numbus/numbus-server-module
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix clamAV onacc service.

Browse Source
This commit is contained in:
Raphaël Numbus
2026-03-01 17:39:30 +01:00
parent 65e1ba4ed2
commit d384fe1f7c
2 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/mail/clamav.nix
+6
View File
@@ -21,6 +21,9 @@ let
# --- Real-time / VirusEvent Mode --- # --- Real-time / VirusEvent Mode ---
SUBJECT="Numbus Server Alert: Virus Detected (Real-time)" SUBJECT="Numbus Server Alert: Virus Detected (Real-time)"
# Retrieve logs from clamav-daemon
LOGS=$(journalctl -u clamav-daemon.service -n 50 --no-pager | grep "FOUND")
TECH_BODY=" TECH_BODY="
ClamAV Real-time Alert: ClamAV Real-time Alert:
Server owner: $OWNER_NAME Server owner: $OWNER_NAME
@@ -28,6 +31,9 @@ let
Virus detected: $CLAM_VIRUSEVENT_VIRUSNAME Virus detected: $CLAM_VIRUSEVENT_VIRUSNAME
File: $CLAM_VIRUSEVENT_FILENAME File: $CLAM_VIRUSEVENT_FILENAME
Logs:
$LOGS
Action taken: Access blocked (OnAccessPrevention). Action taken: Access blocked (OnAccessPrevention).
Please investigate manually. Please investigate manually.
" "
modules/services/clamav.nix
+9 -1
View File
@@ -7,6 +7,14 @@ let
onAccessPaths = lib.mapAttrsToList (n: v: v.dataDir) (lib.filterAttrs (n: v: onAccessPaths = lib.mapAttrsToList (n: v: v.dataDir) (lib.filterAttrs (n: v:
v ? enable && v.enable && v ? dataDir && v.dataDir != null && v.dataDir != false v ? enable && v.enable && v ? dataDir && v.dataDir != null && v.dataDir != false
) config.numbus.services); ) config.numbus.services);
clamonacc_virus_notifier = pkgs.writeScript "clamonacc_virus_notifier.sh" ''
#!${pkgs.bash}/bin/bash
echo "CLAM_VIRUSEVENT_VIRUSNAME=\"$CLAM_VIRUSEVENT_VIRUSNAME\"" > /var/lib/clamav/virus_event.env
echo "CLAM_VIRUSEVENT_FILENAME=\"$CLAM_VIRUSEVENT_FILENAME\"" >> /var/lib/clamav/virus_event.env
/run/wrappers/bin/sudo /run/current-system/sw/bin/systemctl start clamav-virus-notify.service
'';
in in
{ {
@@ -46,7 +54,7 @@ in
settings = { settings = {
OnAccessPrevention = true; OnAccessPrevention = true;
OnAccessIncludePath = onAccessPaths; OnAccessIncludePath = onAccessPaths;
VirusEvent = "/run/current-system/sw/bin/systemctl start clamav-virus-notify.service"; VirusEvent = "${clamonacc_virus_notifier}";
}; };
}; };
}; };