-
Notifications
You must be signed in to change notification settings - Fork 25
/
Copy pathdocker-entrypoint.sh
executable file
·109 lines (94 loc) · 3.36 KB
/
docker-entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
#!/sbin/tini /bin/sh
# SPDX-License-Identifier: GPL-2.0-or-later
#
# Copyright (C) 2021 Olliver Schinagl <[email protected]>
# Copyright (C) 2021-2023 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
#
# A beginning user should be able to docker run image bash (or sh) without
# needing to learn about --entrypoint
# https://github.com/docker-library/official-images#consistency
set -eu
if [ ! -d "/run/clamav" ]; then
install -d -g "clamav" -m 775 -o "clamav" "/run/clamav"
fi
# Assign ownership to the database directory, just in case it is a mounted volume
chown -R clamav:clamav /var/lib/clamav
# configure freshclam.conf and clamd.conf from env variables if present
env | grep "^CLAMD_CONF_" | while IFS="=" read -r KEY VALUE; do
TRIMMED="${KEY#CLAMD_CONF_}"
grep -q "^#$TRIMMED " /etc/clamav/clamd.conf && \
sed -i "s/^#$TRIMMED .*/$TRIMMED $VALUE/" /etc/clamav/clamd.conf || \
sed -i "\$ a\\$TRIMMED $VALUE" /etc/clamav/clamd.conf
done
env | grep "^FRESHCLAM_CONF_" | while IFS="=" read -r KEY VALUE; do
TRIMMED="${KEY#FRESHCLAM_CONF_}"
grep -q "^#$TRIMMED " /etc/clamav/freshclam.conf && \
sed -i "s/^#$TRIMMED .*/$TRIMMED $VALUE/" /etc/clamav/freshclam.conf || \
sed -i "\$ a\\$TRIMMED $VALUE" /etc/clamav/freshclam.conf
done
# run command if it is not starting with a "-" and is an executable in PATH
if [ "${#}" -gt 0 ] && \
[ "${1#-}" = "${1}" ] && \
command -v "${1}" > "/dev/null" 2>&1; then
# Ensure healthcheck always passes
CLAMAV_NO_CLAMD="true" exec "${@}"
else
if [ "${#}" -ge 1 ] && \
[ "${1#-}" != "${1}" ]; then
# If an argument starts with "-" pass it to clamd specifically
exec clamd "${@}"
fi
# else default to running clamav's servers
# Help tiny-init a little
mkdir -p "/run/lock"
ln -f -s "/run/lock" "/var/lock"
# Ensure we have some virus data, otherwise clamd refuses to start
if [ ! -f "/var/lib/clamav/main.cvd" ]; then
echo "Updating initial database"
# Set "TestDatabases no" and remove "NotifyClamd" for initial download
sed -e 's|^\(TestDatabases \)|\#\1|' \
-e '$a TestDatabases no' \
-e 's|^\(NotifyClamd \)|\#\1|' \
/etc/clamav/freshclam.conf > /tmp/freshclam_initial.conf
freshclam --foreground --stdout --config-file=/tmp/freshclam_initial.conf
rm /tmp/freshclam_initial.conf
fi
if [ "${CLAMAV_NO_FRESHCLAMD:-false}" != "true" ]; then
echo "Starting Freshclamd"
freshclam \
--checks="${FRESHCLAM_CHECKS:-1}" \
--daemon \
--foreground \
--stdout \
--user="clamav" \
&
fi
if [ "${CLAMAV_NO_CLAMD:-false}" != "true" ]; then
echo "Starting ClamAV"
if [ -S "/run/clamav/clamd.sock" ]; then
unlink "/run/clamav/clamd.sock"
fi
if [ -S "/tmp/clamd.sock" ]; then
unlink "/tmp/clamd.sock"
fi
clamd --foreground &
while [ ! -S "/run/clamav/clamd.sock" ] && [ ! -S "/tmp/clamd.sock" ]; do
if [ "${_timeout:=0}" -gt "${CLAMD_STARTUP_TIMEOUT:=1800}" ]; then
echo
echo "Failed to start clamd"
exit 1
fi
printf "\r%s" "Socket for clamd not found yet, retrying (${_timeout}/${CLAMD_STARTUP_TIMEOUT}) ..."
sleep 1
_timeout="$((_timeout + 1))"
done
echo "socket found, clamd started."
fi
if [ "${CLAMAV_NO_MILTERD:-true}" != "true" ]; then
echo "Starting clamav milterd"
clamav-milter &
fi
# Wait forever (or until canceled)
exec tail -f "/dev/null"
fi
exit 0