strarg;
}
if (pidfile) {
writepid(pidfile);
} |
| cc71d7c2 |
logg("freshclam daemon "VERSION" (OS: "TARGET_OS_TYPE", ARCH: "TARGET_ARCH_TYPE", CPU: "TARGET_CPU_TYPE")\n"); |
| e3aaff8e |
|
| dd95cc2d |
sigaction(SIGTERM, &sigact, NULL);
sigaction(SIGHUP, &sigact, NULL);
sigaction(SIGINT, &sigact, NULL); |
| cc71d7c2 |
|
| dd95cc2d |
while(!terminate) { |
| af22ece1 |
ret = download(copt, opt);
|
| e3aaff8e |
|
| af22ece1 |
if(optl(opt, "on-error-execute")) {
if(ret > 1)
system(getargl(opt, "on-error-execute"));
} else if((cpt = cfgopt(copt, "OnErrorExecute"))) { |
| 049a18b9 |
if(ret > 1) |
| 95d401c4 |
system(cpt->strarg); |
| af22ece1 |
} |
| e3aaff8e |
|
| e3eaadd0 |
logg("--------------------------------------\n"); |
| dd95cc2d |
sigaction(SIGALRM, &sigact, &oldact);
sigaction(SIGUSR1, &sigact, &oldact); |
| 85e6e26a |
time(&wakeup);
wakeup += bigsleep; |
| dd95cc2d |
alarm(bigsleep); |
| 85e6e26a |
do {
pause();
time(&now);
} while (!terminate && now < wakeup); |
| e3eaadd0 |
|
| 85e6e26a |
if (terminate == -1) {
terminate = 0; |
| e3eaadd0 |
} else if (terminate == -2) {
terminate = 0;
logg_close(); |
| 85e6e26a |
} |
| e3eaadd0 |
|
| dd95cc2d |
sigaction(SIGALRM, &oldact, NULL);
sigaction(SIGUSR1, &oldact, NULL); |
| e3aaff8e |
}
} else |
| af22ece1 |
ret = download(copt, opt); |
| e3aaff8e |
|
| af22ece1 |
if(optl(opt, "on-error-execute")) {
if(ret > 1)
system(getargl(opt, "on-error-execute"));
} else if((cpt = cfgopt(copt, "OnErrorExecute"))) { |
| 049a18b9 |
if(ret > 1) |
| 95d401c4 |
system(cpt->strarg); |
| af22ece1 |
} |
| dd95cc2d |
if (pidfile) {
unlink(pidfile);
} |
| e3aaff8e |
|
| 2d70a403 |
return(ret); |
| e3aaff8e |
}
|
| af22ece1 |
int download(const struct cfgstruct *copt, const struct optstruct *opt) |
| e3aaff8e |
{ |
| 95d401c4 |
int ret = 0, try = 0, maxattempts = 0;
struct cfgstruct *cpt; |
| 5ca6034b |
|
| e3aaff8e |
|
| 95d401c4 |
if((cpt = cfgopt(copt, "MaxAttempts")))
maxattempts = cpt->numarg; |
| c6dbfbcb |
else
maxattempts = CL_DEFAULT_MAXATTEMPTS;
|
| 95d401c4 |
mprintf("*Max retries == %d\n", maxattempts);
if((cpt = cfgopt(copt, "DatabaseMirror")) == NULL) {
mprintf("@You must specify at least one database mirror.\n"); |
| d6a56e70 |
return 56; |
| 95d401c4 |
} else {
while(cpt) { |
| af22ece1 |
ret = downloadmanager(copt, opt, cpt->strarg); |
| 95d401c4 |
alarm(0);
|
| 45dd044d |
if(ret == 54 || ret == 59) { |
| 95d401c4 |
if(try < maxattempts - 1) {
mprintf("Trying again...\n");
logg("Trying again...\n");
try++;
sleep(1);
continue;
} else {
mprintf("Giving up...\n");
logg("Giving up...\n");
cpt = (struct cfgstruct *) cpt->nextarg;
try = 0;
}
} else {
return ret;
}
} |
| e3aaff8e |
}
return ret;
}
void daemonize(void)
{
int i;
for(i = 0; i < 3; i++)
close(i);
umask(0);
if(fork())
exit(0);
setsid();
mprintf_disabled = 1;
}
void help(void)
{
mprintf_stdout = 1;
mprintf("\n"); |
| 5def21ff |
mprintf(" Clam AntiVirus: freshclam "VERSION"\n"); |
| 938504c7 |
mprintf(" (C) 2002 - 2004 Tomasz Kojm <tkojm@clamav.net>\n\n"); |
| 5def21ff |
mprintf(" --help -h show help\n");
mprintf(" --version -V print version number and exit\n");
mprintf(" --verbose -v be verbose\n");
mprintf(" --debug enable debug messages\n");
mprintf(" --quiet be quiet, output only error messages\n");
mprintf(" --stdout write to stdout instead of stderr\n");
mprintf(" (this help is always written to stdout)\n"); |
| e3aaff8e |
mprintf("\n"); |
| dd95cc2d |
mprintf(" --config-file=FILE read configuration from FILE.\n"); |
| af22ece1 |
mprintf(" --log=FILE -l FILE log into FILE\n"); |
| 5def21ff |
mprintf(" --daemon -d run in daemon mode\n"); |
| fb787a06 |
mprintf(" --pid=FILE -p FILE save daemon's pid in FILE\n"); |
| af22ece1 |
mprintf(" --user=USER -u USER run as USER\n"); |
| 73448085 |
mprintf(" --no-dns force old non-DNS verification method\n"); |
| 938504c7 |
mprintf(" --checks=#n -c #n number of checks per day, 1 <= n <= 50\n"); |
| 95d401c4 |
mprintf(" --datadir=DIRECTORY download new databases into DIRECTORY\n"); |
| af22ece1 |
#ifdef BUILD_CLAMD |
| b2d28e76 |
mprintf(" --daemon-notify[=/path/clamd.conf] send RELOAD command to clamd\n"); |
| af22ece1 |
#endif
mprintf(" --on-update-execute=COMMAND execute COMMAND after successful update\n");
mprintf(" --on-error-execute=COMMAND execute COMMAND if errors occured\n");
|
| e3aaff8e |
mprintf("\n");
exit(0);
} |