1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
# deploy clamav daemon
class clamav::daemon {
include clamav::daemon::activation
$domain_hash = hiera('domain')
$domain = $domain_hash['full_suffix']
package { [ 'clamav-daemon', 'arj' ]:
ensure => installed;
}
service {
'clamav-daemon':
ensure => running,
name => clamav-daemon,
pattern => '/usr/sbin/clamd',
enable => true,
hasrestart => true,
subscribe => File['/etc/default/clamav-daemon'],
require => Package['clamav-daemon'];
}
file {
'/var/run/clamav':
ensure => directory,
mode => '0750',
owner => clamav,
group => postfix,
require => [Package['postfix'], Package['clamav-daemon']];
'/var/lib/clamav':
mode => '0755',
owner => clamav,
group => clamav,
require => Package['clamav-daemon'];
'/etc/default/clamav-daemon':
source => 'puppet:///modules/clamav/clamav-daemon_default',
mode => '0644',
owner => root,
group => root;
# this file contains additional domains that we want the clamav
# phishing process to look for (our domain)
'/var/lib/clamav/local.pdb':
content => template('clamav/local.pdb.erb'),
mode => '0644',
owner => clamav,
group => clamav,
require => Package['clamav-daemon'];
}
file_line {
'clamav_daemon_tmp':
path => '/etc/clamav/clamd.conf',
line => 'TemporaryDirectory /var/tmp',
require => Package['clamav-daemon'],
notify => Service['clamav-daemon'];
'enable_phishscanurls':
path => '/etc/clamav/clamd.conf',
match => 'PhishingScanURLs no',
line => 'PhishingScanURLs yes',
require => Package['clamav-daemon'],
notify => Service['clamav-daemon'];
'clamav_LogSyslog_true':
path => '/etc/clamav/clamd.conf',
match => '^LogSyslog false',
line => 'LogSyslog true',
require => Package['clamav-daemon'],
notify => Service['clamav-daemon'];
'clamav_MaxThreads':
path => '/etc/clamav/clamd.conf',
match => 'MaxThreads 20',
line => 'MaxThreads 100',
require => Package['clamav-daemon'],
notify => Service['clamav-daemon'];
}
# remove LogFile line
file_line {
'clamav_LogFile':
path => '/etc/clamav/clamd.conf',
match => '^LogFile .*',
line => '',
require => Package['clamav-daemon'],
notify => Service['clamav-daemon'];
}
}
|