Heavily reworked the antivirus section #2947
Conversation
@settermjd, thanks for your PR! By analyzing the history of the files in this pull request, we identified @vgezer to be a potential reviewer. |
|
||
To enable the Antivirus App for Files, go to your ownCloud Apps page to enable | ||
it. | ||
To updates your malware database and get the latest malware signatures, you need to run ``freshclam`` frequently. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
s/updates/update
8fba2fa
to
5151af5
Compare
To enable it, navigate to ``Settings -> Admin -> Apps``. | ||
It should already be enabled. | ||
But, if it’s not, click "**Show disabled apps**", find it in the list, and click | ||
"**Enable**". |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
add occ command?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can do.
``Action for infected files found while scanning`` gives you the choice of | ||
logging any alerts without deleting the files, or immediately deleting | ||
infected files. | ||
``Action for infected files found while scanning`` gives you the choice of logging any alerts without deleting the files or immediately deleting infected files. | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hm, @VicDeo can the configuration also be done via occ? would be great for docker setups / automated deployments. Can you give examples?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm having trouble with a local install and don't see the anti-virus app when running ./occ app:list
. Not sure if I'm missing something. But given its not there, I can't do due diligence on this section of the file.
view and change the existing rules. You can also add new ones. | ||
ownCloud provides the ability to customize how it reacts to the response given by an anti-virus scan. | ||
To do so, under `Admin -> Antivirus Configuration -> Advanced`, which you can see in the screenshot below, you can view and change the existing rules. | ||
You can also add new ones. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If admins use ClamAV do they have to customize the rules? Are there default rules? what do they match? I assume ClamAV?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd have to look into that. Can anyone else advise?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If admins use ClamAV do they have to customize the rules?
They don't. Default ruleset for clamAv is populated automatically.
Scanner exit status
rules are used to handle errors when ClamAv is run in CLI mode while
Scanner output
rules are used in daemon/socket mode.
Exit status is basically an exit code returned by any binary (not necessary ClamAv)
Daemon output is parsed by regexp.
IIRC the rules are always checked in the following order: infected/error/clean. In case there are no matching rules, the status would be Unknown
and a warning would be logged.
any update ? how to move forward ? @settermjd @VicDeo needs rebase due to conflicts |
@PVince81 will get on it. It got lost under the proverbial pile, unfortunately. |
There were sections that needed to be updated to the latest version, plus the way in which it was written wasn't as clear as it could be.
d8443d1
to
8a17c5e
Compare
@PVince81, now updated. Ready for further review. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Thanks, @phil-davis. |
This PR: