aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-security
diff options
context:
space:
mode:
authorArmin Kuster <akuster808@gmail.com>2020-03-18 02:30:11 +0000
committerArmin Kuster <akuster808@gmail.com>2020-03-27 16:53:25 -0700
commite4a2dd0b4a7985c650d976931bb468c32a948dc4 (patch)
treee00bbac7d90dbc652e21d52318d7ac5c9312856d /recipes-security
parent4447296ca32c1d1835ef05f6e7afcf9c3f61453f (diff)
downloadmeta-security-e4a2dd0b4a7985c650d976931bb468c32a948dc4.tar.gz
meta-security-e4a2dd0b4a7985c650d976931bb468c32a948dc4.tar.bz2
meta-security-e4a2dd0b4a7985c650d976931bb468c32a948dc4.zip
clamav: move to recipes-scanners
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Diffstat (limited to 'recipes-security')
-rw-r--r--recipes-security/clamav/clamav_0.101.5.bb169
-rw-r--r--recipes-security/clamav/files/clamav-freshclam.service12
-rw-r--r--recipes-security/clamav/files/clamav-milter.conf.sample293
-rw-r--r--recipes-security/clamav/files/clamav.service17
-rw-r--r--recipes-security/clamav/files/clamd.conf595
-rw-r--r--recipes-security/clamav/files/freshclam-native.conf224
-rw-r--r--recipes-security/clamav/files/freshclam.conf224
-rw-r--r--recipes-security/clamav/files/tmpfiles.clamav3
-rw-r--r--recipes-security/clamav/files/volatiles.03_clamav3
9 files changed, 0 insertions, 1540 deletions
diff --git a/recipes-security/clamav/clamav_0.101.5.bb b/recipes-security/clamav/clamav_0.101.5.bb
deleted file mode 100644
index f4625b1..0000000
--- a/recipes-security/clamav/clamav_0.101.5.bb
+++ /dev/null
@@ -1,169 +0,0 @@
-SUMMARY = "ClamAV anti-virus utility for Unix - command-line interface"
-DESCRIPTION = "ClamAV is an open source antivirus engine for detecting trojans, viruses, malware & other malicious threats."
-HOMEPAGE = "http://www.clamav.net/index.html"
-SECTION = "security"
-LICENSE = "LGPL-2.1"
-
-DEPENDS = "libtool db libxml2 openssl zlib curl llvm clamav-native libmspack bison-native"
-DEPENDS_class-native = "db-native openssl-native zlib-native llvm-native curl-native bison-native"
-
-LIC_FILES_CHKSUM = "file://COPYING.LGPL;beginline=2;endline=3;md5=4b89c05acc71195e9a06edfa2fa7d092"
-
-SRCREV = "482fcd413b07e9fd3ef9850e6d01a45f4e187108"
-
-SRC_URI = "git://github.com/vrtadmin/clamav-devel;branch=rel/0.101 \
- file://clamd.conf \
- file://freshclam.conf \
- file://volatiles.03_clamav \
- file://tmpfiles.clamav \
- file://${BPN}.service \
- file://freshclam-native.conf \
- "
-
-S = "${WORKDIR}/git"
-
-LEAD_SONAME = "libclamav.so"
-SO_VER = "9.0.2"
-
-inherit autotools pkgconfig useradd systemd
-
-CLAMAV_UID ?= "clamav"
-CLAMAV_GID ?= "clamav"
-INSTALL_CLAMAV_CVD ?= "1"
-
-CLAMAV_USR_DIR = "${STAGING_DIR_NATIVE}/usr"
-CLAMAV_USR_DIR_class-target = "${STAGING_DIR_HOST}/usr"
-
-PACKAGECONFIG_class-target ?= "ncurses bz2"
-PACKAGECONFIG_class-target += " ${@bb.utils.contains("DISTRO_FEATURES", "ipv6", "ipv6", "", d)}"
-PACKAGECONFIG_class-target += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}"
-
-PACKAGECONFIG[pcre] = "--with-pcre=${STAGING_LIBDIR}, --without-pcre, libpcre"
-PACKAGECONFIG[json] = "--with-libjson=${STAGING_LIBDIR}, --without-libjson, json-c,"
-PACKAGECONFIG[ipv6] = "--enable-ipv6, --disable-ipv6"
-PACKAGECONFIG[bz2] = "--with-libbz2-prefix=${CLAMAV_USR_DIR}, --disable-bzip2, bzip2"
-PACKAGECONFIG[ncurses] = "--with-libncurses-prefix=${CLAMAV_USR_DIR}, --without-libncurses-prefix, ncurses, "
-PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/, --without-systemdsystemunitdir, "
-
-EXTRA_OECONF_CLAMAV = "--without-libcheck-prefix --disable-unrar \
- --disable-mempool \
- --program-prefix="" \
- --disable-zlib-vcheck \
- --with-xml=${CLAMAV_USR_DIR} \
- --with-zlib=${CLAMAV_USR_DIR} \
- --with-openssl=${CLAMAV_USR_DIR} \
- --with-libcurl=${CLAMAV_USR_DIR} \
- --with-system-libmspack=${CLAMAV_USR_DIR} \
- --with-iconv=no \
- --enable-check=no \
- "
-
-EXTRA_OECONF_class-native += "${EXTRA_OECONF_CLAMAV}"
-EXTRA_OECONF_class-target += "--with-user=${CLAMAV_UID} --with-group=${CLAMAV_GID} ${EXTRA_OECONF_CLAMAV}"
-
-do_configure () {
- ${S}/configure ${CONFIGUREOPTS} ${EXTRA_OECONF}
-}
-
-do_configure_class-native () {
- ${S}/configure ${CONFIGUREOPTS} ${EXTRA_OECONF}
-}
-
-do_compile_append_class-target() {
- if [ "${INSTALL_CLAMAV_CVD}" = "1" ]; then
- bbnote "CLAMAV creating cvd"
- install -d ${S}/clamav_db
- ${STAGING_BINDIR_NATIVE}/freshclam --datadir=${S}/clamav_db --config=${WORKDIR}/freshclam-native.conf
- fi
-}
-
-do_install_append_class-target () {
- install -d ${D}/${sysconfdir}
- install -d ${D}/${localstatedir}/lib/clamav
- install -d ${D}${sysconfdir}/clamav ${D}${sysconfdir}/default/volatiles
-
- install -m 644 ${WORKDIR}/clamd.conf ${D}/${sysconfdir}
- install -m 644 ${WORKDIR}/freshclam.conf ${D}/${sysconfdir}
- install -m 0644 ${WORKDIR}/volatiles.03_clamav ${D}${sysconfdir}/default/volatiles/volatiles.03_clamav
- sed -i -e 's#${STAGING_DIR_HOST}##g' ${D}${libdir}/pkgconfig/libclamav.pc
- rm ${D}/${libdir}/libclamav.so
- install -m 666 ${S}/clamav_db/* ${D}/${localstatedir}/lib/clamav/.
- if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)};then
- install -D -m 0644 ${WORKDIR}/clamav.service ${D}${systemd_unitdir}/system/clamav.service
- install -d ${D}${sysconfdir}/tmpfiles.d
- install -m 0644 ${WORKDIR}/tmpfiles.clamav ${D}${sysconfdir}/tmpfiles.d/clamav.conf
- fi
-}
-
-pkg_postinst_ontarget_${PN} () {
- if command -v systemd-tmpfiles >/dev/null; then
- systemd-tmpfiles --create ${sysconfdir}/tmpfiles.d/clamav.conf
- elif [ -e ${sysconfdir}/init.d/populate-volatile.sh ]; then
- ${sysconfdir}/init.d/populate-volatile.sh update
- fi
- mkdir -p ${localstatedir}/lib/clamav
- chown -R ${CLAMAV_UID}:${CLAMAV_GID} ${localstatedir}/lib/clamav
-}
-
-
-PACKAGES = "${PN} ${PN}-dev ${PN}-dbg ${PN}-daemon ${PN}-doc ${PN}-cvd \
- ${PN}-clamdscan ${PN}-freshclam ${PN}-libclamav ${PN}-staticdev"
-
-FILES_${PN} = "${bindir}/clambc ${bindir}/clamscan ${bindir}/clamsubmit \
- ${bindir}/*sigtool ${mandir}/man1/clambc* ${mandir}/man1/clamscan* \
- ${mandir}/man1/sigtool* ${mandir}/man1/clambsubmit* \
- ${docdir}/clamav/* "
-
-FILES_${PN}-clamdscan = " ${bindir}/clamdscan \
- ${docdir}/clamdscan/* \
- ${mandir}/man1/clamdscan* \
- "
-
-FILES_${PN}-daemon = "${bindir}/clamconf ${bindir}/clamdtop ${sbindir}/clamd \
- ${mandir}/man1/clamconf* ${mandir}/man1/clamdtop* \
- ${mandir}/man5/clamd* ${mandir}/man8/clamd* \
- ${sysconfdir}/clamd.conf* \
- ${systemd_unitdir}/system/clamav-daemon/* \
- ${docdir}/clamav-daemon/* ${sysconfdir}/clamav-daemon \
- ${sysconfdir}/logcheck/ignore.d.server/clamav-daemon "
-
-FILES_${PN}-freshclam = "${bindir}/freshclam \
- ${sysconfdir}/freshclam.conf* \
- ${sysconfdir}/clamav ${sysconfdir}/default/volatiles \
- ${sysconfdir}/tmpfiles.d/*.conf \
- ${localstatedir}/lib/clamav \
- ${docdir}/${PN}-freshclam ${mandir}/man1/freshclam.* \
- ${mandir}/man5/freshclam.conf.* \
- ${systemd_unitdir}/system/clamav-freshclam.service"
-
-FILES_${PN}-dev = " ${bindir}/clamav-config ${libdir}/*.la \
- ${libdir}/pkgconfig/*.pc \
- ${mandir}/man1/clamav-config.* \
- ${includedir}/*.h ${docdir}/libclamav* "
-
-FILES_${PN}-staticdev = "${libdir}/*.a"
-
-FILES_${PN}-libclamav = "${libdir}/libclamav.so* ${libdir}/libclammspack.so*\
- ${docdir}/libclamav/* "
-
-FILES_${PN}-doc = "${mandir}/man/* \
- ${datadir}/man/* \
- ${docdir}/* "
-
-FILES_${PN}-cvd = "${localstatedir}/lib/clamav/*.cvd ${localstatedir}/lib/clamav/*.dat"
-
-USERADD_PACKAGES = "${PN}"
-GROUPADD_PARAM_${PN} = "--system ${CLAMAV_UID}"
-USERADD_PARAM_${PN} = "--system -g ${CLAMAV_GID} --home-dir \
- ${localstatedir}/spool/${BPN} \
- --no-create-home --shell /bin/false ${BPN}"
-
-RPROVIDES_${PN} += "${PN}-systemd"
-RREPLACES_${PN} += "${PN}-systemd"
-RCONFLICTS_${PN} += "${PN}-systemd"
-SYSTEMD_SERVICE_${PN} = "${BPN}.service"
-
-RDEPENDS_${PN} = "openssl ncurses-libncurses libxml2 libbz2 ncurses-libtinfo curl libpcre2 clamav-freshclam clamav-libclamav"
-RDEPENDS_${PN}_class-native = ""
-
-BBCLASSEXTEND = "native"
diff --git a/recipes-security/clamav/files/clamav-freshclam.service b/recipes-security/clamav/files/clamav-freshclam.service
deleted file mode 100644
index 0c909fb..0000000
--- a/recipes-security/clamav/files/clamav-freshclam.service
+++ /dev/null
@@ -1,12 +0,0 @@
-[Unit]
-Description=ClamAV virus database updater
-Documentation=man:freshclam(1) man:freshclam.conf(5) http://www.clamav.net/lang/en/doc/
-# If user wants it run from cron, don't start the daemon.
-ConditionPathExists=!/etc/cron.d/clamav-freshclam
-
-[Service]
-ExecStart=/usr/bin/freshclam -d --foreground=true
-StandardOutput=syslog
-
-[Install]
-WantedBy=multi-user.target
diff --git a/recipes-security/clamav/files/clamav-milter.conf.sample b/recipes-security/clamav/files/clamav-milter.conf.sample
deleted file mode 100644
index ed0d519..0000000
--- a/recipes-security/clamav/files/clamav-milter.conf.sample
+++ /dev/null
@@ -1,293 +0,0 @@
-##
-## Example config file for clamav-milter
-##
-
-# Comment or remove the line below.
-Example
-
-
-##
-## Main options
-##
-
-# Define the interface through which we communicate with sendmail
-# This option is mandatory! Possible formats are:
-# [[unix|local]:]/path/to/file - to specify a unix domain socket
-# inet:port@[hostname|ip-address] - to specify an ipv4 socket
-# inet6:port@[hostname|ip-address] - to specify an ipv6 socket
-#
-# Default: no default
-#MilterSocket /tmp/clamav-milter.socket
-#MilterSocket inet:7357
-
-# Define the group ownership for the (unix) milter socket.
-# Default: disabled (the primary group of the user running clamd)
-#MilterSocketGroup virusgroup
-
-# Sets the permissions on the (unix) milter socket to the specified mode.
-# Default: disabled (obey umask)
-#MilterSocketMode 660
-
-# Remove stale socket after unclean shutdown.
-#
-# Default: yes
-#FixStaleSocket yes
-
-# Run as another user (clamav-milter must be started by root for this option to work)
-#
-# Default: unset (don't drop privileges)
-#User clamav
-
-# Initialize supplementary group access (clamav-milter must be started by root).
-#
-# Default: no
-#AllowSupplementaryGroups no
-
-# Waiting for data from clamd will timeout after this time (seconds).
-# Value of 0 disables the timeout.
-#
-# Default: 120
-#ReadTimeout 300
-
-# Don't fork into background.
-#
-# Default: no
-#Foreground yes
-
-# Chroot to the specified directory.
-# Chrooting is performed just after reading the config file and before dropping privileges.
-#
-# Default: unset (don't chroot)
-#Chroot /newroot
-
-# This option allows you to save a process identifier of the listening
-# daemon (main thread).
-#
-# Default: disabled
-#PidFile /var/run/clamav/clamav-milter.pid
-
-# Optional path to the global temporary directory.
-# Default: system specific (usually /tmp or /var/tmp).
-#
-#TemporaryDirectory /var/tmp
-
-##
-## Clamd options
-##
-
-# Define the clamd socket to connect to for scanning.
-# This option is mandatory! Syntax:
-# ClamdSocket unix:path
-# ClamdSocket tcp:host:port
-# The first syntax specifies a local unix socket (needs an absolute path) e.g.:
-# ClamdSocket unix:/var/run/clamd/clamd.socket
-# The second syntax specifies a tcp local or remote tcp socket: the
-# host can be a hostname or an ip address; the ":port" field is only required
-# for IPv6 addresses, otherwise it defaults to 3310, e.g.:
-# ClamdSocket tcp:192.168.0.1
-#
-# This option can be repeated several times with different sockets or even
-# with the same socket: clamd servers will be selected in a round-robin fashion.
-#
-# Default: no default
-ClamdSocket /var/run/clamav/clamd
-
-
-##
-## Exclusions
-##
-
-# Messages originating from these hosts/networks will not be scanned
-# This option takes a host(name)/mask pair in CIRD notation and can be
-# repeated several times. If "/mask" is omitted, a host is assumed.
-# To specify a locally orignated, non-smtp, email use the keyword "local"
-#
-# Default: unset (scan everything regardless of the origin)
-#LocalNet local
-#LocalNet 192.168.0.0/24
-#LocalNet 1111:2222:3333::/48
-
-# This option specifies a file which contains a list of basic POSIX regular
-# expressions. Addresses (sent to or from - see below) matching these regexes
-# will not be scanned. Optionally each line can start with the string "From:"
-# or "To:" (note: no whitespace after the colon) indicating if it is,
-# respectively, the sender or recipient that is to be whitelisted.
-# If the field is missing, "To:" is assumed.
-# Lines starting with #, : or ! are ignored.
-#
-# Default unset (no exclusion applied)
-#Whitelist /etc/whitelisted_addresses
-
-# Messages from authenticated SMTP users matching this extended POSIX
-# regular expression (egrep-like) will not be scanned.
-# As an alternative, a file containing a plain (not regex) list of names (one
-# per line) can be specified using the prefix "file:".
-# e.g. SkipAuthenticated file:/etc/good_guys
-#
-# Note: this is the AUTH login name!
-#
-# Default: unset (no whitelisting based on SMTP auth)
-#SkipAuthenticated ^(tom|dick|henry)$
-
-# Messages larger than this value won't be scanned.
-# Make sure this value is lower or equal than StreamMaxLength in clamd.conf
-#
-# Default: 25M
-#MaxFileSize 10M
-
-
-##
-## Actions
-##
-
-# The following group of options controls the delievery process under
-# different circumstances.
-# The following actions are available:
-# - Accept
-# The message is accepted for delievery
-# - Reject
-# Immediately refuse delievery (a 5xx error is returned to the peer)
-# - Defer
-# Return a temporary failure message (4xx) to the peer
-# - Blackhole (not available for OnFail)
-# Like Accept but the message is sent to oblivion
-# - Quarantine (not available for OnFail)
-# Like Accept but message is quarantined instead of being delivered
-#
-# NOTE: In Sendmail the quarantine queue can be examined via mailq -qQ
-# For Postfix this causes the message to be placed on hold
-#
-# Action to be performed on clean messages (mostly useful for testing)
-# Default: Accept
-#OnClean Accept
-
-# Action to be performed on infected messages
-# Default: Quarantine
-#OnInfected Quarantine
-
-# Action to be performed on error conditions (this includes failure to
-# allocate data structures, no scanners available, network timeouts,
-# unknown scanner replies and the like)
-# Default: Defer
-#OnFail Defer
-
-# This option allows to set a specific rejection reason for infected messages
-# and it's therefore only useful together with "OnInfected Reject"
-# The string "%v", if present, will be replaced with the virus name.
-# Default: MTA specific
-#RejectMsg
-
-# If this option is set to "Replace" (or "Yes"), an "X-Virus-Scanned" and an
-# "X-Virus-Status" headers will be attached to each processed message, possibly
-# replacing existing headers.
-# If it is set to Add, the X-Virus headers are added possibly on top of the
-# existing ones.
-# Note that while "Replace" can potentially break DKIM signatures, "Add" may
-# confuse procmail and similar filters.
-# Default: no
-#AddHeader Replace
-
-# When AddHeader is in use, this option allows to arbitrary set the reported
-# hostname. This may be desirable in order to avoid leaking internal names.
-# If unset the real machine name is used.
-# Default: disabled
-#ReportHostname my.mail.server.name
-
-# Execute a command (possibly searching PATH) when an infected message is found.
-# The following parameters are passed to the invoked program in this order:
-# virus name, queue id, sender, destination, subject, message id, message date.
-# Note #1: this requires MTA macroes to be available (see LogInfected below)
-# Note #2: the process is invoked in the context of clamav-milter
-# Note #3: clamav-milter will wait for the process to exit. Be quick or fork to
-# avoid unnecessary delays in email delievery
-# Default: disabled
-#VirusAction /usr/local/bin/my_infected_message_handler
-
-##
-## Logging options
-##
-
-# Uncomment this option to enable logging.
-# LogFile must be writable for the user running daemon.
-# A full path is required.
-#
-# Default: disabled
-#LogFile /var/log/clamav/clamav-milter.log
-
-# By default the log file is locked for writing - the lock protects against
-# running clamav-milter multiple times.
-# This option disables log file locking.
-#
-# Default: no
-#LogFileUnlock yes
-
-# Maximum size of the log file.
-# Value of 0 disables the limit.
-# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
-# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
-# in bytes just don't use modifiers. If LogFileMaxSize is enabled, log
-# rotation (the LogRotate option) will always be enabled.
-#
-# Default: 1M
-#LogFileMaxSize 2M
-
-# Log time with each message.
-#
-# Default: no
-#LogTime yes
-
-# Use system logger (can work together with LogFile).
-#
-# Default: no
-#LogSyslog yes
-
-# Specify the type of syslog messages - please refer to 'man syslog'
-# for facility names.
-#
-# Default: LOG_LOCAL6
-#LogFacility LOG_MAIL
-
-# Enable verbose logging.
-#
-# Default: no
-#LogVerbose yes
-
-# Enable log rotation. Always enabled when LogFileMaxSize is enabled.
-# Default: no
-#LogRotate yes
-
-# This option allows to tune what is logged when a message is infected.
-# Possible values are Off (the default - nothing is logged),
-# Basic (minimal info logged), Full (verbose info logged)
-# Note:
-# For this to work properly in sendmail, make sure the msg_id, mail_addr,
-# rcpt_addr and i macroes are available in eom. In other words add a line like:
-# Milter.macros.eom={msg_id}, {mail_addr}, {rcpt_addr}, i
-# to your .cf file. Alternatively use the macro:
-# define(`confMILTER_MACROS_EOM', `{msg_id}, {mail_addr}, {rcpt_addr}, i')
-# Postfix should be working fine with the default settings.
-#
-# Default: disabled
-#LogInfected Basic
-
-# This option allows to tune what is logged when no threat is found in a scanned message.
-# See LogInfected for possible values and caveats.
-# Useful in debugging but drastically increases the log size.
-# Default: disabled
-#LogClean Basic
-
-# This option affects the behaviour of LogInfected, LogClean and VirusAction
-# when a message with multiple recipients is scanned:
-# If SupportMultipleRecipients is off (the default)
-# then one single log entry is generated for the message and, in case the
-# message is determined to be malicious, the command indicated by VirusAction
-# is executed just once. In both cases only the last recipient is reported.
-# If SupportMultipleRecipients is on:
-# then one line is logged for each recipient and the command indicated
-# by VirusAction is also executed once for each recipient.
-#
-# Note: although it's probably a good idea to enable this option, the default value
-# is currently set to off for legacy reasons.
-# Default: no
-#SupportMultipleRecipients yes
-
diff --git a/recipes-security/clamav/files/clamav.service b/recipes-security/clamav/files/clamav.service
deleted file mode 100644
index f13191f..0000000
--- a/recipes-security/clamav/files/clamav.service
+++ /dev/null
@@ -1,17 +0,0 @@
-[Unit]
-Description=Clam AntiVirus userspace daemon
-Documentation=man:clamd(8) man:clamd.conf(5) http://www.clamav.net/lang/en/doc/
-Requires=clamav-daemon.socket
-# Check for database existence
-ConditionPathExistsGlob=/usr/share/clamav/main.{c[vl]d,inc}
-ConditionPathExistsGlob=/usr/share/clamav/daily.{c[vl]d,inc}
-
-[Service]
-ExecStart=/usr/sbin/clamd --foreground=true
-# Reload the database
-ExecReload=/bin/kill -USR2 $MAINPID
-StandardOutput=syslog
-
-[Install]
-WantedBy=multi-user.target
-Also=clamav-daemon.socket
diff --git a/recipes-security/clamav/files/clamd.conf b/recipes-security/clamav/files/clamd.conf
deleted file mode 100644
index 0457785..0000000
--- a/recipes-security/clamav/files/clamd.conf
+++ /dev/null
@@ -1,595 +0,0 @@
-# Uncomment this option to enable logging.
-# LogFile must be writable for the user running daemon.
-# A full path is required.
-# Default: disabled
-LogFile /tmp/clamd.log
-
-# By default the log file is locked for writing - the lock protects against
-# running clamd multiple times (if want to run another clamd, please
-# copy the configuration file, change the LogFile variable, and run
-# the daemon with --config-file option).
-# This option disables log file locking.
-# Default: no
-LogFileUnlock yes
-
-# Maximum size of the log file.
-# Value of 0 disables the limit.
-# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
-# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size
-# in bytes just don't use modifiers. If LogFileMaxSize is enabled, log
-# rotation (the LogRotate option) will always be enabled.
-# Default: 1M
-LogFileMaxSize 2M
-
-# Log time with each message.
-# Default: no
-LogTime yes
-
-# Also log clean files. Useful in debugging but drastically increases the
-# log size.
-# Default: no
-#LogClean yes
-
-# Use system logger (can work together with LogFile).
-# Default: no
-#LogSyslog yes
-
-# Specify the type of syslog messages - please refer to 'man syslog'
-# for facility names.
-# Default: LOG_LOCAL6
-#LogFacility LOG_MAIL
-
-# Enable verbose logging.
-# Default: no
-#LogVerbose yes
-
-# Enable log rotation. Always enabled when LogFileMaxSize is enabled.
-# Default: no
-#LogRotate yes
-
-# Log additional information about the infected file, such as its
-# size and hash, together with the virus name.
-ExtendedDetectionInfo yes
-
-# This option allows you to save a process identifier of the listening
-# daemon (main thread).
-# Default: disabled
-PidFile /var/run/clamd.pid
-
-# Optional path to the global temporary directory.
-# Default: system specific (usually /tmp or /var/tmp).
-TemporaryDirectory /var/tmp
-
-# Path to the database directory.
-# Default: hardcoded (depends on installation options)
-DatabaseDirectory /var/lib/clamav
-
-# Only load the official signatures published by the ClamAV project.
-# Default: no
-#OfficialDatabaseOnly no
-
-# The daemon can work in local mode, network mode or both.
-# Due to security reasons we recommend the local mode.
-
-# Path to a local socket file the daemon will listen on.
-# Default: disabled (must be specified by a user)
-LocalSocket /tmp/clamd.socket
-
-# Sets the group ownership on the unix socket.
-# Default: disabled (the primary group of the user running clamd)
-#LocalSocketGroup virusgroup
-
-# Sets the permissions on the unix socket to the specified mode.
-# Default: disabled (socket is world accessible)
-#LocalSocketMode 660
-
-# Remove stale socket after unclean shutdown.
-# Default: yes
-#FixStaleSocket yes
-
-# TCP port address.
-# Default: no
-#TCPSocket 3310
-
-# TCP address.
-# By default we bind to INADDR_ANY, probably not wise.
-# Enable the following to provide some degree of protection
-# from the outside world. This option can be specified multiple
-# times if you want to listen on multiple IPs. IPv6 is now supported.
-# Default: no
-#TCPAddr 127.0.0.1
-
-# Maximum length the queue of pending connections may grow to.
-# Default: 200
-#MaxConnectionQueueLength 30
-
-# Clamd uses FTP-like protocol to receive data from remote clients.
-# If you are using clamav-milter to balance load between remote clamd daemons
-# on firewall servers you may need to tune the options below.
-
-# Close the connection when the data size limit is exceeded.
-# The value should match your MTA's limit for a maximum attachment size.
-# Default: 25M
-#StreamMaxLength 10M
-
-# Limit port range.
-# Default: 1024
-#StreamMinPort 30000
-# Default: 2048
-#StreamMaxPort 32000
-
-# Maximum number of threads running at the same time.
-# Default: 10
-#MaxThreads 20
-
-# Waiting for data from a client socket will timeout after this time (seconds).
-# Default: 120
-#ReadTimeout 300
-
-# This option specifies the time (in seconds) after which clamd should
-# timeout if a client doesn't provide any initial command after connecting.
-# Default: 5
-#CommandReadTimeout 5
-
-# This option specifies how long to wait (in miliseconds) if the send buffer is full.
-# Keep this value low to prevent clamd hanging
-#
-# Default: 500
-#SendBufTimeout 200
-
-# Maximum number of queued items (including those being processed by MaxThreads threads)
-# It is recommended to have this value at least twice MaxThreads if possible.
-# WARNING: you shouldn't increase this too much to avoid running out of file descriptors,
-# the following condition should hold:
-# MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual max is 1024)
-#
-# Default: 100
-#MaxQueue 200
-
-# Waiting for a new job will timeout after this time (seconds).
-# Default: 30
-#IdleTimeout 60
-
-# Don't scan files and directories matching regex
-# This directive can be used multiple times
-# Default: scan all
-#ExcludePath ^/proc/
-#ExcludePath ^/sys/
-
-# Maximum depth directories are scanned at.
-# Default: 15
-#MaxDirectoryRecursion 20
-
-# Follow directory symlinks.
-# Default: no
-#FollowDirectorySymlinks yes
-
-# Follow regular file symlinks.
-# Default: no
-#FollowFileSymlinks yes
-
-# Scan files and directories on other filesystems.
-# Default: yes
-#CrossFilesystems yes
-
-# Perform a database check.
-# Default: 600 (10 min)
-#SelfCheck 600
-
-# Execute a command when virus is found. In the command string %v will
-# be replaced with the virus name.
-# Default: no
-#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v"
-
-# Run as another user (clamd must be started by root for this option to work)
-# Default: don't drop privileges
-User clamav
-
-# Initialize supplementary group access (clamd must be started by root).
-# Default: no
-#AllowSupplementaryGroups no
-
-# Stop daemon when libclamav reports out of memory condition.
-#ExitOnOOM yes
-
-# Don't fork into background.
-# Default: no
-#Foreground yes
-
-# Enable debug messages in libclamav.
-# Default: no
-#Debug yes
-
-# Do not remove temporary files (for debug purposes).
-# Default: no
-#LeaveTemporaryFiles yes
-
-# Permit use of the ALLMATCHSCAN command. If set to no, clamd will reject
-# any ALLMATCHSCAN command as invalid.
-# Default: yes
-#AllowAllMatchScan no
-
-# Detect Possibly Unwanted Applications.
-# Default: no
-#DetectPUA yes
-
-# Exclude a specific PUA category. This directive can be used multiple times.
-# See https://github.com/vrtadmin/clamav-faq/blob/master/faq/faq-pua.md for
-# the complete list of PUA categories.
-# Default: Load all categories (if DetectPUA is activated)
-#ExcludePUA NetTool
-#ExcludePUA PWTool
-
-# Only include a specific PUA category. This directive can be used multiple
-# times.
-# Default: Load all categories (if DetectPUA is activated)
-#IncludePUA Spy
-#IncludePUA Scanner
-#IncludePUA RAT
-
-# In some cases (eg. complex malware, exploits in graphic files, and others),
-# ClamAV uses special algorithms to provide accurate detection. This option
-# controls the algorithmic detection.
-# Default: yes
-#AlgorithmicDetection yes
-
-# This option causes memory or nested map scans to dump the content to disk.
-# If you turn on this option, more data is written to disk and is available
-# when the LeaveTemporaryFiles option is enabled.
-#ForceToDisk yes
-
-# This option allows you to disable the caching feature of the engine. By
-# default, the engine will store an MD5 in a cache of any files that are
-# not flagged as virus or that hit limits checks. Disabling the cache will
-# have a negative performance impact on large scans.
-# Default: no
-#DisableCache yes
-
-##
-## Executable files
-##
-
-# PE stands for Portable Executable - it's an executable file format used
-# in all 32 and 64-bit versions of Windows operating systems. This option allows
-# ClamAV to perform a deeper analysis of executable files and it's also
-# required for decompression of popular executable packers such as UPX, FSG,
-# and Petite. If you turn off this option, the original files will still be
-# scanned, but without additional processing.
-# Default: yes
-#ScanPE yes
-
-# Certain PE files contain an authenticode signature. By default, we check
-# the signature chain in the PE file against a database of trusted and
-# revoked certificates if the file being scanned is marked as a virus.
-# If any certificate in the chain validates against any trusted root, but
-# does not match any revoked certificate, the file is marked as whitelisted.
-# If the file does match a revoked certificate, the file is marked as virus.
-# The following setting completely turns off authenticode verification.
-# Default: no
-#DisableCertCheck yes
-
-# Executable and Linking Format is a standard format for UN*X executables.
-# This option allows you to control the scanning of ELF files.
-# If you turn off this option, the original files will still be scanned, but
-# without additional processing.
-# Default: yes
-#ScanELF yes
-
-# With this option clamav will try to detect broken executables (both PE and
-# ELF) and mark them as Broken.Executable.
-# Default: no
-#DetectBrokenExecutables yes
-
-
-##
-## Documents
-##
-
-# This option enables scanning of OLE2 files, such as Microsoft Office
-# documents and .msi files.
-# If you turn off this option, the original files will still be scanned, but
-# without additional processing.
-# Default: yes
-#ScanOLE2 yes
-
-# With this option enabled OLE2 files with VBA macros, which were not
-# detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros".
-# Default: no
-#OLE2BlockMacros no
-
-# This option enables scanning within PDF files.
-# If you turn off this option, the original files will still be scanned, but
-# without decoding and additional processing.
-# Default: yes
-#ScanPDF yes
-
-# This option enables scanning within SWF files.
-# If you turn off this option, the original files will still be scanned, but
-# without decoding and additional processing.
-# Default: yes
-#ScanSWF yes
-
-
-##
-## Mail files
-##
-
-# Enable internal e-mail scanner.
-# If you turn off this option, the original files will still be scanned, but
-# without parsing individual messages/attachments.
-# Default: yes
-#ScanMail yes
-
-# Scan RFC1341 messages split over many emails.
-# You will need to periodically clean up $TemporaryDirectory/clamav-partial directory.
-# WARNING: This option may open your system to a DoS attack.
-# Never use it on loaded servers.
-# Default: no
-#ScanPartialMessages yes
-
-# With this option enabled ClamAV will try to detect phishing attempts by using
-# signatures.
-# Default: yes
-#PhishingSignatures yes
-
-# Scan URLs found in mails for phishing attempts using heuristics.
-# Default: yes
-#PhishingScanURLs yes
-
-# Always block SSL mismatches in URLs, even if the URL isn't in the database.
-# This can lead to false positives.
-#
-# Default: no
-#PhishingAlwaysBlockSSLMismatch no
-
-# Always block cloaked URLs, even if URL isn't in database.
-# This can lead to false positives.
-#
-# Default: no
-#PhishingAlwaysBlockCloak no
-
-# Detect partition intersections in raw disk images using heuristics.
-# Default: no
-#PartitionIntersection no
-
-# Allow heuristic match to take precedence.
-# When enabled, if a heuristic scan (such as phishingScan) detects
-# a possible virus/phish it will stop scan immediately. Recommended, saves CPU
-# scan-time.
-# When disabled, virus/phish detected by heuristic scans will be reported only at
-# the end of a scan. If an archive contains both a heuristically detected
-# virus/phish, and a real malware, the real malware will be reported
-#
-# Keep this disabled if you intend to handle "*.Heuristics.*" viruses
-# differently from "real" malware.
-# If a non-heuristically-detected virus (signature-based) is found first,
-# the scan is interrupted immediately, regardless of this config option.
-#
-# Default: no
-#HeuristicScanPrecedence yes
-
-
-##
-## Data Loss Prevention (DLP)
-##
-
-# Enable the DLP module
-# Default: No
-#StructuredDataDetection yes
-
-# This option sets the lowest number of Credit Card numbers found in a file
-# to generate a detect.
-# Default: 3
-#StructuredMinCreditCardCount 5
-
-# This option sets the lowest number of Social Security Numbers found
-# in a file to generate a detect.
-# Default: 3
-#StructuredMinSSNCount 5
-
-# With this option enabled the DLP module will search for valid
-# SSNs formatted as xxx-yy-zzzz
-# Default: yes
-#StructuredSSNFormatNormal yes
-
-# With this option enabled the DLP module will search for valid
-# SSNs formatted as xxxyyzzzz
-# Default: no
-#StructuredSSNFormatStripped yes
-
-
-##
-## HTML
-##
-
-# Perform HTML normalisation and decryption of MS Script Encoder code.
-# Default: yes
-# If you turn off this option, the original files will still be scanned, but
-# without additional processing.
-#ScanHTML yes
-
-
-##
-## Archives
-##
-
-# ClamAV can scan within archives and compressed files.
-# If you turn off this option, the original files will still be scanned, but
-# without unpacking and additional processing.
-# Default: yes
-#ScanArchive yes
-
-# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
-# Default: no
-#ArchiveBlockEncrypted no
-
-
-##
-## Limits
-##
-
-# The options below protect your system against Denial of Service attacks
-# using archive bombs.
-
-# This option sets the maximum amount of data to be scanned for each input file.
-# Archives and other containers are recursively extracted and scanned up to this
-# value.
-# Value of 0 disables the limit
-# Note: disabling this limit or setting it too high may result in severe damage
-# to the system.
-# Default: 100M
-#MaxScanSize 150M
-
-# Files larger than this limit won't be scanned. Affects the input file itself
-# as well as files contained inside it (when the input file is an archive, a
-# document or some other kind of container).
-# Value of 0 disables the limit.
-# Note: disabling this limit or setting it too high may result in severe damage
-# to the system.
-# Default: 25M
-#MaxFileSize 30M
-
-# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR
-# file, all files within it will also be scanned. This options specifies how
-# deeply the process should be continued.
-# Note: setting this limit too high may result in severe damage to the system.
-# Default: 16
-#MaxRecursion 10
-
-# Number of files to be scanned within an archive, a document, or any other
-# container file.
-# Value of 0 disables the limit.
-# Note: disabling this limit or setting it too high may result in severe damage
-# to the system.
-# Default: 10000
-#MaxFiles 15000
-
-# Maximum size of a file to check for embedded PE. Files larger than this value
-# will skip the additional analysis step.
-# Note: disabling this limit or setting it too high may result in severe damage
-# to the system.
-# Default: 10M
-#MaxEmbeddedPE 10M
-
-# Maximum size of a HTML file to normalize. HTML files larger than this value
-# will not be normalized or scanned.
-# Note: disabling this limit or setting it too high may result in severe damage
-# to the system.
-# Default: 10M
-#MaxHTMLNormalize 10M
-
-# Maximum size of a normalized HTML file to scan. HTML files larger than this
-# value after normalization will not be scanned.
-# Note: disabling this limit or setting it too high may result in severe damage
-# to the system.
-# Default: 2M
-#MaxHTMLNoTags 2M
-
-# Maximum size of a script file to normalize. Script content larger than this
-# value will not be normalized or scanned.
-# Note: disabling this limit or setting it too high may result in severe damage
-# to the system.
-# Default: 5M
-#MaxScriptNormalize 5M
-
-# Maximum size of a ZIP file to reanalyze type recognition. ZIP files larger
-# than this value will skip the step to potentially reanalyze as PE.
-# Note: disabling this limit or setting it too high may result in severe damage
-# to the system.
-# Default: 1M
-#MaxZipTypeRcg 1M
-
-# This option sets the maximum number of partitions of a raw disk image to be scanned.
-# Raw disk images with more partitions than this value will have up to the value number
-# partitions scanned. Negative values are not allowed.
-# Note: setting this limit too high may result in severe damage or impact performance.
-# Default: 50
-#MaxPartitions 128
-
-# This option sets the maximum number of icons within a PE to be scanned.
-# PE files with more icons than this value will have up to the value number icons scanned.
-# Negative values are not allowed.
-# WARNING: setting this limit too high may result in severe damage or impact performance.
-# Default: 100
-#MaxIconsPE 200
-
-##
-## On-access Scan Settings
-##
-
-# Enable on-access scanning. Currently, this is supported via fanotify.
-# Clamuko/Dazuko support has been deprecated.
-# Default: no
-#ScanOnAccess yes
-
-# Don't scan files larger than OnAccessMaxFileSize
-# Value of 0 disables the limit.
-# Default: 5M
-#OnAccessMaxFileSize 10M
-
-# Set the include paths (all files inside them will be scanned). You can have
-# multiple OnAccessIncludePath directives but each directory must be added
-# in a separate line. (On-access scan only)
-# Default: disabled
-#OnAccessIncludePath /home
-#OnAccessIncludePath /students
-
-# Set the exclude paths. All subdirectories are also excluded.
-# (On-access scan only)
-# Default: disabled
-#OnAccessExcludePath /home/bofh
-
-# With this option you can whitelist specific UIDs. Processes with these UIDs
-# will be able to access all files.
-# This option can be used multiple times (one per line).
-# Default: disabled
-#OnAccessExcludeUID 0
-
-
-##
-## Bytecode
-##
-
-# With this option enabled ClamAV will load bytecode from the database.
-# It is highly recommended you keep this option on, otherwise you'll miss detections for many new viruses.
-# Default: yes
-#Bytecode yes
-
-# Set bytecode security level.
-# Possible values:
-# None - no security at all, meant for debugging. DO NOT USE THIS ON PRODUCTION SYSTEMS
-# This value is only available if clamav was built with --enable-debug!
-# TrustSigned - trust bytecode loaded from signed .c[lv]d files,
-# insert runtime safety checks for bytecode loaded from other sources
-# Paranoid - don't trust any bytecode, insert runtime checks for all
-# Recommended: TrustSigned, because bytecode in .cvd files already has these checks
-# Note that by default only signed bytecode is loaded, currently you can only
-# load unsigned bytecode in --enable-debug mode.
-#
-# Default: TrustSigned
-#BytecodeSecurity TrustSigned
-
-# Set bytecode timeout in miliseconds.
-#
-# Default: 5000
-# BytecodeTimeout 1000
-
-##
-## Statistics gathering and submitting
-##
-
-# Enable statistical reporting.
-# Default: no
-#StatsEnabled yes
-
-# Disable submission of individual PE sections for files flagged as malware.
-# Default: no
-#StatsPEDisabled yes
-
-# HostID in the form of an UUID to use when submitting statistical information.
-# Default: auto
-#StatsHostID auto
-
-# Time in seconds to wait for the stats server to come back with a response
-# Default: 10
-#StatsTimeout 10
diff --git a/recipes-security/clamav/files/freshclam-native.conf b/recipes-security/clamav/files/freshclam-native.conf
deleted file mode 100644
index aaa8cf4..0000000
--- a/recipes-security/clamav/files/freshclam-native.conf
+++ /dev/null
@@ -1,224 +0,0 @@
-# Path to the database directory.
-# WARNING: It must match clamd.conf's directive!
-# Default: hardcoded (depends on installation options)
-#DatabaseDirectory /var/lib/clamav
-
-# Path to the log file (make sure it has proper permissions)
-# Default: disabled
-#UpdateLogFile /var/log/clamav/freshclam.log
-
-# Maximum size of the log file.
-# Value of 0 disables the limit.
-# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
-# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes).
-# in bytes just don't use modifiers. If LogFileMaxSize is enabled,
-# log rotation (the LogRotate option) will always be enabled.
-# Default: 1M
-LogFileMaxSize 2M
-
-# Log time with each message.
-# Default: no
-LogTime yes
-
-# Enable verbose logging.
-# Default: no
-#LogVerbose yes
-
-# Use system logger (can work together with UpdateLogFile).
-# Default: no
-#LogSyslog yes
-
-# Specify the type of syslog messages - please refer to 'man syslog'
-# for facility names.
-# Default: LOG_LOCAL6
-#LogFacility LOG_MAIL
-
-# Enable log rotation. Always enabled when LogFileMaxSize is enabled.
-# Default: no
-#LogRotate yes
-
-# This option allows you to save the process identifier of the daemon
-# Default: disabled
-#PidFile /var/run/freshclam.pid
-
-# By default when started freshclam drops privileges and switches to the
-# "clamav" user. This directive allows you to change the database owner.
-# Default: clamav (may depend on installation options)
-DatabaseOwner clamav
-
-# Initialize supplementary group access (freshclam must be started by root).
-# Default: no
-#AllowSupplementaryGroups yes
-
-# Use DNS to verify virus database version. Freshclam uses DNS TXT records
-# to verify database and software versions. With this directive you can change
-# the database verification domain.
-# WARNING: Do not touch it unless you're configuring freshclam to use your
-# own database verification domain.
-# Default: current.cvd.clamav.net
-#DNSDatabaseInfo current.cvd.clamav.net
-
-# Uncomment the following line and replace XY with your country
-# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list.
-# You can use db.XY.ipv6.clamav.net for IPv6 connections.
-#DatabaseMirror db.XY.clamav.net
-
-# database.clamav.net is a round-robin record which points to our most
-# reliable mirrors. It's used as a fall back in case db.XY.clamav.net is
-# not working. DO NOT TOUCH the following line unless you know what you
-# are doing.
-DatabaseMirror database.clamav.net
-
-# How many attempts to make before giving up.
-# Default: 3 (per mirror)
-#MaxAttempts 5
-
-# With this option you can control scripted updates. It's highly recommended
-# to keep it enabled.
-# Default: yes
-#ScriptedUpdates yes
-
-# By default freshclam will keep the local databases (.cld) uncompressed to
-# make their handling faster. With this option you can enable the compression;
-# the change will take effect with the next database update.
-# Default: no
-#CompressLocalDatabase no
-
-# With this option you can provide custom sources (http:// or file://) for
-# database files. This option can be used multiple times.
-# Default: no custom URLs
-#DatabaseCustomURL http://myserver.com/mysigs.ndb
-#DatabaseCustomURL file:///mnt/nfs/local.hdb
-
-# This option allows you to easily point freshclam to private mirrors.
-# If PrivateMirror is set, freshclam does not attempt to use DNS
-# to determine whether its databases are out-of-date, instead it will
-# use the If-Modified-Since request or directly check the headers of the
-# remote database files. For each database, freshclam first attempts
-# to download the CLD file. If that fails, it tries to download the
-# CVD file. This option overrides DatabaseMirror, DNSDatabaseInfo
-# and ScriptedUpdates. It can be used multiple times to provide
-# fall-back mirrors.
-# Default: disabled
-#PrivateMirror mirror1.mynetwork.com
-#PrivateMirror mirror2.mynetwork.com
-
-# Number of database checks per day.
-# Default: 12 (every two hours)
-#Checks 24
-
-# Proxy settings
-# Default: disabled
-#HTTPProxyServer myproxy.com
-#HTTPProxyPort 1234
-#HTTPProxyUsername myusername
-#HTTPProxyPassword mypass
-
-# If your servers are behind a firewall/proxy which applies User-Agent
-# filtering you can use this option to force the use of a different
-# User-Agent header.
-# Default: clamav/version_number
-#HTTPUserAgent SomeUserAgentIdString
-
-# Use aaa.bbb.ccc.ddd as client address for downloading databases. Useful for
-# multi-homed systems.
-# Default: Use OS'es default outgoing IP address.
-#LocalIPAddress aaa.bbb.ccc.ddd
-
-# Send the RELOAD command to clamd.
-# Default: no
-#NotifyClamd /path/to/clamd.conf
-
-# Run command after successful database update.
-# Default: disabled
-#OnUpdateExecute command
-
-# Run command when database update process fails.
-# Default: disabled
-#OnErrorExecute command
-
-# Run command when freshclam reports outdated version.
-# In the command string %v will be replaced by the new version number.
-# Default: disabled
-#OnOutdatedExecute command
-
-# Don't fork into background.
-# Default: no
-#Foreground yes
-
-# Enable debug messages in libclamav.
-# Default: no
-#Debug yes
-
-# Timeout in seconds when connecting to database server.
-# Default: 30
-#ConnectTimeout 60
-
-# Timeout in seconds when reading from database server.
-# Default: 30
-#ReceiveTimeout 60
-
-# With this option enabled, freshclam will attempt to load new
-# databases into memory to make sure they are properly handled
-# by libclamav before replacing the old ones.
-# Default: yes
-#TestDatabases yes
-
-# When enabled freshclam will submit statistics to the ClamAV Project about
-# the latest virus detections in your environment. The ClamAV maintainers
-# will then use this data to determine what types of malware are the most
-# detected in the field and in what geographic area they are.
-# Freshclam will connect to clamd in order to get recent statistics.
-# Default: no
-#SubmitDetectionStats /path/to/clamd.conf
-
-# Country of origin of malware/detection statistics (for statistical
-# purposes only). The statistics collector at ClamAV.net will look up
-# your IP address to determine the geographical origin of the malware
-# reported by your installation. If this installation is mainly used to
-# scan data which comes from a different location, please enable this
-# option and enter a two-letter code (see http://www.iana.org/domains/root/db/)
-# of the country of origin.
-# Default: disabled
-#DetectionStatsCountry country-code
-
-# This option enables support for our "Personal Statistics" service.
-# When this option is enabled, the information on malware detected by
-# your clamd installation is made available to you through our website.
-# To get your HostID, log on http://www.stats.clamav.net and add a new
-# host to your host list. Once you have the HostID, uncomment this option
-# and paste the HostID here. As soon as your freshclam starts submitting
-# information to our stats collecting service, you will be able to view
-# the statistics of this clamd installation by logging into
-# http://www.stats.clamav.net with the same credentials you used to
-# generate the HostID. For more information refer to:
-# http://www.clamav.net/documentation.html#cctts
-# This feature requires SubmitDetectionStats to be enabled.
-# Default: disabled
-#DetectionStatsHostID unique-id
-
-# This option enables support for Google Safe Browsing. When activated for
-# the first time, freshclam will download a new database file (safebrowsing.cvd)
-# which will be automatically loaded by clamd and clamscan during the next
-# reload, provided that the heuristic phishing detection is turned on. This
-# database includes information about websites that may be phishing sites or
-# possible sources of malware. When using this option, it's mandatory to run
-# freshclam at least every 30 minutes.
-# Freshclam uses the ClamAV's mirror infrastructure to distribute the
-# database and its updates but all the contents are provided under Google's
-# terms of use. See http://www.google.com/transparencyreport/safebrowsing
-# and http://www.clamav.net/documentation.html#safebrowsing
-# for more information.
-# Default: disabled
-#SafeBrowsing yes
-
-# This option enables downloading of bytecode.cvd, which includes additional
-# detection mechanisms and improvements to the ClamAV engine.
-# Default: enabled
-#Bytecode yes
-
-# Download an additional 3rd party signature database distributed through
-# the ClamAV mirrors.
-# This option can be used multiple times.
-#ExtraDatabase dbname1
-#ExtraDatabase dbname2
diff --git a/recipes-security/clamav/files/freshclam.conf b/recipes-security/clamav/files/freshclam.conf
deleted file mode 100644
index 100724f..0000000
--- a/recipes-security/clamav/files/freshclam.conf
+++ /dev/null
@@ -1,224 +0,0 @@
-# Path to the database directory.
-# WARNING: It must match clamd.conf's directive!
-# Default: hardcoded (depends on installation options)
-DatabaseDirectory /var/lib/clamav
-
-# Path to the log file (make sure it has proper permissions)
-# Default: disabled
-UpdateLogFile /var/log/clamav/freshclam.log
-
-# Maximum size of the log file.
-# Value of 0 disables the limit.
-# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
-# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes).
-# in bytes just don't use modifiers. If LogFileMaxSize is enabled,
-# log rotation (the LogRotate option) will always be enabled.
-# Default: 1M
-LogFileMaxSize 2M
-
-# Log time with each message.
-# Default: no
-LogTime yes
-
-# Enable verbose logging.
-# Default: no
-#LogVerbose yes
-
-# Use system logger (can work together with UpdateLogFile).
-# Default: no
-#LogSyslog yes
-
-# Specify the type of syslog messages - please refer to 'man syslog'
-# for facility names.
-# Default: LOG_LOCAL6
-#LogFacility LOG_MAIL
-
-# Enable log rotation. Always enabled when LogFileMaxSize is enabled.
-# Default: no
-#LogRotate yes
-
-# This option allows you to save the process identifier of the daemon
-# Default: disabled
-PidFile /var/run/freshclam.pid
-
-# By default when started freshclam drops privileges and switches to the
-# "clamav" user. This directive allows you to change the database owner.
-# Default: clamav (may depend on installation options)
-DatabaseOwner clamav
-
-# Initialize supplementary group access (freshclam must be started by root).
-# Default: no
-#AllowSupplementaryGroups yes
-
-# Use DNS to verify virus database version. Freshclam uses DNS TXT records
-# to verify database and software versions. With this directive you can change
-# the database verification domain.
-# WARNING: Do not touch it unless you're configuring freshclam to use your
-# own database verification domain.
-# Default: current.cvd.clamav.net
-#DNSDatabaseInfo current.cvd.clamav.net
-
-# Uncomment the following line and replace XY with your country
-# code. See http://www.iana.org/cctld/cctld-whois.htm for the full list.
-# You can use db.XY.ipv6.clamav.net for IPv6 connections.
-#DatabaseMirror db.XY.clamav.net
-
-# database.clamav.net is a round-robin record which points to our most
-# reliable mirrors. It's used as a fall back in case db.XY.clamav.net is
-# not working. DO NOT TOUCH the following line unless you know what you
-# are doing.
-DatabaseMirror database.clamav.net
-
-# How many attempts to make before giving up.
-# Default: 3 (per mirror)
-#MaxAttempts 5
-
-# With this option you can control scripted updates. It's highly recommended
-# to keep it enabled.
-# Default: yes
-#ScriptedUpdates yes
-
-# By default freshclam will keep the local databases (.cld) uncompressed to
-# make their handling faster. With this option you can enable the compression;
-# the change will take effect with the next database update.
-# Default: no
-#CompressLocalDatabase no
-
-# With this option you can provide custom sources (http:// or file://) for
-# database files. This option can be used multiple times.
-# Default: no custom URLs
-#DatabaseCustomURL http://myserver.com/mysigs.ndb
-#DatabaseCustomURL file:///mnt/nfs/local.hdb
-
-# This option allows you to easily point freshclam to private mirrors.
-# If PrivateMirror is set, freshclam does not attempt to use DNS
-# to determine whether its databases are out-of-date, instead it will
-# use the If-Modified-Since request or directly check the headers of the
-# remote database files. For each database, freshclam first attempts
-# to download the CLD file. If that fails, it tries to download the
-# CVD file. This option overrides DatabaseMirror, DNSDatabaseInfo
-# and ScriptedUpdates. It can be used multiple times to provide
-# fall-back mirrors.
-# Default: disabled
-#PrivateMirror mirror1.mynetwork.com
-#PrivateMirror mirror2.mynetwork.com
-
-# Number of database checks per day.
-# Default: 12 (every two hours)
-#Checks 24
-
-# Proxy settings
-# Default: disabled
-#HTTPProxyServer myproxy.com
-#HTTPProxyPort 1234
-#HTTPProxyUsername myusername
-#HTTPProxyPassword mypass
-
-# If your servers are behind a firewall/proxy which applies User-Agent
-# filtering you can use this option to force the use of a different
-# User-Agent header.
-# Default: clamav/version_number
-#HTTPUserAgent SomeUserAgentIdString
-
-# Use aaa.bbb.ccc.ddd as client address for downloading databases. Useful for
-# multi-homed systems.
-# Default: Use OS'es default outgoing IP address.
-#LocalIPAddress aaa.bbb.ccc.ddd
-
-# Send the RELOAD command to clamd.
-# Default: no
-#NotifyClamd /path/to/clamd.conf
-
-# Run command after successful database update.
-# Default: disabled
-#OnUpdateExecute command
-
-# Run command when database update process fails.
-# Default: disabled
-#OnErrorExecute command
-
-# Run command when freshclam reports outdated version.
-# In the command string %v will be replaced by the new version number.
-# Default: disabled
-#OnOutdatedExecute command
-
-# Don't fork into background.
-# Default: no
-#Foreground yes
-
-# Enable debug messages in libclamav.
-# Default: no
-#Debug yes
-
-# Timeout in seconds when connecting to database server.
-# Default: 30
-#ConnectTimeout 60
-
-# Timeout in seconds when reading from database server.
-# Default: 30
-#ReceiveTimeout 60
-
-# With this option enabled, freshclam will attempt to load new
-# databases into memory to make sure they are properly handled
-# by libclamav before replacing the old ones.
-# Default: yes
-#TestDatabases yes
-
-# When enabled freshclam will submit statistics to the ClamAV Project about
-# the latest virus detections in your environment. The ClamAV maintainers
-# will then use this data to determine what types of malware are the most
-# detected in the field and in what geographic area they are.
-# Freshclam will connect to clamd in order to get recent statistics.
-# Default: no
-#SubmitDetectionStats /path/to/clamd.conf
-
-# Country of origin of malware/detection statistics (for statistical
-# purposes only). The statistics collector at ClamAV.net will look up
-# your IP address to determine the geographical origin of the malware
-# reported by your installation. If this installation is mainly used to
-# scan data which comes from a different location, please enable this
-# option and enter a two-letter code (see http://www.iana.org/domains/root/db/)
-# of the country of origin.
-# Default: disabled
-#DetectionStatsCountry country-code
-
-# This option enables support for our "Personal Statistics" service.
-# When this option is enabled, the information on malware detected by
-# your clamd installation is made available to you through our website.
-# To get your HostID, log on http://www.stats.clamav.net and add a new
-# host to your host list. Once you have the HostID, uncomment this option
-# and paste the HostID here. As soon as your freshclam starts submitting
-# information to our stats collecting service, you will be able to view
-# the statistics of this clamd installation by logging into
-# http://www.stats.clamav.net with the same credentials you used to
-# generate the HostID. For more information refer to:
-# http://www.clamav.net/documentation.html#cctts
-# This feature requires SubmitDetectionStats to be enabled.
-# Default: disabled
-#DetectionStatsHostID unique-id
-
-# This option enables support for Google Safe Browsing. When activated for
-# the first time, freshclam will download a new database file (safebrowsing.cvd)
-# which will be automatically loaded by clamd and clamscan during the next
-# reload, provided that the heuristic phishing detection is turned on. This
-# database includes information about websites that may be phishing sites or
-# possible sources of malware. When using this option, it's mandatory to run
-# freshclam at least every 30 minutes.
-# Freshclam uses the ClamAV's mirror infrastructure to distribute the
-# database and its updates but all the contents are provided under Google's
-# terms of use. See http://www.google.com/transparencyreport/safebrowsing
-# and http://www.clamav.net/documentation.html#safebrowsing
-# for more information.
-# Default: disabled
-#SafeBrowsing yes
-
-# This option enables downloading of bytecode.cvd, which includes additional
-# detection mechanisms and improvements to the ClamAV engine.
-# Default: enabled
-#Bytecode yes
-
-# Download an additional 3rd party signature database distributed through
-# the ClamAV mirrors.
-# This option can be used multiple times.
-#ExtraDatabase dbname1
-#ExtraDatabase dbname2
diff --git a/recipes-security/clamav/files/tmpfiles.clamav b/recipes-security/clamav/files/tmpfiles.clamav
deleted file mode 100644
index fd5adfe..0000000
--- a/recipes-security/clamav/files/tmpfiles.clamav
+++ /dev/null
@@ -1,3 +0,0 @@
-#Type Path Mode UID GID Age Argument
-d /var/log/clamav 0755 clamav clamav -
-f /var/log/clamav/freshclam.log 0644 clamav clamav -
diff --git a/recipes-security/clamav/files/volatiles.03_clamav b/recipes-security/clamav/files/volatiles.03_clamav
deleted file mode 100644
index ee2153c..0000000
--- a/recipes-security/clamav/files/volatiles.03_clamav
+++ /dev/null
@@ -1,3 +0,0 @@
-# <type> <owner> <group> <mode> <path> <linksource>
-d clamav clamav 0755 /var/log/clamav none
-f clamav clamav 0655 /var/log/clamav/freshclam.log none