rpms / clamav

Clone
Source Code
GIT

#13 Re-enable on-access scanning for EL7
Closed 3 years ago by sergiomb. Opened 3 years ago by orion.
rpms/ orion/clamav curl  into  epel7

file added
+56 
@@ -0,0 +1,56 @@ 
 

+ diff -up clamav-0.102.2/clamonacc/client/communication.c.curl clamav-0.102.2/clamonacc/client/communication.c
 

+ --- clamav-0.102.2/clamonacc/client/communication.c.curl	2020-02-04 07:59:26.000000000 -0700
 

+ +++ clamav-0.102.2/clamonacc/client/communication.c	2020-04-29 21:44:45.073020203 -0600
 

+ @@ -42,12 +42,12 @@
 

+  

+  #include "communication.h"
 

+  

+ -static int onas_socket_wait(curl_socket_t sockfd, int32_t b_recv, uint64_t timeout_ms);
 

+ +static int onas_socket_wait(long sockfd, int32_t b_recv, uint64_t timeout_ms);
 

+  

+  /**
 

+   * Function from curl example code, Copyright (C) 1998 - 2018, Daniel Stenberg, see COPYING.curl for license details
 

+   */
 

+ -static int onas_socket_wait(curl_socket_t sockfd, int32_t b_recv, uint64_t timeout_ms)
 

+ +static int onas_socket_wait(long sockfd, int32_t b_recv, uint64_t timeout_ms)
 

+  {
 

+      struct timeval tv;
 

+      fd_set infd, outfd, errfd;
 

+ @@ -79,9 +79,9 @@ int onas_sendln(CURL *curl, const void *
 

+  {
 

+      size_t sent = 0;
 

+      CURLcode curlcode;
 

+ -    curl_socket_t sockfd;
 

+ +    long sockfd;
 

+  

+ -    curlcode = curl_easy_getinfo(curl, CURLINFO_ACTIVESOCKET, &sockfd);
 

+ +    curlcode = curl_easy_getinfo(curl, CURLINFO_LASTSOCKET, &sockfd);
 

+  

+      if (CURLE_OK != curlcode) {
 

+          logg("!ClamCom: could not get curl active socket info %s\n", curl_easy_strerror(curlcode));
 

+ @@ -137,9 +137,9 @@ int onas_recvln(struct RCVLN *rcv_data,
 

+  {
 

+      char *eol;
 

+      int ret = 0;
 

+ -    curl_socket_t sockfd;
 

+ +    long sockfd;
 

+  

+ -    rcv_data->curlcode = curl_easy_getinfo(rcv_data->curl, CURLINFO_ACTIVESOCKET, &sockfd);
 

+ +    rcv_data->curlcode = curl_easy_getinfo(rcv_data->curl, CURLINFO_LASTSOCKET, &sockfd);
 

+  

+      if (CURLE_OK != rcv_data->curlcode) {
 

+          logg("!ClamCom: could not get curl active socket info %s\n", curl_easy_strerror(rcv_data->curlcode));
 

+ diff -up clamav-0.102.2/m4/reorganization/libs/curl.m4.curl clamav-0.102.2/m4/reorganization/libs/curl.m4
 

+ --- clamav-0.102.2/m4/reorganization/libs/curl.m4.curl	2020-02-04 07:59:26.000000000 -0700
 

+ +++ clamav-0.102.2/m4/reorganization/libs/curl.m4	2020-04-29 21:36:15.043808045 -0600
 

+ @@ -62,8 +62,8 @@ if test "X$have_curl" = "Xyes"; then
 

+      dnl end of section
 

+  

+      AM_COND_IF([BUILD_CLAMONACC],
 

+ -                    dnl if version greater than (7.45)
 

+ -                    [if test $curl_version -ge 470272 ; then
 

+ +                    dnl if version greater than (7.29)
 

+ +                    [if test $curl_version -ge 466176 ; then
 

+                          $enable_clamonacc="yes"
 

+                      else
 

+                          AC_MSG_ERROR([m4_normalize([

file modified
+38 -10 
@@ -2,13 +2,8 @@ 
 

  

  %global _hardened_build 1
 

  

- ## Fedora Extras specific customization below...
 

- # EL7's curl is too old
 

- %if 0%{?fedora} || 0%{?rhel} >= 8
 

+ ## Fedora specific customization below...
 

  %bcond_without  clamonacc
 

- %else
 

- %bcond_with     clamonacc
 

- %endif
 

  %bcond_without  tmpfiles
 

  %bcond_with     unrar
 

  %ifnarch ppc64
 
@@ -46,7 +41,7 @@ 
 

  Summary:    End-user tools for the Clam Antivirus scanner
 

  Name:       clamav
 

  Version:    0.102.2
 

- Release:    4%{?dist}
 

+ Release:    7%{?dist}
 

  License:    %{?with_unrar:proprietary}%{!?with_unrar:GPLv2}
 

  URL:        https://www.clamav.net/
 

  %if %{with unrar}
 
@@ -72,6 +67,8 @@ 
 

  Source11:   daily-25719.cvd
 

  #http://database.clamav.net/bytecode.cvd
 

  Source12:   bytecode-331.cvd
 

+ #for clamonacc
 

+ Source100:  clamonacc.service
 

  #for update
 

  Source200:  freshclam-sleep
 

  Source201:  freshclam.sysconfig
 
@@ -92,6 +89,8 @@ 
 

  Patch1:     clamav-default_confs.patch
 

  # Fix pkg-config flags for static linking, multilib
 

  Patch2:     clamav-0.99-private.patch
 

+ # Patch to use EL7 libcurl
 

+ Patch3:     clamav-curl.patch
 

  

  BuildRequires:  autoconf automake gettext-devel libtool libtool-ltdl-devel
 

  BuildRequires:  gcc-c++
 
@@ -117,6 +116,7 @@ 
 

  #for milter
 

  BuildRequires:  sendmail-devel
 

  

+ Requires:   clamav-filesystem = %version-%release
 

  Requires:   clamav-lib = %version-%release
 

  Requires:   data(clamav)
 

  
@@ -247,6 +247,8 @@ 
 

  %endif
 

  %patch1 -p1 -b .default_confs
 

  %patch2 -p1 -b .private
 

+ # Patch to use older libcurl
 

+ %{?el7:%patch3 -p1 -b .curl}
 

  

  install -p -m0644 %SOURCE300 clamav-milter/
 

  
@@ -316,6 +318,8 @@ 
 

  install -D -m 0644 -p %SOURCE3      _doc_server/clamd.logrotate
 

  install -D -m 0644 -p %SOURCE5      _doc_server/README
 

  

+ install -D -p -m 0644 %SOURCE100        $RPM_BUILD_ROOT%_unitdir/clamonacc.service
 

+ 

  install -D -p -m 0644 %SOURCE530        $RPM_BUILD_ROOT%_unitdir/clamd@.service
 

  

  ## prepare the update-files
 
@@ -332,7 +336,6 @@ 
 

  sed -ri \
 

      -e 's!^Example!#Example!' \
 

      -e 's!^#?(UpdateLogFile )!#\1!g;' \
 

-     -e 's!^#?(LogSyslog).*!\1 yes!g' \
 

      -e 's!(DatabaseOwner *)clamav$!\1%updateuser!g' $RPM_BUILD_ROOT%_sysconfdir/freshclam.conf.sample
 

  

  mv $RPM_BUILD_ROOT%_sysconfdir/freshclam.conf{.sample,}
 
@@ -408,6 +411,16 @@ 
 

  make check
 

  

  

+ %post
 

+ %systemd_post clamonacc.service
 

+ 

+ %preun
 

+ %systemd_preun clamonacc.service
 

+ 

+ %postun
 

+ %systemd_postun_with_restart clamonacc.service
 

+ 

+ 

  %pre filesystem
 

  getent group %{updateuser} >/dev/null || groupadd -r %{updateuser}
 

  getent passwd %{updateuser} >/dev/null || \
 
@@ -512,6 +525,7 @@ 
 

  %_mandir/man[15]/*
 

  %exclude %_mandir/*/freshclam*
 

  %exclude %_mandir/man5/clamd.conf.5*
 

+ %_unitdir/clamonacc.service
 

  

  

  %files lib
 
@@ -532,6 +546,8 @@ 
 

  %files filesystem
 

  %attr(-,%updateuser,%updateuser) %dir %homedir
 

  %dir %_sysconfdir/clamd.d
 

+ # Used by both clamd, clamdscan, and clamonacc
 

+ %config(noreplace) %_sysconfdir/clamd.d/scan.conf
 

  

  

  %files data
 
@@ -566,7 +582,6 @@ 
 

  %_sbindir/clamd
 

  %_unitdir/clamd@.service
 

  

- %config(noreplace) %_sysconfdir/clamd.d/scan.conf
 

  %ghost %scanstatedir/clamd.sock
 

  %if %{with tmpfiles}
 

    %_tmpfilesdir/clamd.scan.conf
 
@@ -595,7 +610,20 @@ 
 

  

  

  %changelog
 

- * Mon Mar 16 2020 Orion Poplawski <orion@cora.nwra.com> - 0.102.2-4
 

+ * Wed Apr 29 2020 Orion Poplawski <orion@nwra.com> - 0.102.2-7
 

+ - Move /etc/clamd.d/scan.conf to clamav-filesystem
 

+ - Add patch to build with EL7 libcurl - re-enable on-access scanning
 

+   (bz#1820395)
 

+ - Add clamonacc.service
 

+ 

+ * Tue Apr 21 2020 Björn Esser <besser82@fedoraproject.org> - 0.102.2-6
 

+ - Rebuild (json-c)
 

+ 

+ * Wed Apr  8 2020 Orion Poplawski <orion@nwra.com> - 0.102.2-5
 

+ - Do not log freshclam output to syslog by default - creates double entries
 

+   in the journal (bz#1822012)
 

+ 

+ * Mon Mar 16 2020 Orion Poplawski <orion@nwra.com> - 0.102.2-4
 

  - Quiet freshclam-sleep when used with proxy
 

  

  * Sat Feb 29 2020 Orion Poplawski <orion@nwra.com> - 0.102.2-3

file added
+11 
@@ -0,0 +1,11 @@ 
 

+ [Unit]
 

+ Description=Clam AntiVirus userspace daemon for OnAccess Scanning
 

+ Documentation=man:clamd(8) man:clamd.conf(5) https://www.clamav.net/documents/
 

+ ConditionPathExists=/etc/clamd.d/scan.conf
 

+ After=clamd@scan.service

here emphasizes that service needs clamd

orion commented 3 years ago

Not strictly that it needs clamd, but if you are running clamd and clamonacc on the same box you will want clamonacc to start after clamd.

 
+ 

+ [Service]
 

+ ExecStart=/usr/bin/clamonacc --foreground
 

+ 

+ [Install]
 

+ WantedBy=multi-user.target

Add patch to build with EL7 libcurl - re-enable on-access scanning (bz#1820395)

1 new commit added

  • Move /etc/clamd.d/scan.conf to clamav-filesystem
3 years ago
  • Move /etc/clamd.d/scan.conf to clamav-filesystem
  • Add clamonacc.service

So, this makes a change which I think is warranted: moving /etc/clamd.d/scan.conf to clamav-filesystem. This doesn't strictly make it a filesystem package, but it seems to make the most sense. That file is shared by clamd (@scan service), clamdscan, and clamonacc.

Hopefully simple-koji-ci does another build, but I've also started:
https://koji.fedoraproject.org/koji/taskinfo?taskID=43956915

while first 3 commits LGTM this 4th I don't know .

why not move clamonacc to clamd, instead ?

here emphasizes that service needs clamd

Not strictly that it needs clamd, but if you are running clamd and clamonacc on the same box you will want clamonacc to start after clamd.

I thought about putting clamonacc in its own sub-package, but that seems like a bit of overkill. Especially since it doesn't add any dependencies.

OK , if https://src.fedoraproject.org/rpms/clamav/pull-request/15 is not needed , starts to build a new release :smile:

Edited 3 years ago by sergiomb

I would rather stick with clamonacc in clamav. I you want to handle pushing a new release that would be great. Otherwise I could probably do it this weekend.

This can be closed as well and just merge master to epel7

agree

Pull-Request has been closed by sergiomb
3 years ago
Changes Summary 3
+56
file added
clamav-curl.patch
+38 -10
file changed
clamav.spec
+11
file added
clamonacc.service
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.