Virus Scan with kav4fs

Prerequisite

Assume you have installed Kaspersky Anti-Virus for Linux File Server on the Seafile Server machine.

If the user that runs Seafile Server is not root, it should have sudoers privilege to avoid writing password when running kav4fs-control. Add following content to /etc/sudoers:

  1. <user of running seafile server> ALL=(ALL:ALL) ALL
  2. <user of running seafile server> ALL=NOPASSWD: /opt/kaspersky/kav4fs/bin/kav4fs-control

Script

As the return code of kav4fs cannot reflect the file scan result, we use a shell wrapper script to parse the scan output and based on the parse result to return different return codes to reflect the scan result.

Save following contents to a file such as kav4fs_scan.sh:

  1. #!/bin/bash
  2. TEMP_LOG_FILE=`mktemp /tmp/XXXXXXXXXX`
  3. VIRUS_FOUND=1
  4. CLEAN=0
  5. UNDEFINED=2
  6. KAV4FS='/opt/kaspersky/kav4fs/bin/kav4fs-control'
  7. if [ ! -x $KAV4FS ]
  8. then
  9. echo "Binary not executable"
  10. exit $UNDEFINED
  11. fi
  12. sudo $KAV4FS --scan-file "$1" > $TEMP_LOG_FILE
  13. if [ "$?" -ne 0 ]
  14. then
  15. echo "Error due to check file '$1'"
  16. exit 3
  17. fi
  18. THREATS_C=`grep 'Threats found:' $TEMP_LOG_FILE|cut -d':' -f 2|sed 's/ //g'`
  19. RISKWARE_C=`grep 'Riskware found:' $TEMP_LOG_FILE|cut -d':' -f 2|sed 's/ //g'`
  20. INFECTED=`grep 'Infected:' $TEMP_LOG_FILE|cut -d':' -f 2|sed 's/ //g'`
  21. SUSPICIOUS=`grep 'Suspicious:' $TEMP_LOG_FILE|cut -d':' -f 2|sed 's/ //g'`
  22. SCAN_ERRORS_C=`grep 'Scan errors:' $TEMP_LOG_FILE|cut -d':' -f 2|sed 's/ //g'`
  23. PASSWORD_PROTECTED=`grep 'Password protected:' $TEMP_LOG_FILE|cut -d':' -f 2|sed 's/ //g'`
  24. CORRUPTED=`grep 'Corrupted:' $TEMP_LOG_FILE|cut -d':' -f 2|sed 's/ //g'`
  25. rm -f $TEMP_LOG_FILE
  26. if [ $THREATS_C -gt 0 -o $RISKWARE_C -gt 0 -o $INFECTED -gt 0 -o $SUSPICIOUS -gt 0 ]
  27. then
  28. exit $VIRUS_FOUND
  29. elif [ $SCAN_ERRORS_C -gt 0 -o $PASSWORD_PROTECTED -gt 0 -o $CORRUPTED -gt 0 ]
  30. then
  31. exit $UNDEFINED
  32. else
  33. exit $CLEAN
  34. fi

Grant execute permissions for the script (make sure it is owned by the user Seafile is running as):

  1. chmod u+x kav4fs_scan.sh

The meaning of the script return code:

  1. 1: found virus
  2. 0: no virus
  3. other: scan failed

Configuration

Add following content to seafile.conf:

  1. [virus_scan]
  2. scan_command = <absolute path of kav4fs_scan.sh>
  3. virus_code = 1
  4. nonvirus_code = 0
  5. scan_interval = <scanning interval, in unit of minutes, default to 60 minutes>