|
|
 |
|
 |
|
 |
|
 |
|
Clamav with Debian : LibClamAV Warning: RAR code not compiled-in
|
|
 |
|
 |
A non-GPL license
Since 0.92, Debian cannot distribute Clamav packages with the unrar 3.0 code compiled in for license reasons. Unrar 1.0 and 2.0 file format are still supported but unrar 3.0 is not compiled in by default anymore. At the moment, there is no debian official / volatile / backport / non-free / unofficial mirror that offers a clamav package with RAR 3.0 code built-in.
How do I know if my Clamscan handles RAR 3.0 or not ?
Download RAR 3.0 test file, check it with clamscan. Two results are possible :
- clam.rar: ClamAV-Test-File FOUND : Your Clamscan supports RAR 3.0
- LibClamAV Warning: RAR code not compiled-in : Your Clamscan does not support RAR 3.0
The user's choice
To face to this problem, the user has 3 choices :
- Continue to use debian mirrors for Clamav package. He will be able to scan RAR 3.0 with an external unpacker (see --unrar option for clamscan). This could be usefull for a desktop user, but not for a server because of performance impact.
- Wait for a 3rd party to build mirror to make Clamav packages available with unrar 3.0 feature built-in. We guess it is not a good way due to security reasons : Clamav 0.92 is patching 3 security holes. Better to upgrade to 0.92.
- Compile yourself the 0.92 version with unrar 3.0 code build-in. As far as we are a computer security company, that's our choice for obvious security reasons : we cannot stay with 0.91.1 and we cannot let viruses bypass the protections for a license problem.
How to compile ?
Preparing the operating system
First of all, be sure to have at least a gcc compiler :
apt-get install gcc make
You could need other packages and devel packages :
apt-get install libwrap0 html2text libmagic1 libmilter0 libgmp3c2 file gettext bc libbz2-dev libmilter-dev libgmp3-dev libwrap0-dev zlib1g-dev
Get Clamav compile and install
cd /tmp
wget http://heanet.dl.sourceforge.net/sourceforge/clamav/clamav-0.92.tar.gz
tar xvzf clamav-0.92.tar.gz
cd clamav-0.92
./configure --prefix=/usr --mandir=\${prefix}/share/man --infodir=\${prefix}/share/info --disable-clamav --with-dbdir=/var/lib/clamav/ --sysconfdir=/etc/clamav --with-sendmail=/usr/sbin/sendmail --enable-milter --disable-clamuko --with-tcpwrappers --with-gnu-ld --with-dns --enable-dns-fix
/usr/bin/make CFLAGS="-Wall -g -O2" pkgdatadir=/var/lib/clamav/ all
/usr/bin/make install
If all above does not generate errors, then it should be fully operational. Check it by clamscan the clam.rar file.
Warranty
NO WARRANTY OF ANY KIND IS EXPRESSED OR IMPLIED. YOU USE AT YOUR OWN RISK. THE AUTHOR WILL NOT BE LIABLE FOR DATA LOSS, DAMAGES, LOSS OF PROFITS OR ANY OTHER KIND OF LOSS WHILE USING OR MISUSING THIS SOFTWARE.
|
|
 |
|
 |
|
|
