Use also clamav-unofficial-sigs DB

[miurahr]

Is your feature request related to a problem? Please describe.
There are clamav-unofficial-sigs that can be used for scan.
It will be nice to check these sigs too.

Describe the solution you'd like

• apt-get install clamav-unofficial-sigs
• run clamav-unofficial-sigs before running clamscan

Describe alternatives you've considered

• It can be an optional

[miurahr]

Generic installation

mkdir -p /usr/local/sbin/
wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/clamav-unofficial-sigs.sh -O /usr/local/sbin/clamav-unofficial-sigs.sh && chmod 755 /usr/local/sbin/clamav-unofficial-sigs.sh
mkdir -p /etc/clamav-unofficial-sigs/
wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/config/master.conf -O /etc/clamav-unofficial-sigs/master.conf
wget https://raw.githubusercontent.com/extremeshok/clamav-unofficial-sigs/master/config/user.conf -O /etc/clamav-unofficial-sigs/user.conf

https://github.com/extremeshok/clamav-unofficial-sigs/blob/master/INSTALL.md

[djdefi]

Looks like freshclam could handle this https://wiki.gentoo.org/wiki/ClamAV_Unofficial_Signatures

There are two good approaches to using unofficial signatures on Gentoo (and elsewhere). The first is to use {{Package|app-antivirus/fangfrisch}}, and the second is to use freshclam itself. The eXtremeSHOK clamav-unofficial-sigs script is '''not''' a secure option.

== Using freshclam ==

Freshclam now supports https URLs, so if your unofficial signatures are available direct from an http(s) URL, then adding them to freshclam is easy. For example,

/etc/freshclam.conf

  # These HTTP mirrors aren't quite official, but I've asked about them
  # on the sanesecurity mailing list and someone offered them to the public.
  DatabaseCustomURL https://mirror.rollernet.us/sanesecurity/badmacro.ndb
  DatabaseCustomURL https://mirror.rollernet.us/sanesecurity/blurl.ndb
  DatabaseCustomURL https://mirror.rollernet.us/sanesecurity/junk.ndb
  DatabaseCustomURL https://mirror.rollernet.us/sanesecurity/jurlbl.ndb
  DatabaseCustomURL https://mirror.rollernet.us/sanesecurity/jurlbla.ndb
  DatabaseCustomURL https://mirror.rollernet.us/sanesecurity/lott.ndb

There are only a few downsides to using freshclam:

• Freshclam can't rename the downloaded file, so if the source file is incorrectly named, freshclam will fail to validate it (because clamav won't know how to read it).
• Freshclam only supports http(s), so you're out of luck if your database is only served over rsync.
• There's currently [https://bugzilla.clamav.net/show_bug.cgi?id=12522 a bug in freshclam] that causes it to validate malformed databases, which will crash clamav. So if there's a chance that you'll download a bad database, freshclam may not be the best choice (until that bug is fixed).

[rohthegreat]

SO do you want me to go to the file and change it and hope all goes well @djdefi?