linux-malware-detect icon indicating copy to clipboard operation
linux-malware-detect copied to clipboard

Published 20 hours ago verified publisher icon rfxn

FreeBSD use with maldet

Open chrcoluk opened this issue 8 years ago • 4 comments

Hi can this be made compatible with FreeBSD? here is the output of my install.sh command.

`cat: /proc/1/comm: No such file or directory ./install.sh: line 89: test: =: unary operator expected cp: /etc/init.d/maldet: No such file or directory chmod: /etc/init.d/maldet: No such file or directory ./install.sh: line 117: /sbin/chkconfig: No such file or directory Linux Malware Detect v1.5 (C) 2002-2016, R-fx Networks [email protected] (C) 2016, Ryan MacDonald [email protected] This program may be freely redistributed under the terms of the GNU GPL

installation completed to /usr/local/maldetect config file: /usr/local/maldetect/conf.maldet exec file: /usr/local/maldetect/maldet exec link: /usr/local/sbin/maldet exec link: /usr/local/sbin/lmd cron.daily: /etc/cron.daily/maldet sed: 1: "/usr/local/maldetect/ig ...": extra characters at the end of l command maldet(75582): {sigup} performing signature update check... maldet(75582): {sigup} local signature set is version 201608309492 maldet(75582): {sigup} latest signature set already installed`

I then had a look at install.sh, it has a line that checks for FreeBSD but clearly that detection is failing on my system. Also there is a line that I think looks for clamav db patchs but is missing the default path used on FreeBSD which is /var/db/clamav.

Regards

Chris

chrcoluk avatar Sep 23 '16 10:09 chrcoluk

I see there is a ton of issues atually on FreeBSD, v1.4 works with a few changes, .5 however is really broken. I would use 1.4 but it seems it is not able to download new signatures.

However since the signatures are compatible with clamav, is it possible to make a tool that just puts the signatures into clamav db dir, and not have rest of functionality for FreeBSD?

chrcoluk avatar Sep 23 '16 10:09 chrcoluk

I will add to my work board reviewing support for FreeBSD in more detail.

The ClamAV compatible signatures are always available at: http://cdn.rfxn.com/downloads/rfxn.ndb http://cdn.rfxn.com/downloads/rfxn.hdb

Thanks

rfxn avatar Sep 23 '16 13:09 rfxn

ok thank you

chrcoluk avatar Sep 24 '16 13:09 chrcoluk

Other things you might need: The correct initscript path is /usr/local/etc/rc.d To enable it, just echo "servicename="YES" >> /etc/rc.conf There's also a utility for that but I forgot its name.

servicename needs to be defined in the init script, so I am afraid the ones you have might be incompatible? or maybe it's just the missing OS detection :)

FlorianHeigl avatar Sep 30 '16 22:09 FlorianHeigl