Virus Scan with kav4fs

Prerequisite

Assume you have installed Kaspersky Anti-Virus for Linux File Server on the Seafile Server machine.

If the user that runs Seafile Server is not root, it should have sudoers privilege to avoid writing password when running kav4fs-control. Add following content to /etc/sudoers:

  1. <user of running seafile server>    ALL=(ALL:ALL) ALL
  2. <user of running seafile server> ALL=NOPASSWD: /opt/kaspersky/kav4fs/bin/kav4fs-control

Script

As the return code of kav4fs cannot reflect the file scan result, we use a shell wrapper script to parse the scan output and based on the parse result to return different return codes to reflect the scan result.

Save following contents to a file such as kav4fs_scan.sh:

  1. #!/bin/bash
  3. TEMP_LOG_FILE=`mktemp /tmp/XXXXXXXXXX`
  4. VIRUS_FOUND=1
  5. CLEAN=0
  6. UNDEFINED=2
  7. KAV4FS='/opt/kaspersky/kav4fs/bin/kav4fs-control'
  8. if [ ! -x $KAV4FS ]
  9. then
  10.     echo "Binary not executable"
  11.     exit $UNDEFINED
  12. fi
  14. sudo $KAV4FS --scan-file "$1" > $TEMP_LOG_FILE
  15. if [ "$?" -ne 0 ]
  16. then
  17.     echo "Error due to check file '$1'"
  18.     exit 3
  19. fi
  20. THREATS_C=`grep 'Threats found:' $TEMP_LOG_FILE|cut -d':' -f 2|sed 's/ //g'`
  21. RISKWARE_C=`grep 'Riskware found:' $TEMP_LOG_FILE|cut -d':' -f 2|sed 's/ //g'`
  22. INFECTED=`grep 'Infected:' $TEMP_LOG_FILE|cut -d':' -f 2|sed 's/ //g'`
  23. SUSPICIOUS=`grep 'Suspicious:' $TEMP_LOG_FILE|cut -d':' -f 2|sed 's/ //g'`
  24. SCAN_ERRORS_C=`grep 'Scan errors:' $TEMP_LOG_FILE|cut -d':' -f 2|sed 's/ //g'`
  25. PASSWORD_PROTECTED=`grep 'Password protected:' $TEMP_LOG_FILE|cut -d':' -f 2|sed 's/ //g'`
  26. CORRUPTED=`grep 'Corrupted:' $TEMP_LOG_FILE|cut -d':' -f 2|sed 's/ //g'`
  28. rm -f $TEMP_LOG_FILE
  30. if [ $THREATS_C -gt 0 -o $RISKWARE_C -gt 0 -o $INFECTED -gt 0 -o $SUSPICIOUS -gt 0 ]
  31. then
  32.     exit $VIRUS_FOUND
  33. elif [ $SCAN_ERRORS_C -gt 0 -o $PASSWORD_PROTECTED -gt 0 -o $CORRUPTED -gt 0 ]
  34. then
  35.     exit $UNDEFINED
  36. else
  37.     exit $CLEAN
  38. fi

Grant execute permissions for the script (make sure it is owned by the user Seafile is running as):

  1. chmod u+x kav4fs_scan.sh

The meaning of the script return code:

  1. 1: found virus
  2. 0: no virus
  3. other: scan failed

Configuration

Add following content to seafile.conf:

  1. [virus_scan]
  2. scan_command = <absolute path of kav4fs_scan.sh>
  3. virus_code = 1
  4. nonvirus_code = 0
  5. scan_interval = <scanning interval, in unit of minutes, default to 60 minutes>