Step 3: Install ClamAV eCAP AdapterΒΆ

Checking downloaded files for viruses will be implemented using eCAP ClamAV adapter by Measurement Factory, see http://www.e-cap.org/downloads. To download and compile all required packages, run script 03_clamav.sh from core.redhat8 sub folder.

#!/bin/bash

# all packages are installed as root
if [[ $EUID -ne 0 ]]; then
   echo "This script must be run as root" 1>&2
   exit 1
fi

# we need epel packages for clamav (see https://fedoraproject.org/wiki/EPEL#How_can_I_use_these_extra_packages.3F)
subscription-manager repos --enable "codeready-builder-for-rhel-8-x86_64-rpms"

# install it
dnf -y install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

# install clamav
dnf -y install clamav clamav-update clamav-devel gcc-c++ patch make tar

# from now on every error is fatal
set -e

# download the sources
curl -O https://www.e-cap.org/archive/ecap_clamav_adapter-2.0.0.tar.gz

# unpack
tar -xvzf ecap_clamav_adapter-2.0.0.tar.gz

# patch the CL_SCAN_STDOPT error
patch ecap_clamav_adapter-2.0.0/src/ClamAv.cc < ClamAv.cc.patch

# change into working dir
pushd ecap_clamav_adapter-2.0.0

# configure, make and install
./configure && make && make install

# and revert back
popd

The following patch fixes CL_SCAN_STDOPT error, as indicated on https://bugs.launchpad.net/ecap/+bug/1813962

--- ClamAv.cc   2015-11-08 13:07:35.000000000 -0500
+++ ClamAv.cc.new   2019-07-29 08:34:21.000000000 -0400
@@ -44,8 +44,13 @@
     // We assume that cl_*() functions used here are threadsafe.

     const char *virname = 0;
-    const int eScanResult = cl_scanfile(answer.fileName.c_str(), &virname, 0, engine, CL_SCAN_STDOPT);

+    static struct cl_scan_options options = {};
+    {
+        options.parse |= ~0; // enable all parsers
+    }
+    const int eScanResult = cl_scanfile(answer.fileName.c_str(), &virname, 0, engine, &options);
+
     switch (eScanResult) {
     case CL_CLEAN:
         answer.statusCode = Answer::scClean;

Press Next to continue to Step 4.