From 28f7d3571ca69fb408fe1f8f173b1d3ac0c8f9a6 Mon Sep 17 00:00:00 2001 From: "Ruben D." Date: Tue, 14 Oct 2025 20:59:42 +0200 Subject: [PATCH 1/3] Add clamav milter packaged, configure it and use supervisord to start it up. TODO: start milter only if community container stalwart is used. Signed-off-by: Ruben D. --- Containers/clamav/Dockerfile | 8 ++++++-- Containers/clamav/start.sh | 1 + Containers/clamav/supervisord.conf | 7 +++++++ 3 files changed, 14 insertions(+), 2 deletions(-) diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile index 216ea1c9..9330c57f 100644 --- a/Containers/clamav/Dockerfile +++ b/Containers/clamav/Dockerfile @@ -3,7 +3,7 @@ FROM alpine:3.22.1 RUN set -ex; \ apk upgrade --no-cache -a; \ - apk add --no-cache tzdata clamav supervisor bash; \ + apk add --no-cache tzdata clamav clamav-milter supervisor bash; \ mkdir -p /var/lib/clamav /run/clamav /var/log/supervisord /var/run/supervisord; \ chmod 777 -R /run/clamav /var/log/clamav /var/log/supervisord /var/run/supervisord; \ chown -R 100:100 /var/lib/clamav; \ @@ -12,7 +12,11 @@ RUN set -ex; \ sed -i "s|#\?PCREMaxFileSize.*|PCREMaxFileSize aio-placeholder|g" /etc/clamav/clamd.conf; \ sed -i "s|#\?StreamMaxLength.*|StreamMaxLength aio-placeholder|g" /etc/clamav/clamd.conf; \ sed -i "s|#\?TCPSocket|TCPSocket|g" /etc/clamav/clamd.conf; \ - sed -i "s|^LocalSocket .*|LocalSocket /tmp/clamd.sock|g" /etc/clamav/clamd.conf + sed -i "s|^LocalSocket .*|LocalSocket /tmp/clamd.sock|g" /etc/clamav/clamd.conf; \ + sed -i "s|Example| |g" /etc/clamav/clamav-milter.conf; \ + sed -i "s|#\?MilterSocket inet:7357|MilterSocket inet:7357|g" /etc/clamav/clamav-milter.conf; \ + sed -i "s|#\?ClamdSocket unix:/run/clamav/clamd.sock|ClamdSocket unix:/tmp/clamd.sock|g" /etc/clamav/clamav-milter.conf; \ + sed -i "s|#\?AddHeader Replace|AddHeader Add|g" /etc/clamav/clamav-milter.conf COPY --chmod=775 start.sh /start.sh COPY --chmod=775 healthcheck.sh /healthcheck.sh diff --git a/Containers/clamav/start.sh b/Containers/clamav/start.sh index bda4add5..2c56db49 100644 --- a/Containers/clamav/start.sh +++ b/Containers/clamav/start.sh @@ -1,6 +1,7 @@ #!/bin/bash sed "s|aio-placeholder|$MAX_SIZE|" /etc/clamav/clamd.conf > /tmp/clamd.conf +cp /etc/clamav/clamav-milter.conf /tmp/clamv-milter-conf # Print out clamav version for compliance reasons clamscan --version diff --git a/Containers/clamav/supervisord.conf b/Containers/clamav/supervisord.conf index 8f53856a..283833b8 100644 --- a/Containers/clamav/supervisord.conf +++ b/Containers/clamav/supervisord.conf @@ -21,3 +21,10 @@ stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 command=clamd --foreground --config-file=/tmp/clamd.conf + +[program:milter] +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 +stderr_logfile=/dev/stderr +stderr_logfile_maxbytes=0 +command=clamav-milter --foreground --config-file=/tmp/clamv-milter-conf \ No newline at end of file From 2d86c0d788461fd0adf52af8c6e15e1bfc9c19f8 Mon Sep 17 00:00:00 2001 From: "Ruben D." Date: Tue, 14 Oct 2025 21:10:48 +0200 Subject: [PATCH 2/3] Remove copying and omit checks for stalwart Signed-off-by: Ruben D. --- Containers/clamav/start.sh | 1 - Containers/clamav/supervisord.conf | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/Containers/clamav/start.sh b/Containers/clamav/start.sh index 2c56db49..bda4add5 100644 --- a/Containers/clamav/start.sh +++ b/Containers/clamav/start.sh @@ -1,7 +1,6 @@ #!/bin/bash sed "s|aio-placeholder|$MAX_SIZE|" /etc/clamav/clamd.conf > /tmp/clamd.conf -cp /etc/clamav/clamav-milter.conf /tmp/clamv-milter-conf # Print out clamav version for compliance reasons clamscan --version diff --git a/Containers/clamav/supervisord.conf b/Containers/clamav/supervisord.conf index 283833b8..7aad65ed 100644 --- a/Containers/clamav/supervisord.conf +++ b/Containers/clamav/supervisord.conf @@ -27,4 +27,4 @@ stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 -command=clamav-milter --foreground --config-file=/tmp/clamv-milter-conf \ No newline at end of file +command=clamav-milter --foreground --config-file=/etc/clamav/clamav-milter.conf \ No newline at end of file From 3a4dfaa4b69ca5d56dccf15c17c25db7d6a5c002 Mon Sep 17 00:00:00 2001 From: "Ruben D." Date: Thu, 16 Oct 2025 19:31:16 +0200 Subject: [PATCH 3/3] Change --foreground option from supervisord to milter configuration file Signed-off-by: Ruben D. --- Containers/clamav/Dockerfile | 3 ++- Containers/clamav/supervisord.conf | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Containers/clamav/Dockerfile b/Containers/clamav/Dockerfile index 9330c57f..35c81710 100644 --- a/Containers/clamav/Dockerfile +++ b/Containers/clamav/Dockerfile @@ -16,7 +16,8 @@ RUN set -ex; \ sed -i "s|Example| |g" /etc/clamav/clamav-milter.conf; \ sed -i "s|#\?MilterSocket inet:7357|MilterSocket inet:7357|g" /etc/clamav/clamav-milter.conf; \ sed -i "s|#\?ClamdSocket unix:/run/clamav/clamd.sock|ClamdSocket unix:/tmp/clamd.sock|g" /etc/clamav/clamav-milter.conf; \ - sed -i "s|#\?AddHeader Replace|AddHeader Add|g" /etc/clamav/clamav-milter.conf + sed -i "s|#\?AddHeader Replace|AddHeader Add|g" /etc/clamav/clamav-milter.conf; \ + sed -i "s|#\?Foreground yes|Foreground yes|g" /etc/clamav/clamav-milter.conf COPY --chmod=775 start.sh /start.sh COPY --chmod=775 healthcheck.sh /healthcheck.sh diff --git a/Containers/clamav/supervisord.conf b/Containers/clamav/supervisord.conf index 7aad65ed..e1216df5 100644 --- a/Containers/clamav/supervisord.conf +++ b/Containers/clamav/supervisord.conf @@ -27,4 +27,4 @@ stdout_logfile=/dev/stdout stdout_logfile_maxbytes=0 stderr_logfile=/dev/stderr stderr_logfile_maxbytes=0 -command=clamav-milter --foreground --config-file=/etc/clamav/clamav-milter.conf \ No newline at end of file +command=clamav-milter --config-file=/etc/clamav/clamav-milter.conf \ No newline at end of file