pengdaqian commited on
Commit
e02c982
1 Parent(s): 431e891
Files changed (2) hide show
  1. Dockerfile +1 -0
  2. init +137 -0
Dockerfile CHANGED
@@ -44,6 +44,7 @@ WORKDIR $HOME/app
44
  COPY requirements.txt requirements.txt
45
  RUN pip3 install --no-cache-dir -r requirements.txt
46
 
 
47
  COPY . .
48
 
49
  CMD ["sh", "-c", "python3 scan_main.py"]
 
44
  COPY requirements.txt requirements.txt
45
  RUN pip3 install --no-cache-dir -r requirements.txt
46
 
47
+ COPY init /init
48
  COPY . .
49
 
50
  CMD ["sh", "-c", "python3 scan_main.py"]
init ADDED
@@ -0,0 +1,137 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ #!/sbin/tini /bin/sh
2
+ # SPDX-License-Identifier: GPL-2.0-or-later
3
+ #
4
+ # Copyright (C) 2021 Olliver Schinagl <[email protected]>
5
+ # Copyright (C) 2021-2022 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
6
+ #
7
+ # A beginning user should be able to docker run image bash (or sh) without
8
+ # needing to learn about --entrypoint
9
+ # https://github.com/docker-library/official-images#consistency
10
+
11
+ set -eu
12
+
13
+ if [ ! -d "/run/clamav" ]; then
14
+ install -d -g "clamav" -m 775 -o "clamav" "/run/clamav"
15
+ fi
16
+
17
+ # Assign ownership to the database directory, just in case it is a mounted volume
18
+ chown -R clamav:clamav /var/lib/clamav
19
+
20
+ # run command if it is not starting with a "-" and is an executable in PATH
21
+ if [ "${#}" -gt 0 ] && \
22
+ [ "${1#-}" = "${1}" ] && \
23
+ command -v "${1}" > "/dev/null" 2>&1; then
24
+ # Ensure healthcheck always passes
25
+ CLAMAV_NO_CLAMD="true" exec "${@}"
26
+ else
27
+ if [ "${#}" -ge 1 ] && \
28
+ [ "${1#-}" != "${1}" ]; then
29
+ # If an argument starts with "-" pass it to clamd specifically
30
+ exec clamd "${@}"
31
+ fi
32
+ # else default to running clamav's servers
33
+
34
+ # Help tiny-init a little
35
+ mkdir -p "/run/lock"
36
+ ln -f -s "/run/lock" "/var/lock"
37
+
38
+ # Ensure we have some virus data, otherwise clamd refuses to start
39
+ if [ ! -f "/var/lib/clamav/main.cvd" ]; then
40
+ echo "Updating initial database"
41
+ freshclam --foreground --stdout
42
+ fi
43
+
44
+ if [ "${CLAMAV_NO_FRESHCLAMD:-false}" != "true" ]; then
45
+ echo "Starting Freshclamd"
46
+ freshclam \
47
+ --checks="${FRESHCLAM_CHECKS:-1}" \
48
+ --daemon \
49
+ --foreground \
50
+ --stdout \
51
+ / $ cat /init
52
+ #!/sbin/tini /bin/sh
53
+ # SPDX-License-Identifier: GPL-2.0-or-later
54
+ #
55
+ # Copyright (C) 2021 Olliver Schinagl <[email protected]>
56
+ # Copyright (C) 2021-2022 Cisco Systems, Inc. and/or its affiliates. All rights reserved.
57
+ #
58
+ # A beginning user should be able to docker run image bash (or sh) without
59
+ # needing to learn about --entrypoint
60
+ # https://github.com/docker-library/official-images#consistency
61
+
62
+ set -eu
63
+
64
+ if [ ! -d "/run/clamav" ]; then
65
+ install -d -g "clamav" -m 775 -o "clamav" "/run/clamav"
66
+ fi
67
+
68
+ # Assign ownership to the database directory, just in case it is a mounted volume
69
+ #chown -R clamav:clamav /var/lib/clamav
70
+
71
+ # run command if it is not starting with a "-" and is an executable in PATH
72
+ if [ "${#}" -gt 0 ] && \
73
+ [ "${1#-}" = "${1}" ] && \
74
+ command -v "${1}" > "/dev/null" 2>&1; then
75
+ # Ensure healthcheck always passes
76
+ CLAMAV_NO_CLAMD="true" exec "${@}"
77
+ else
78
+ if [ "${#}" -ge 1 ] && \
79
+ [ "${1#-}" != "${1}" ]; then
80
+ # If an argument starts with "-" pass it to clamd specifically
81
+ exec clamd "${@}"
82
+ fi
83
+ # else default to running clamav's servers
84
+
85
+ # Help tiny-init a little
86
+ mkdir -p "/run/lock"
87
+ ln -f -s "/run/lock" "/var/lock"
88
+
89
+ # Ensure we have some virus data, otherwise clamd refuses to start
90
+ if [ ! -f "/var/lib/clamav/main.cvd" ]; then
91
+ echo "Updating initial database"
92
+ freshclam --foreground --stdout
93
+ fi
94
+
95
+ if [ "${CLAMAV_NO_FRESHCLAMD:-false}" != "true" ]; then
96
+ echo "Starting Freshclamd"
97
+ freshclam \
98
+ --checks="${FRESHCLAM_CHECKS:-1}" \
99
+ --daemon \
100
+ --foreground \
101
+ --stdout \
102
+ --user="clamav" \
103
+ &
104
+ fi
105
+
106
+ if [ "${CLAMAV_NO_CLAMD:-false}" != "true" ]; then
107
+ echo "Starting ClamAV"
108
+ if [ -S "/run/clamav/clamd.sock" ]; then
109
+ unlink "/run/clamav/clamd.sock"
110
+ fi
111
+ if [ -S "/tmp/clamd.sock" ]; then
112
+ unlink "/tmp/clamd.sock"
113
+ fi
114
+ clamd --foreground &
115
+ while [ ! -S "/run/clamav/clamd.sock" ] && [ ! -S "/tmp/clamd.sock" ]; do
116
+ if [ "${_timeout:=0}" -gt "${CLAMD_STARTUP_TIMEOUT:=1800}" ]; then
117
+ echo
118
+ echo "Failed to start clamd"
119
+ exit 1
120
+ fi
121
+ printf "\r%s" "Socket for clamd not found yet, retrying (${_timeout}/${CLAMD_STARTUP_TIMEOUT}) ..."
122
+ sleep 1
123
+ _timeout="$((_timeout + 1))"
124
+ done
125
+ echo "socket found, clamd started."
126
+ fi
127
+
128
+ if [ "${CLAMAV_NO_MILTERD:-true}" != "true" ]; then
129
+ echo "Starting clamav milterd"
130
+ clamav-milter &
131
+ fi
132
+
133
+ # Wait forever (or until canceled)
134
+ exec tail -f "/dev/null"
135
+ fi
136
+
137
+ exit 0