Monday, June 02, 2025

Building and Installing ClamAV 1.4.x LTS on Solaris 11.4

ClamAV is an open-source antivirus engine which is widly used. Problem has been that since v1.0.0 onwards the build process changed and didn't work on Solaris. Now you can build and run it on Solaris 11.4. 

Key points:

  • At this time ClamAV does not support Solaris, but I have filed bug reports
  • Using ClamAV 1.4.2 LTS (https://www.clamav.net/downloads)
  • Tested on Solaris 11.4.79.189.2 onwards and Solaris 11.4.81 CBE
  • I am miss basic steps i.e. creating usernames, etc
  • Installation will be put into /usr/local/clamav142

Install development tools and rust packages:

# uname -a
SunOS mailer1 5.11 11.4.79.189.2 i86pc i386 i86pc non-global-zone
# pkg install archiver/gnu-tar build/autoconf build/automake build/libtool gcc cmake git
# pkg install developer/rust/cargo developer/rust/cbindgen developer/rust/rustc library/python/setuptools-rust developer/test/check library/python/pytest developer/test/check developer/rust/cbindgen library/python/pytest-311 
# gzip -dc clamav-1.4.2.tar.gz | gtar xf -

# export PATH=/usr/bin:/usr/sbin:/usr/gnu/bin:/usr/local/clamav/sbin
# patch -p0 --dry-run --verbose < patchfile.patch
// if you are happy then patch files
# patch -p0 < patchfile.patch

# cd clamav-1.4.2
# mkdir build && cd build
# export CLAMAVVER=142
# cmake ..  \
      -D CMAKE_BUILD_TYPE="Release"  \
      -D PCRE2_INCLUDE_DIR=/usr/include/pcre  \
      -D NCURSES_INCLUDE_DIR=/usr/include/ncurses  \
      -D CURSES_LIBRARY=/usr/lib/64/libncurses.so  \
      -D CMAKE_INSTALL_PREFIX:PATH=/usr/local/clamav$CLAMAVVER \
      -D bindgen_EXECUTABLE=/usr/bin/cbindgen

-- The C compiler identification is GNU 14.2.0
-- The CXX compiler identification is GNU 14.2.0
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Check for working C compiler: /usr/bin/gcc - skipped
-- Detecting C compile features
-- Detecting C compile features - done
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Check for working CXX compiler: /usr/bin/c++ - skipped
-- Detecting CXX compile features
-- Detecting CXX compile features - done
-- Found Git: /usr/bin/git (found version "2.45.2")
-- Rust tool `cargo` found: /usr/bin/cargo, 1.78.0
-- Rust tool `rustc` found: /usr/bin/rustc, 1.78.0
-- Rust tool `rustup` not found.
-- Rust tool `rust-gdb` not found: Failed to determine version.
-- Rust tool `rust-lldb` not found.
-- Rust tool `rustdoc` found: /usr/bin/rustdoc, 1.78.0
-- Rust tool `rustfmt` found: /usr/bin/rustfmt, 1.7.0
-- Rust tool `bindgen` found: /usr/bin/cbindgen, 0.26.0
-- Rust's native static libs: -lsocket;-lposix4;-lpthread;-lresolv;-lgcc_s;-lc;-lm;-lrt;-lpthread;-lsendfile;-llgrp
-- Found Rust: /usr/bin/cargo (found version "1.78.0")
-- Found Libcheck: /usr/include
-- Found Python3: /usr/bin/python3.11 (found version "3.11.10") found components: Interpreter
-- Found Threads: TRUE
-- Found OpenSSL: /usr/openssl/3/lib/64/libcrypto.so (found version "3.0.15")
-- Found ZLIB: /usr/lib/64/libz.so (found version "1.2.13")
-- Found BZip2: /usr/lib/64/libbz2.so (found version "1.0.8")
-- Looking for BZ2_bzCompressInit
-- Looking for BZ2_bzCompressInit - found
-- Found LibXml2: /usr/lib/64/libxml2.so (found version "2.11.5")
-- Found PCRE2: /usr/lib/64/libpcre2-8.so
-- Performing Test Iconv_IS_BUILT_IN
-- Performing Test Iconv_IS_BUILT_IN - Success
-- Found Iconv: /usr/lib/64/libc.so
-- Found JSONC: /usr/lib/64/libjson-c.so
-- Found CURL: /usr/lib/64/libcurl.so (found version "8.11.1")
-- Found CURSES: /usr/lib/64/libncursesw.so
-- Found Milter: /usr/lib/64/libmilter.so
-- Performing Test CXX_FLAG__std_c_14
-- Performing Test CXX_FLAG__std_c_14 - Success
-- Looking for arpa/inet.h
-- Looking for arpa/inet.h - found
-- Looking for fcntl.h
-- Looking for fcntl.h - found
-- Looking for grp.h
-- Looking for grp.h - found
-- Looking for limits.h
-- Looking for limits.h - found
-- Looking for malloc.h
-- Looking for malloc.h - found
-- Looking for netdb.h
-- Looking for netdb.h - found
-- Looking for netinet/in.h
-- Looking for netinet/in.h - found
-- Looking for poll.h
-- Looking for poll.h - found
-- Looking for pwd.h
-- Looking for pwd.h - found
-- Looking for stdbool.h
-- Looking for stdbool.h - found
-- Looking for stdlib.h
-- Looking for stdlib.h - found
-- Looking for string.h
-- Looking for string.h - found
-- Looking for strings.h
-- Looking for strings.h - found
-- Looking for sys/cdefs.h
-- Looking for sys/cdefs.h - not found
-- Looking for sys/dl.h
-- Looking for sys/dl.h - not found
-- Looking for sys/fileio.h
-- Looking for sys/fileio.h - not found
-- Looking for sys/mman.h
-- Looking for sys/mman.h - found
-- Looking for sys/param.h
-- Looking for sys/param.h - found
-- Looking for sys/queue.h
-- Looking for sys/queue.h - found
-- Looking for sys/select.h
-- Looking for sys/select.h - found
-- Looking for sys/socket.h
-- Looking for sys/socket.h - found
-- Looking for sys/stat.h
-- Looking for sys/stat.h - found
-- Looking for sys/time.h
-- Looking for sys/time.h - found
-- Looking for sys/times.h
-- Looking for sys/times.h - found
-- Looking for sys/uio.h
-- Looking for sys/uio.h - found
-- Looking for syslog.h
-- Looking for syslog.h - found
-- Looking for termios.h
-- Looking for termios.h - found
-- Looking for time.h
-- Looking for time.h - found
-- Looking for unistd.h
-- Looking for unistd.h - found
-- Looking for sys/fanotify.h
-- Looking for sys/fanotify.h - not found
-- Looking for resolv.h
-- Looking for resolv.h - found
-- Looking for dirent.h
-- Looking for dirent.h - found
-- Looking for dlfcn.h
-- Looking for dlfcn.h - found
-- Looking for inttypes.h
-- Looking for inttypes.h - found
-- Looking for sys/inttypes.h
-- Looking for sys/inttypes.h - found
-- Looking for sys/int_types.h
-- Looking for sys/int_types.h - found
-- Looking for stdint.h
-- Looking for stdint.h - found
-- Looking for sys/types.h
-- Looking for sys/types.h - found
-- Looking for stddef.h
-- Looking for stddef.h - found
-- Check size of ssize_t
-- Check size of ssize_t - done
-- Check size of off_t
-- Check size of off_t - done
-- Check size of int
-- Check size of int - done
-- Check size of short
-- Check size of short - done
-- Check size of long
-- Check size of long - done
-- Check size of long long
-- Check size of long long - done
-- Performing Test HAVE_RESTRICT
-- Performing Test HAVE_RESTRICT - Success
-- Performing Test HAVE_ATTRIB_PACKED
-- Performing Test HAVE_ATTRIB_PACKED - Success
-- Performing Test HAVE_ATTRIB_ALIGNED
-- Performing Test HAVE_ATTRIB_ALIGNED - Success
-- Performing Test HAVE_SYSTEM_LFS_FTS
-- Performing Test HAVE_SYSTEM_LFS_FTS - Success
-- Looking for recvmsg
-- Looking for recvmsg - found
-- Looking for sendmsg
-- Looking for sendmsg - found
-- Performing Test HAVE_CONTROL_IN_MSGHDR
-- Performing Test HAVE_CONTROL_IN_MSGHDR - Success
-- Performing Test HAVE_STRUCT_TM_TM_GMTOFF
-- Performing Test HAVE_STRUCT_TM_TM_GMTOFF - Failed
-- Check size of int *
-- Check size of int * - done
-- Check size of time_t
-- Check size of time_t - done
-- Looking for _Exit
-- Looking for _Exit - found
-- Looking for accept4
-- Looking for accept4 - not found
-- Looking for snprintf
-- Looking for snprintf - found
-- Looking for stat64
-- Looking for stat64 - found
-- Looking for strcasestr
-- Looking for strcasestr - found
-- Looking for strerror_r
-- Looking for strerror_r - found
-- Looking for strlcat
-- Looking for strlcat - found
-- Looking for strlcpy
-- Looking for strlcpy - found
-- Looking for strndup
-- Looking for strndup - found
-- Looking for strnlen
-- Looking for strnlen - found
-- Looking for strnstr
-- Looking for strnstr - found
-- Looking for sysctlbyname
-- Looking for sysctlbyname - not found
-- Looking for timegm
-- Looking for timegm - found
-- Looking for vsnprintf
-- Looking for vsnprintf - found
-- Looking for fseeko
-- Looking for fseeko - found
-- Looking for getaddrinfo
-- Looking for getaddrinfo - found
-- Looking for getpagesize
-- Looking for getpagesize - found
-- Looking for mkstemp
-- Looking for mkstemp - not found
-- Looking for poll
-- Looking for poll - found
-- Looking for setgroups
-- Looking for setgroups - found
-- Looking for setsid
-- Looking for setsid - found
-- Looking for initgroups
-- Looking for initgroups - found
-- Performing Test C_FLAG__Wall
-- Performing Test C_FLAG__Wall - Success
-- Performing Test C_FLAG__Wextra
-- Performing Test C_FLAG__Wextra - Success
-- Performing Test C_FLAG__Wformat_security
-- Performing Test C_FLAG__Wformat_security - Success
-- Performing Test CXX_FLAG__Wall
-- Performing Test CXX_FLAG__Wall - Success
-- Performing Test CXX_FLAG__Wformat_security
-- Performing Test CXX_FLAG__Wformat_security - Success
-- Performing Test CXX_FLAG__Wno_comment
-- Performing Test CXX_FLAG__Wno_comment - Success
-- Performing Test HAVE_MMAP
-- Performing Test HAVE_MMAP - Success
-- Performing Test HAVE_MMAP_MAP_ANONYMOUS
-- Performing Test HAVE_MMAP_MAP_ANONYMOUS - Success
-- Performing Test HAVE_SYSCONF_SC_PAGESIZE
-- Performing Test HAVE_SYSCONF_SC_PAGESIZE - Success
-- Configuration Options Summary --
    Package Version:        ClamAV 1.4.2
    libclamav version:      12:3:0
    libfreshclam version:   3:2:0
    Install prefix:         /usr/local/clamav142
    Install database dir:   /usr/local/clamav142/share/clamav
    Install config dir:     /usr/local/clamav142/etc
    Host system:            SunOS-5.11
    Target system:          SunOS-5.11
    Compiler:
        Build type:         Release
        C compiler:         /usr/bin/gcc
        C++ compiler:       /usr/bin/c++
        Rust toolchain:     /usr/bin/cargo (1.78.0)
        CFLAGS:             -O3
        CXXFLAGS:           -O3
        WARNCFLAGS:          -Wall -Wextra -Wformat-security
    Build Options:
        Build apps:         ON
        Shared library:     ON
        Static library:     OFF
        Enable UnRAR:       ON
        Examples:           OFF
        Tests:              ON
        Build man pages:    ON
        Build doxygen HTML: OFF
        Maintainer Mode:    OFF
    Build Extras:
        Build milter:       ON  (toggle with -DENABLE_MILTER=ON/OFF)
-- Engine Options --
        Bytecode Runtime:
            interpreter
-- Test Dependencies --
        Unit Test Framework:
            libcheck        /usr/include
                            /usr/lib/64/libcheck.so
        Feature Test Framework:
            python3         /usr/bin/python3.11
            test command    pytest;-v
-- libclamav Dependencies --
        Compression support:
            bzip2           /usr/include
                            /usr/lib/64/libbz2.so
            zlib            /usr/include
                            /usr/lib/64/libz.so
        XML support:
            libxml2         /usr/include/libxml2;/usr/include/libxml2
                            /usr/lib/64/libxml2.so
        RegEx support:
            libpcre2        /usr/include/pcre
                            /usr/lib/64/libpcre2-8.so
        Crypto support:
            openssl         /usr/openssl/3/include
                            /usr/openssl/3/lib/64/libssl.so;/usr/openssl/3/lib/64/libcrypto.so
        JSON support:
            json-c          /usr/include/json-c
                            /usr/lib/64/libjson-c.so
        Threading support:
            pthread
        Locale support:
            iconv           /usr/include
                            /usr/lib/64/libc.so
-- libfreshclam Extra Dependencies --
        HTTP support:
            curl            /usr/include
                            /usr/lib/64/libcurl.so
-- Application Extra Dependencies --
        GUI support:
            ncurses         /usr/include/ncurses
                            /usr/lib/64/libncursesw.so
        Milter Support:
            libmilter       /usr/include
                            /usr/lib/64/libmilter.so

-- Warning: libjson-c is known to share symbol names with other JSON libraries which may result in crashes for applications that use libclamav. Consider providing a static json-c library that was compiled with: CFLAGS="-fPIC". Default build settings for json-c 0.15+ should also work. Use the `-DENABLE_JSON_SHARED=OFF` option to prefer detection of the static library, or use -DJSONC_INCLUDE_DIR and -DJSONC_LIBRARY to specify the static JSON library.
-- Configuring done
-- Generating done
-- Build files have been written to: /export/home/defang/clamav-1.4.2/build

# cmake --build .  --config Release
[  1%] Building CXX object libclamunrar/CMakeFiles/clamunrar.dir/archive.cpp.o
[  1%] Building CXX object libclamunrar/CMakeFiles/clamunrar.dir/arcread.cpp.o
....
[100%] Decrypting test file clam-v3.rar...
Created: '/export/home/defang/clamav-1.4.2/build/unit_tests/input/clamav_hdb_scanfiles/clam-v3.rar'
[100%] Built target tgt_clam-v3.rar

# ctest
Test project /export/home/defang/clamav-1.4.2/build
    Start 1: libclamav
....
Test project /export/home/defang/clamav-1.4.2/build
    Start 1: libclamav
1/6 Test #1: libclamav ........................   Passed   44.39 sec
    Start 2: libclamav_rust
2/6 Test #2: libclamav_rust ...................   Passed  108.14 sec
    Start 3: clamscan
3/6 Test #3: clamscan .........................   Passed   25.28 sec
    Start 4: clamd
4/6 Test #4: clamd ............................   Passed   33.05 sec
    Start 5: freshclam
5/6 Test #5: freshclam ........................   Passed   33.10 sec
    Start 6: sigtool
6/6 Test #6: sigtool ..........................   Passed    4.33 sec
100% tests passed, 0 tests failed out of 6
Total Test time (real) = 248.31 sec

# cmake --build . --config Release --target install
Consolidate compiler generated dependencies of target clamunrar
[ 14%] Built target clamunrar
Consolidate compiler generated dependencies of target clamunrar_iface
...
-- Installing: /usr/local/clamav142/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-300.woff2
-- Installing: /usr/local/clamav142/share/doc/ClamAV/html/toc.js
-- Installing: /usr/local/clamav142/share/doc/ClamAV/html/searcher.js

# mkdir -p /usr/local/clamav$CLAMAVVER/share/clamav
Some basic configuration (Ref: https://docs.clamav.net/manual/Usage/Configuration.html)
# touch /var/log/freshclam.log
# chmod 600 /var/log/freshclam.log 
# chown clamav /var/log/freshclam.log

# diff  /usr/local/clamav$CLAMAVVER/etc/freshclam.conf /usr/local/clamav$CLAMAVVER/etc/freshclam.conf.sample
8c8
< #Example
---
> Example

# diff /usr/local/clamav$CLAMAVVER/etc/clamd.conf /usr/local/clamav$CLAMAVVER/etc/clamd.conf.sample |head
8c8
< #Example
---
> Example
14c14
< LogFile /var/log/clamd.log
---
> #LogFile /tmp/clamd.log

//Update, Download signatures and Test
# /usr/local/clamav$CLAMAVVER/bin/freshclam
ClamAV update process started at Fri May 30 14:49:44 2025
daily database available for update (local version: 27589, remote version: 27653)
Current database is 64 versions behind.
Downloading database patch # 27590...
....
Testing database: '/usr/local/clamav142/share/clamav/tmp.a7f3c363c3/clamav-b49b2c569218830e03c8b0e008f37fae.tmp-daily.cld' ...
Database test passed.
daily.cld updated (version: 27653, sigs: 2075704, f-level: 90, builder: raynman)
main.cld database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode.cld database is up-to-date (version: 336, sigs: 83, f-level: 90, builder: nrandolp)

# /usr/local/clamav$CLAMAVVER/bin/clamscan --version
ClamAV 1.4.2/27653/Fri May 30 09:36:57 2025
That it and I hope this has been useful.

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)