Mercurial > repos > other > Puppet
annotate common/freshclam.conf @ 136:765e72629b3e puppet-3.6
Fix "direct under CA" custom conditions and sites that use "cert named after domain" pattern
The 'undef' value coerces to empty string, so "$var == undef" becomes
"$var == ''", which broke our logic. Puppet 3 doesn't have a prettier solution
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Fri, 11 Nov 2016 21:04:13 +0000 |
parents | 47ddb26af9bd |
children |
rev | line source |
---|---|
85 | 1 ## |
2 ## Example config file for freshclam | |
3 ## Please read the freshclam.conf(5) manual before editing this file. | |
4 ## | |
5 | |
6 | |
7 # Path to the database directory. | |
8 # WARNING: It must match clamd.conf's directive! | |
9 # Default: hardcoded (depends on installation options) | |
10 #DatabaseDirectory /var/lib/clamav | |
11 | |
12 # Path to the log file (make sure it has proper permissions) | |
13 # Default: disabled | |
14 #UpdateLogFile /var/log/freshclam.log | |
15 | |
16 # Maximum size of the log file. | |
17 # Value of 0 disables the limit. | |
18 # You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) | |
19 # and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). | |
20 # in bytes just don't use modifiers. If LogFileMaxSize is enabled, | |
21 # log rotation (the LogRotate option) will always be enabled. | |
22 # Default: 1M | |
23 #LogFileMaxSize 2M | |
24 | |
25 # Log time with each message. | |
26 # Default: no | |
27 #LogTime yes | |
28 | |
29 # Enable verbose logging. | |
30 # Default: no | |
31 #LogVerbose yes | |
32 | |
33 # Use system logger (can work together with UpdateLogFile). | |
34 # Default: no | |
35 LogSyslog yes | |
36 | |
37 # Specify the type of syslog messages - please refer to 'man syslog' | |
38 # for facility names. | |
39 # Default: LOG_LOCAL6 | |
40 #LogFacility LOG_MAIL | |
41 | |
42 # Enable log rotation. Always enabled when LogFileMaxSize is enabled. | |
43 # Default: no | |
44 #LogRotate yes | |
45 | |
46 # This option allows you to save the process identifier of the daemon | |
47 # Default: disabled | |
48 #PidFile /var/run/freshclam.pid | |
49 | |
50 # By default when started freshclam drops privileges and switches to the | |
51 # "clamav" user. This directive allows you to change the database owner. | |
52 # Default: clamav (may depend on installation options) | |
53 #DatabaseOwner clamupdate | |
54 | |
55 # Initialize supplementary group access (freshclam must be started by root). | |
56 # Default: no | |
57 #AllowSupplementaryGroups yes | |
58 | |
59 # Use DNS to verify virus database version. Freshclam uses DNS TXT records | |
60 # to verify database and software versions. With this directive you can change | |
61 # the database verification domain. | |
62 # WARNING: Do not touch it unless you're configuring freshclam to use your | |
63 # own database verification domain. | |
64 # Default: current.cvd.clamav.net | |
65 #DNSDatabaseInfo current.cvd.clamav.net | |
66 | |
67 # Uncomment the following line and replace XY with your country | |
68 # code. See http://www.iana.org/cctld/cctld-whois.htm for the full list. | |
69 # You can use db.XY.ipv6.clamav.net for IPv6 connections. | |
70 #DatabaseMirror db.XY.clamav.net | |
71 | |
72 # database.clamav.net is a round-robin record which points to our most | |
73 # reliable mirrors. It's used as a fall back in case db.XY.clamav.net is | |
74 # not working. DO NOT TOUCH the following line unless you know what you | |
75 # are doing. | |
76 DatabaseMirror database.clamav.net | |
77 | |
78 # How many attempts to make before giving up. | |
79 # Default: 3 (per mirror) | |
80 #MaxAttempts 5 | |
81 | |
82 # With this option you can control scripted updates. It's highly recommended | |
83 # to keep it enabled. | |
84 # Default: yes | |
85 #ScriptedUpdates yes | |
86 | |
87 # By default freshclam will keep the local databases (.cld) uncompressed to | |
88 # make their handling faster. With this option you can enable the compression; | |
89 # the change will take effect with the next database update. | |
90 # Default: no | |
91 #CompressLocalDatabase no | |
92 | |
93 # With this option you can provide custom sources (http:// or file://) for | |
94 # database files. This option can be used multiple times. | |
95 # Default: no custom URLs | |
96 #DatabaseCustomURL http://myserver.com/mysigs.ndb | |
97 #DatabaseCustomURL file:///mnt/nfs/local.hdb | |
98 | |
99 # This option allows you to easily point freshclam to private mirrors. | |
100 # If PrivateMirror is set, freshclam does not attempt to use DNS | |
101 # to determine whether its databases are out-of-date, instead it will | |
102 # use the If-Modified-Since request or directly check the headers of the | |
103 # remote database files. For each database, freshclam first attempts | |
104 # to download the CLD file. If that fails, it tries to download the | |
105 # CVD file. This option overrides DatabaseMirror, DNSDatabaseInfo | |
106 # and ScriptedUpdates. It can be used multiple times to provide | |
107 # fall-back mirrors. | |
108 # Default: disabled | |
109 #PrivateMirror mirror1.mynetwork.com | |
110 #PrivateMirror mirror2.mynetwork.com | |
111 | |
112 # Number of database checks per day. | |
113 # Default: 12 (every two hours) | |
114 #Checks 24 | |
115 | |
116 # Proxy settings | |
117 # Default: disabled | |
118 #HTTPProxyServer myproxy.com | |
119 #HTTPProxyPort 1234 | |
120 #HTTPProxyUsername myusername | |
121 #HTTPProxyPassword mypass | |
122 | |
123 # If your servers are behind a firewall/proxy which applies User-Agent | |
124 # filtering you can use this option to force the use of a different | |
125 # User-Agent header. | |
126 # Default: clamav/version_number | |
127 #HTTPUserAgent SomeUserAgentIdString | |
128 | |
129 # Use aaa.bbb.ccc.ddd as client address for downloading databases. Useful for | |
130 # multi-homed systems. | |
131 # Default: Use OS'es default outgoing IP address. | |
132 #LocalIPAddress aaa.bbb.ccc.ddd | |
133 | |
134 # Send the RELOAD command to clamd. | |
135 # Default: no | |
136 #NotifyClamd /path/to/clamd.conf | |
137 | |
138 # Run command after successful database update. | |
139 # Default: disabled | |
140 #OnUpdateExecute command | |
141 | |
142 # Run command when database update process fails. | |
143 # Default: disabled | |
144 #OnErrorExecute command | |
145 | |
146 # Run command when freshclam reports outdated version. | |
147 # In the command string %v will be replaced by the new version number. | |
148 # Default: disabled | |
149 #OnOutdatedExecute command | |
150 | |
151 # Don't fork into background. | |
152 # Default: no | |
153 #Foreground yes | |
154 | |
155 # Enable debug messages in libclamav. | |
156 # Default: no | |
157 #Debug yes | |
158 | |
159 # Timeout in seconds when connecting to database server. | |
160 # Default: 30 | |
161 #ConnectTimeout 60 | |
162 | |
163 # Timeout in seconds when reading from database server. | |
164 # Default: 30 | |
165 #ReceiveTimeout 60 | |
166 | |
167 # With this option enabled, freshclam will attempt to load new | |
168 # databases into memory to make sure they are properly handled | |
169 # by libclamav before replacing the old ones. | |
170 # Default: yes | |
171 #TestDatabases yes | |
172 | |
173 # When enabled freshclam will submit statistics to the ClamAV Project about | |
174 # the latest virus detections in your environment. The ClamAV maintainers | |
175 # will then use this data to determine what types of malware are the most | |
176 # detected in the field and in what geographic area they are. | |
177 # Freshclam will connect to clamd in order to get recent statistics. | |
178 # Default: no | |
179 #SubmitDetectionStats /path/to/clamd.conf | |
180 | |
181 # Country of origin of malware/detection statistics (for statistical | |
182 # purposes only). The statistics collector at ClamAV.net will look up | |
183 # your IP address to determine the geographical origin of the malware | |
184 # reported by your installation. If this installation is mainly used to | |
185 # scan data which comes from a different location, please enable this | |
186 # option and enter a two-letter code (see http://www.iana.org/domains/root/db/) | |
187 # of the country of origin. | |
188 # Default: disabled | |
189 #DetectionStatsCountry country-code | |
190 | |
191 # This option enables support for our "Personal Statistics" service. | |
192 # When this option is enabled, the information on malware detected by | |
193 # your clamd installation is made available to you through our website. | |
194 # To get your HostID, log on http://www.stats.clamav.net and add a new | |
195 # host to your host list. Once you have the HostID, uncomment this option | |
196 # and paste the HostID here. As soon as your freshclam starts submitting | |
197 # information to our stats collecting service, you will be able to view | |
198 # the statistics of this clamd installation by logging into | |
199 # http://www.stats.clamav.net with the same credentials you used to | |
200 # generate the HostID. For more information refer to: | |
201 # http://www.clamav.net/documentation.html#cctts | |
202 # This feature requires SubmitDetectionStats to be enabled. | |
203 # Default: disabled | |
204 #DetectionStatsHostID unique-id | |
205 | |
206 # This option enables support for Google Safe Browsing. When activated for | |
207 # the first time, freshclam will download a new database file (safebrowsing.cvd) | |
208 # which will be automatically loaded by clamd and clamscan during the next | |
209 # reload, provided that the heuristic phishing detection is turned on. This | |
210 # database includes information about websites that may be phishing sites or | |
211 # possible sources of malware. When using this option, it's mandatory to run | |
212 # freshclam at least every 30 minutes. | |
213 # Freshclam uses the ClamAV's mirror infrastructure to distribute the | |
214 # database and its updates but all the contents are provided under Google's | |
215 # terms of use. See http://www.google.com/transparencyreport/safebrowsing | |
216 # and http://www.clamav.net/documentation.html#safebrowsing | |
217 # for more information. | |
218 # Default: disabled | |
219 #SafeBrowsing yes | |
220 | |
221 # This option enables downloading of bytecode.cvd, which includes additional | |
222 # detection mechanisms and improvements to the ClamAV engine. | |
223 # Default: enabled | |
224 #Bytecode yes | |
102
47ddb26af9bd
Avoid SELinux warnings by disabling bytecode support
IBBoard <dev@ibboard.co.uk>
parents:
85
diff
changeset
|
225 Bytecode no |
85 | 226 |
227 # Download an additional 3rd party signature database distributed through | |
228 # the ClamAV mirrors. | |
229 # This option can be used multiple times. | |
230 #ExtraDatabase dbname1 | |
231 #ExtraDatabase dbname2 |