Heavily reworked the antivirus section #2947
Conversation
|
@settermjd, thanks for your PR! By analyzing the history of the files in this pull request, we identified @vgezer to be a potential reviewer. |
|
|
||
| To enable the Antivirus App for Files, go to your ownCloud Apps page to enable | ||
| it. | ||
| To updates your malware database and get the latest malware signatures, you need to run ``freshclam`` frequently. |
settermjd
force-pushed
the
refactor-antivirus-configuration
branch
from
8fba2fa
to
5151af5
Compare
| To enable it, navigate to ``Settings -> Admin -> Apps``. | ||
| It should already be enabled. | ||
| But, if it’s not, click "**Show disabled apps**", find it in the list, and click | ||
| "**Enable**". |
| ``Action for infected files found while scanning`` gives you the choice of | ||
| logging any alerts without deleting the files, or immediately deleting | ||
| infected files. | ||
| ``Action for infected files found while scanning`` gives you the choice of logging any alerts without deleting the files or immediately deleting infected files. | ||
|
|
There was a problem hiding this comment.
hm, @VicDeo can the configuration also be done via occ? would be great for docker setups / automated deployments. Can you give examples?
There was a problem hiding this comment.
I'm having trouble with a local install and don't see the anti-virus app when running ./occ app:list. Not sure if I'm missing something. But given its not there, I can't do due diligence on this section of the file.
| view and change the existing rules. You can also add new ones. | ||
| ownCloud provides the ability to customize how it reacts to the response given by an anti-virus scan. | ||
| To do so, under `Admin -> Antivirus Configuration -> Advanced`, which you can see in the screenshot below, you can view and change the existing rules. | ||
| You can also add new ones. |
There was a problem hiding this comment.
If admins use ClamAV do they have to customize the rules? Are there default rules? what do they match? I assume ClamAV?
There was a problem hiding this comment.
I'd have to look into that. Can anyone else advise?
There was a problem hiding this comment.
wow there is a ton of default rules ...
There was a problem hiding this comment.
If admins use ClamAV do they have to customize the rules?
They don't. Default ruleset for clamAv is populated automatically.
Scanner exit status rules are used to handle errors when ClamAv is run in CLI mode while
Scanner output rules are used in daemon/socket mode.
Exit status is basically an exit code returned by any binary (not necessary ClamAv)
Daemon output is parsed by regexp.
IIRC the rules are always checked in the following order: infected/error/clean. In case there are no matching rules, the status would be Unknown and a warning would be logged.
|
any update ? how to move forward ? @settermjd @VicDeo needs rebase due to conflicts |
|
@PVince81 will get on it. It got lost under the proverbial pile, unfortunately. |
There were sections that needed to be updated to the latest version, plus the way in which it was written wasn't as clear as it could be.
settermjd
force-pushed
the
refactor-antivirus-configuration
branch
from
d8443d1
to
8a17c5e
Compare
|
@PVince81, now updated. Ready for further review. |
|
Thanks, @phil-davis. |
This PR: