如何将ClamAV集成到PureFTPd中进行病毒扫描在CentOS 6.2上

本教程解释如何将ClamAV集成到PureFTPd中  在CentOS 6.2系统上进行病毒扫描。最后,每当一个文件获取  uplo ...

如何将ClamAV集成到PureFTPd中,以便在CentOS 6.2上进行病毒扫描

本教程将介绍如何将ClamAV集成到PureFTPd中,以便在CentOS 6.2系统上进行病毒扫描。 最后,每当通过PureFTPd上传文件时,ClamAV将检查文件并将其删除,如果它是恶意软件。

1初步说明

您应该在CentOS 6.2服务器上安装一个工作的PureFTPd,例如本教程所示: 使用PureFTPd和MySQL进行虚拟托管(包括配额和带宽管理)在CentOS 6.2上

2安装ClamAV

ClamAV在官方CentOS存储库中不可用,因此我们启用了EPEL存储库(如果您还没有这样做,例如在使用PureFTPd和MySQL(包括配额和带宽管理)在CentOS 6.2教程的虚拟主机中 ):

rpm --import https://fedoraproject.org/static/0608B895.txt
wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-5.noarch.rpm
rpm -ivh epel-release-6-5.noarch.rpm

yum install yum-priorities

编辑/etc/yum.repos.d/epel.repo ...

vi /etc/yum.repos.d/epel.repo

...并将行优先级= 10添加到[epel]部分:

[epel]
name=Extra Packages for Enterprise Linux 6 - $basearch
#baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch
failovermethod=priority
enabled=1
priority=10
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
[...]

之后我们可以安装ClamAV如下:

yum install clamav clamd

接下来,我们为clamd创建系统启动链接并启动它:

chkconfig --levels 235 clamd on
/usr/bin/freshclam

/etc/init.d/clamd start

3配置PureFTPd

首先我们打开/etc/pure-ftpd/pure-ftpd.conf并将CallUploadScript设置为yes

vi /etc/pure-ftpd/pure-ftpd.conf

[...]
# If your pure-ftpd has been compiled with pure-uploadscript support,
# this will make pure-ftpd write info about new uploads to
# /var/run/pure-ftpd.upload.pipe so pure-uploadscript can read it and
# spawn a script to handle the upload.
# Don't enable this option if you don't actually use pure-uploadscript.

CallUploadScript yes
[...]

接下来,我们创建文件/etc/pure-ftpd/clamav_check.sh (每当通过PureFTPd上传文件时,它将调用/ usr / bin / clamdscan)...

vi /etc/pure-ftpd/clamav_check.sh

#!/bin/sh
/usr/bin/clamdscan --remove --quiet --no-summary "$1"

...并使其可执行:

chmod 755 /etc/pure-ftpd/clamav_check.sh

现在我们启动pure-uploadscript程序作为守护进程,每当通过PureFTPd上传文件时,它将会调用我们的/etc/pure-ftpd/clamav_check.sh脚本:

pure-uploadscript -B -r /etc/pure-ftpd/clamav_check.sh

当然,你不想在启动系统时手动启动守护进程 - 因此我们打开/etc/rc.local ...

vi /etc/rc.local

...并将/ usr / sbin / pure-uploadscript -b -r /etc/pure-ftpd/clamav_check.sh添加到其中 - 如下所示:

#!/bin/sh
#
# This script will be executed *after* all the other init scripts.
# You can put your own initialization stuff in here if you don't
# want to do the full Sys V style init stuff.

/usr/sbin/pure-uploadscript -B -r /etc/pure-ftpd/clamav_check.sh
touch /var/lock/subsys/local

最后我们重新启动PureFTPd:

/etc/init.d/pure-ftpd restart

而已! 现在每当有人尝试通过PureFTPd将恶意软件上传到您的服务器时,“坏”文件将被默认删除。