clamd: add support for DazukoFS (bb#1691)

Patch from John Ogness <dazukocode*ogness.net>

ChangeLog

@@ -1,3 +1,8 @@
+Mon Sep 21 22:05:38 CEST 2009 (tk)
+----------------------------------
+ * clamd: add support for DazukoFS (bb#1691)
+	  Patch from John Ogness <dazukocode*ogness.net>
+
 Fri Sep 18 20:02:06 CEST 2009 (tk)
 ----------------------------------
  * libclamav/matcher-bm.c: use mpool in BM's offset mode

clamd/Makefile.am

@@ -48,12 +48,16 @@ clamd_SOURCES = \
     others.h \
     clamuko.c \
     clamuko.h \
+    clamukofs.c \
+    clamukofs.h \
     dazukoio_compat12.c \
     dazukoio_compat12.h \
     dazukoio.c \
     dazukoio.h \
     dazuko_xp.h \
     dazukoio_xp.h \
+    dazukofs.c \
+    dazukofs.h \
     shared.h
 
 endif

clamd/Makefile.in

@@ -82,9 +82,9 @@ am__clamd_SOURCES_DIST = $(top_srcdir)/shared/output.c \
 	$(top_srcdir)/shared/network.h clamd.c tcpserver.c tcpserver.h \
 	localserver.c localserver.h session.c session.h thrmgr.c \
 	thrmgr.h server-th.c server.h scanner.c scanner.h others.c \
-	others.h clamuko.c clamuko.h dazukoio_compat12.c \
-	dazukoio_compat12.h dazukoio.c dazukoio.h dazuko_xp.h \
-	dazukoio_xp.h shared.h
+	others.h clamuko.c clamuko.h clamukofs.c clamukofs.h \
+	dazukoio_compat12.c dazukoio_compat12.h dazukoio.c dazukoio.h \
+	dazuko_xp.h dazukoio_xp.h dazukofs.c dazukofs.h shared.h
 @BUILD_CLAMD_TRUE@am_clamd_OBJECTS = output.$(OBJEXT) \
 @BUILD_CLAMD_TRUE@	optparser.$(OBJEXT) getopt.$(OBJEXT) \
 @BUILD_CLAMD_TRUE@	misc.$(OBJEXT) network.$(OBJEXT) \
@@ -93,7 +93,9 @@ am__clamd_SOURCES_DIST = $(top_srcdir)/shared/output.c \
 @BUILD_CLAMD_TRUE@	thrmgr.$(OBJEXT) server-th.$(OBJEXT) \
 @BUILD_CLAMD_TRUE@	scanner.$(OBJEXT) others.$(OBJEXT) \
 @BUILD_CLAMD_TRUE@	clamuko.$(OBJEXT) \
+@BUILD_CLAMD_TRUE@	clamukofs.$(OBJEXT) \
 @BUILD_CLAMD_TRUE@	dazukoio_compat12.$(OBJEXT) \
+@BUILD_CLAMD_TRUE@	dazukofs.$(OBJEXT) \
 @BUILD_CLAMD_TRUE@	dazukoio.$(OBJEXT)
 clamd_OBJECTS = $(am_clamd_OBJECTS)
 clamd_LDADD = $(LDADD)
@@ -316,12 +318,16 @@ top_srcdir = @top_srcdir@
 @BUILD_CLAMD_TRUE@    others.h \
 @BUILD_CLAMD_TRUE@    clamuko.c \
 @BUILD_CLAMD_TRUE@    clamuko.h \
+@BUILD_CLAMD_TRUE@    clamukofs.c \
+@BUILD_CLAMD_TRUE@    clamukofs.h \
 @BUILD_CLAMD_TRUE@    dazukoio_compat12.c \
 @BUILD_CLAMD_TRUE@    dazukoio_compat12.h \
 @BUILD_CLAMD_TRUE@    dazukoio.c \
 @BUILD_CLAMD_TRUE@    dazukoio.h \
 @BUILD_CLAMD_TRUE@    dazuko_xp.h \
 @BUILD_CLAMD_TRUE@    dazukoio_xp.h \
+@BUILD_CLAMD_TRUE@    dazukofs.c \
+@BUILD_CLAMD_TRUE@    dazukofs.h \
 @BUILD_CLAMD_TRUE@    shared.h
 
 AM_CPPFLAGS = -I$(top_srcdir) -I$(top_srcdir)/shared -I$(top_srcdir)/libclamav
@@ -435,8 +441,10 @@ distclean-compile:
 
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/clamd.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/clamuko.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/clamukofs.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dazukoio.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dazukoio_compat12.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dazukofs.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/getopt.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/localserver.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/misc.Po@am__quote@

clamd/clamuko.c

@@ -39,6 +39,7 @@
 #include "server.h"
 #include "others.h"
 #include "dazukoio.h"
+#include "clamukofs.h"
 #include "clamuko.h"
 
 struct dazuko_access *acc;
@@ -62,7 +63,7 @@ static void clamuko_exit(int sig)
     pthread_exit(NULL);
 }
 
-void *clamukoth(void *arg)
+static void *clamukolegacyth(void *arg)
 {
 	struct thrarg *tharg = (struct thrarg *) arg;
 	sigset_t sigset;
@@ -200,4 +201,15 @@ void *clamukoth(void *arg)
     return NULL;
 }
 
+void *clamukoth(void *arg)
+{
+	struct stat s;
+
+    /* we use DazukoFS if /dev/dazukofs.ctrl exists and it is a
+     * character device, otherwise we use Dazuko */
+    if(stat("/dev/dazukofs.ctrl", &s) != 0) return clamukolegacyth(arg);
+    if(!S_ISCHR(s.st_mode)) return clamukolegacyth(arg);
+    return clamukofsth(arg);
+}
+
 #endif

clamd/clamukofs.c

@@ -0,0 +1,249 @@
+/*
+ *  Copyright (C) 2007-2009 Sourcefire, Inc.
+ *    Author: Tomasz Kojm
+ *    Author: John Ogness <dazukocode@ogness.net>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2 as
+ *  published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA 02110-1301, USA.
+ */
+
+#if HAVE_CONFIG_H
+#include "clamav-config.h"
+#endif
+
+#ifdef CLAMUKO
+
+#include <stdio.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <signal.h>
+#include <pthread.h>
+
+#include "libclamav/clamav.h"
+
+#include "shared/optparser.h"
+#include "shared/output.h"
+
+#include "server.h"
+#include "others.h"
+#include "dazukofs.h"
+#include "clamuko.h"
+
+static pthread_mutex_t running_mutex = PTHREAD_MUTEX_INITIALIZER;
+static dazukofs_handle_t shutdown_hndl;
+static pthread_cond_t shutdown_cond;
+
+static void clamuko_exit(int sig)
+{
+    pthread_cond_signal(&shutdown_cond);
+}
+
+static int setup_shutdown_handle(const char *groupname)
+{
+    /* is another server thread is already running? */
+    if(shutdown_hndl) return -1;
+
+    if(pthread_cond_init(&shutdown_cond, NULL)) return -1;
+
+    /* handle used for shutdown by signal */
+    shutdown_hndl = dazukofs_open(groupname, DAZUKOFS_TRACK_GROUP);
+    if(!shutdown_hndl) {
+	logg("!Clamuko: Can't register with DazukoFS\n");
+	return -1;
+    }
+    return 0;
+}
+
+static void shutdown_clamuko(void)
+{
+	dazukofs_handle_t hndl = shutdown_hndl;
+
+    /* Set shutdown_hndl before closing because the close will
+     * immediately cause the scan threads to be interrupted.
+     * But they will only abort if shutdown_hndl is NULL. */
+    shutdown_hndl = NULL;
+
+    if(hndl) dazukofs_close(hndl, DAZUKOFS_REMOVE_GROUP);
+}
+
+static void *clamuko_scanth(void *arg)
+{
+	struct thrarg *tharg = (struct thrarg *) arg;
+	sigset_t sigset;
+	short int scan;
+	unsigned int sizelimit = 0;
+	struct stat sb;
+	dazukofs_handle_t scan_hndl;
+	struct dazukofs_access acc;
+	const char *groupname = "ClamAV";
+	int skip_scan = 0;
+	const char *virname;
+	char filename[4096];
+
+    /* ignore all signals */
+    sigfillset(&sigset);
+    /* The behavior of a process is undefined after it ignores a
+     * SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */
+    sigdelset(&sigset, SIGFPE);
+    sigdelset(&sigset, SIGILL);
+    sigdelset(&sigset, SIGSEGV);
+#ifdef SIGBUS
+    sigdelset(&sigset, SIGBUS);
+#endif
+    pthread_sigmask(SIG_SETMASK, &sigset, NULL);
+
+    /* register */
+    scan_hndl = dazukofs_open(groupname, DAZUKOFS_TRACK_GROUP);
+    if(!scan_hndl) {
+	logg("!Clamuko: Can't register with DazukoFS\n");
+	return NULL;
+    } else {
+	logg("Clamuko: Correctly registered with DazukoFS.\n");
+    }
+
+    /* access mask (not used by DazukoFS) */
+    if(optget(tharg->opts, "ClamukoScanOnOpen")->enabled)
+	logg("!Clamuko: ClamukoScanOnOpen ignored when using DazukoFS.\n");
+    if(optget(tharg->opts, "ClamukoScanOnClose")->enabled)
+	logg("!Clamuko: ClamukoScanOnClose ignored when using DazukoFS.\n");
+    if(optget(tharg->opts, "ClamukoScanOnExec")->enabled)
+	logg("!Clamuko: ClamukoScanOnExec ignored when using DazukoFS.\n");
+    if(optget(tharg->opts, "ClamukoIncludePath")->enabled)
+	logg("!Clamuko: ClamukoIncludePath ignored when using DazukoFS.\n");
+    if(optget(tharg->opts, "ClamukoExcludePath")->enabled)
+	logg("!Clamuko: ClamukoExcludePath ignored when using DazukoFS.\n");
+
+    sizelimit = optget(tharg->opts, "ClamukoMaxFileSize")->numarg;
+    if(sizelimit)
+	logg("Clamuko: Max file size limited to %u bytes.\n", sizelimit);
+    else
+	logg("Clamuko: File size limit disabled.\n");
+
+    while(1) {
+	if(dazukofs_get_access(scan_hndl, &acc)) {
+	    if(!shutdown_hndl)
+		break;
+	    continue;
+	}
+
+	if(!fstat(acc.fd, &sb)) {
+	    if(S_ISDIR(sb.st_mode)) {
+		/* don't try to scan directories */
+		skip_scan = 1;
+	    } else if(sb.st_size > sizelimit) {
+		dazukofs_get_filename(&acc, filename, sizeof(filename));
+		logg("*Clamuko: %s skipped (too big)\n", filename);
+		skip_scan = 1;
+	    }
+	}
+
+	if(skip_scan) {
+	    acc.deny = 0;
+	    /* reset skip flag */
+	    skip_scan = 0;
+	} else if(cl_scandesc(acc.fd, &virname, NULL, tharg->engine,
+			      tharg->options) == CL_VIRUS) {
+	    dazukofs_get_filename(&acc, filename, sizeof(filename));
+	    logg("Clamuko: %s: %s FOUND\n", filename, virname);
+	    /* we can not perform any special action because it will
+	     * trigger DazukoFS recursively */
+	    acc.deny = 1;
+	} else {
+	    acc.deny = 0;
+	}
+
+	if(dazukofs_return_access(scan_hndl, &acc)) {
+	    if(shutdown_hndl)
+	        logg("!Clamuko: Can't return access to DazukoFS.\n");
+	    break;
+	}
+    }
+
+    dazukofs_close(scan_hndl, 0);
+
+    if(shutdown_hndl)
+        logg("!Clamuko: A scanner thread has unexpectedly shutdown.\n");
+
+    return NULL;
+}
+
+void *clamukofsth(void *arg)
+{
+	struct thrarg *tharg = (struct thrarg *) arg;
+	sigset_t sigset;
+        struct sigaction act;
+	pthread_t *clamuko_pids = NULL;
+	const char *groupname = "ClamAV";
+	int count;
+	int started;
+
+    /* is another server thread already working? */
+    if(pthread_mutex_trylock(&running_mutex))
+	return NULL;
+
+    /* ignore all signals except SIGUSR1 */
+    sigfillset(&sigset);
+    sigdelset(&sigset, SIGUSR1);
+    /* The behavior of a process is undefined after it ignores a
+     * SIGFPE, SIGILL, SIGSEGV, or SIGBUS signal */
+    sigdelset(&sigset, SIGFPE);
+    sigdelset(&sigset, SIGILL);
+    sigdelset(&sigset, SIGSEGV);
+#ifdef SIGBUS
+    sigdelset(&sigset, SIGBUS);
+#endif
+    pthread_sigmask(SIG_SETMASK, &sigset, NULL);
+
+    count = optget(tharg->opts, "ClamukoScannerCount")->numarg;
+    if(count < 1) goto out;
+
+    clamuko_pids = calloc(count, sizeof(pthread_t));
+    if(!clamuko_pids) goto out;
+
+    if(setup_shutdown_handle(groupname)) goto out;
+
+    act.sa_handler = clamuko_exit;
+    sigfillset(&(act.sa_mask));
+    sigaction(SIGUSR1, &act, NULL);
+    sigaction(SIGSEGV, &act, NULL);
+
+    for(started = 0; started < count; started++) {
+	pthread_attr_t clamuko_attr;
+
+	if(pthread_attr_init(&clamuko_attr)) break;
+	pthread_attr_setdetachstate(&clamuko_attr, PTHREAD_CREATE_JOINABLE);
+	if(pthread_create(&clamuko_pids[started], &clamuko_attr,
+			  clamuko_scanth, tharg)) break;
+	logg("Clamuko: Started scanner thread %d.\n", started);
+    }
+
+    pthread_cond_wait(&shutdown_cond, &running_mutex);
+    logg("Clamuko: Stop signal received.\n");
+
+    shutdown_clamuko();
+
+    for(started-- ; started >= 0; started--) {
+	logg("Clamuko: Waiting for scanner thread %d to finish.\n", started);
+	pthread_join(clamuko_pids[started], NULL);
+    }
+
+    logg("Clamuko: Stopped.\n");
+out:
+    if(clamuko_pids) free(clamuko_pids);
+    pthread_mutex_unlock(&running_mutex);
+    return NULL;
+}
+
+#endif

clamd/clamukofs.h

@@ -0,0 +1,28 @@
+/*
+ *  Copyright (C) 2009 Sourcefire, Inc.
+ *    Author: John Ogness <dazukocode@ogness.net>
+ *
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License version 2 as
+ *  published by the Free Software Foundation.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ *  MA 02110-1301, USA.
+ */
+
+#ifdef CLAMUKO
+
+#ifndef __CLAMUKO_H
+#define __CLAMUKO_H
+
+extern void *clamukofsth(void *arg);
+
+#endif
+#endif

clamd/dazukofs.c

@@ -0,0 +1,238 @@
+/* userspace library to interface with dazukofs
+
+   Copyright (C) 2008-2009 John Ogness
+     Author: John Ogness <dazukocode@ogness.net>
+
+   This library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   This library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with this library; if not, write to the Free Software
+   Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+*/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <fcntl.h>
+#include <unistd.h>
+
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "dazukofs.h"
+
+struct dazukofs_handle
+{
+	int dev_fd;
+	unsigned long event_id;
+	char *group_name;
+};
+
+#define DAZUKOFS_ALLOWED_GROUPCHARS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-"
+static int check_group_name(const char *gname)
+{
+	size_t len = strlen(gname);
+	const char *p;
+
+	if (len > 20)
+		return -1;
+
+	for (p = gname; *p; p++) {
+		if (strchr(DAZUKOFS_ALLOWED_GROUPCHARS, *p) == NULL)
+			return -1;
+	}
+
+	return 0;
+}
+
+dazukofs_handle_t dazukofs_open(const char *gname, int flags)
+{
+	struct dazukofs_handle *hndl = NULL;
+	char key[25];
+	char buf[256];
+	char *p;
+	int gid;
+	int fd;
+
+	if (check_group_name(gname) != 0)
+		goto error_out;
+
+	fd = open("/dev/dazukofs.ctrl", O_RDWR);
+	if (fd == -1) {
+		/* try to read at least
+		 * (maybe the group already exists) */
+		fd = open("/dev/dazukofs.ctrl", O_RDONLY);
+		if (fd == -1)
+			goto error_out;
+	} else {
+		memset(buf, 0, sizeof(buf));
+
+		if (flags & DAZUKOFS_TRACK_GROUP)
+			snprintf(buf, sizeof(buf) - 1, "addtrack=%s", gname);
+		else
+			snprintf(buf, sizeof(buf) - 1, "add=%s", gname);
+
+		if (write(fd, buf, strlen(buf)) == -1)
+			goto error_out_close;
+
+		lseek(fd, 0, SEEK_SET);
+	}
+
+	memset(buf, 0, sizeof(buf));
+	if (read(fd, buf, sizeof(buf)-1) == -1)
+		goto error_out_close;
+
+	memset(key, 0, sizeof(key));
+	snprintf(key, sizeof(key) - 1, ":%s\n", gname);
+
+	p = strstr(buf, key);
+	if (!p || p == buf)
+		goto error_out_close;
+
+	p--;
+	gid = *p - '0';
+	if (gid < 0 || gid > 9)
+		goto error_out_close;
+
+	hndl = malloc(sizeof(struct dazukofs_handle));
+	if (!hndl)
+		goto error_out_close;
+	memset(hndl, 0, sizeof(struct dazukofs_handle));
+
+	hndl->group_name = strdup(gname);
+	if (!hndl->group_name)
+		goto error_out_free;
+
+	memset(key, 0, sizeof(key));
+	snprintf(key, sizeof(key) - 1, "/dev/dazukofs.%d", gid);
+
+	hndl->dev_fd = open(key, O_RDWR);
+	if (hndl->dev_fd == -1)
+		goto error_out_free;
+
+	close(fd);
+
+	return hndl;
+
+error_out_free:
+	if (hndl->group_name)
+		free(hndl->group_name);
+	free(hndl);
+	hndl = NULL;
+error_out_close:
+	close(fd);
+error_out:
+	return hndl;
+}
+
+int dazukofs_close(dazukofs_handle_t hndl, int flags)
+{
+	char buf[48];
+	int fd;
+	int ret = -1;
+
+	if (flags & DAZUKOFS_REMOVE_GROUP) {
+		fd = open("/dev/dazukofs.ctrl", O_WRONLY);
+		if (fd == -1)
+			goto error_out;
+
+		memset(buf, 0, sizeof(buf));
+		snprintf(buf, sizeof(buf) - 1, "del=%s", hndl->group_name);
+
+		if (write(fd, buf, strlen(buf)) == -1) {
+			close(fd);
+			goto error_out;
+		}
+
+		close(fd);
+	}
+
+	ret = close(hndl->dev_fd);
+	if (ret != 0)
+		goto error_out;
+
+	free(hndl->group_name);
+	free(hndl);
+
+	return 0;
+
+error_out:
+	return ret;
+}
+
+int dazukofs_get_access(dazukofs_handle_t hndl, struct dazukofs_access *acc)
+{
+	char buf[48];
+	char *p;
+	int err = -1;
+
+	memset(buf, 0, sizeof(buf));
+	if (read(hndl->dev_fd, buf, sizeof(buf)-1) == -1)
+		goto out;
+
+	p = strstr(buf, "id=");
+	if (!p)
+		goto out;
+	p += 3;
+	hndl->event_id = strtoul(p, &p, 10);
+
+	p = strstr(p, "fd=");
+	if (!p)
+		goto out;
+	p += 3;
+	acc->fd = (int)strtol(p, &p, 10);
+
+	p = strstr(p, "pid=");
+	if (!p)
+		goto out;
+	p += 4;
+	acc->pid = strtoul(p, NULL, 10);
+
+	acc->deny = 0;
+
+	err = 0;
+out:
+	return err;
+}
+
+int dazukofs_return_access(dazukofs_handle_t hndl, struct dazukofs_access *acc)
+{
+	char buf[48];
+	int err = -1;
+
+	if (close(acc->fd) != 0)
+		goto out;
+	snprintf(buf, sizeof(buf)-1, "id=%lu r=%d", hndl->event_id,
+		 acc->deny ? 1 : 0);
+	buf[sizeof(buf)-1] = 0;
+
+	if (write(hndl->dev_fd, buf, strlen(buf)) == -1)
+		goto out;
+	lseek(hndl->dev_fd, 0, SEEK_SET);
+	err = 0;
+out:
+	return err;
+}
+
+int dazukofs_get_filename(struct dazukofs_access *acc, char *buf, size_t bufsiz)
+{
+	char proc[48];
+	int ret;
+
+	memset(proc, 0, sizeof(proc));
+	snprintf(proc, sizeof(proc) - 1, "/proc/self/fd/%d", acc->fd);
+	ret = readlink(proc, buf, bufsiz - 1);
+	buf[bufsiz - 1] = 0;
+	if (ret > 0)
+		buf[ret] = 0;
+
+	return ret;
+}

clamd/dazukofs.h

@@ -0,0 +1,48 @@
+/* userspace library to interface with dazukofs
+
+   Copyright (C) 2008 John Ogness
+     Author: John Ogness <dazukocode@ogness.net>
+
+   This library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   This library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with this library; if not, write to the Free Software
+   Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+*/
+
+#ifndef __DAZUKOFS_H
+#define __DAZUKOFS_H
+
+#include <stdio.h>
+
+/* dazukofs_open() flags */
+#define DAZUKOFS_TRACK_GROUP 1
+
+/* dazukofs_close() flags */
+#define DAZUKOFS_REMOVE_GROUP 1
+
+struct dazukofs_handle;
+typedef struct dazukofs_handle * dazukofs_handle_t;
+
+struct dazukofs_access
+{
+	int fd;
+	int deny;
+	unsigned long pid;
+};
+
+dazukofs_handle_t dazukofs_open(const char *gname, int flags);
+int dazukofs_get_access(dazukofs_handle_t hndl, struct dazukofs_access *acc);
+int dazukofs_return_access(dazukofs_handle_t hndl, struct dazukofs_access *acc);
+int dazukofs_close(dazukofs_handle_t hndl, int flags);
+int dazukofs_get_filename(struct dazukofs_access *acc, char *buf, size_t bufsiz);
+
+#endif /* __DAZUKOFS_H */

etc/clamd.conf

@@ -403,15 +403,26 @@ LocalSocket /tmp/clamd.socket
 
 ##
 ## Clamuko settings
-## WARNING: This is experimental software. It is very likely it will hang
-##	    up your system!!!
 ##
 
-# Enable Clamuko. Dazuko (/dev/dazuko) must be configured and running.
+# Enable Clamuko. Dazuko must be configured and running. Clamuko supports
+# both Dazuko (/dev/dazuko) and DazukoFS (/dev/dazukofs.ctrl). DazukoFS
+# is the preferred option. For more information please visit www.dazuko.org
 # Default: no
 #ClamukoScanOnAccess yes
 
-# Set access mask for Clamuko.
+# The number of scanner threads that will be started (DazukoFS only).
+# Having multiple scanner threads allows Clamuko to serve multiple
+# processes simultaneously. This is particularly beneficial on SMP machines.
+# Default: 3
+#ClamukoScannerCount 3
+
+# Don't scan files larger than ClamukoMaxFileSize
+# Value of 0 disables the limit.
+# Default: 5M
+#ClamukoMaxFileSize 10M
+
+# Set access mask for Clamuko (Dazuko only).
 # Default: no
 #ClamukoScanOnOpen yes
 #ClamukoScanOnClose yes
@@ -419,16 +430,11 @@ LocalSocket /tmp/clamd.socket
 
 # Set the include paths (all files inside them will be scanned). You can have
 # multiple ClamukoIncludePath directives but each directory must be added
-# in a seperate line.
+# in a seperate line. (Dazuko only)
 # Default: disabled
 #ClamukoIncludePath /home
 #ClamukoIncludePath /students
 
-# Set the exclude paths. All subdirectories are also excluded.
+# Set the exclude paths. All subdirectories are also excluded. (Dazuko only)
 # Default: disabled
 #ClamukoExcludePath /home/bofh
-
-# Don't scan files larger than ClamukoMaxFileSize
-# Value of 0 disables the limit.
-# Default: 5M
-#ClamukoMaxFileSize 10M

shared/optparser.c

@@ -289,6 +289,8 @@ const struct clam_option clam_options[] = {
 
     { "ClamukoScanOnAccess", NULL, 0, TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD, "This option enables Clamuko. Dazuko needs to be already configured and\nrunning.", "no" },
 
+    { "ClamukoScannerCount", NULL, 0, TYPE_NUMBER, MATCH_NUMBER, 3, NULL, 0, OPT_CLAMD, "The number of scanner threads that will be started (DazukoFS only).\nHaving multiple scanner threads allows Clamuko to serve multiple\nprocesses simultaneously. This is particularly beneficial on SMP machines.", "3" },
+
     { "ClamukoScanOnOpen", NULL, 0, TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD, "Scan files when they get opened by the system.", "yes" },
 
     { "ClamukoScanOnClose", NULL, 0, TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD, "Scan files when they get closed by the system.", "yes" },