Merge branch 'master' into epel8

This commit is contained in:
Sérgio M. Basto 2020-02-10 03:15:49 +00:00
commit 0d00516340
11 changed files with 298 additions and 156 deletions

View File

@ -1,18 +0,0 @@
https://bugzilla.clamav.net/show_bug.cgi?id=12097
--- shared/optparser.c
+++ shared/optparser.c
@@ -505,6 +505,13 @@ const struct clam_option __clam_options[
{ "ClamukoExcludeUID", NULL, 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, -1, NULL, FLAG_MULTIPLE, OPT_CLAMD | OPT_DEPRECATED, "", "" },
{ "ClamukoMaxFileSize", NULL, 0, CLOPT_TYPE_SIZE, MATCH_SIZE, 5242880, NULL, 0, OPT_CLAMD | OPT_DEPRECATED, "", "" },
{ "AllowSupplementaryGroups", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_MILTER | OPT_DEPRECATED, "Initialize a supplementary group access (the process must be started by root).", "no" },
+ { "StatsHostID", "stats-host-id", 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },
+ { "StatsEnabled", "enable-stats", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },
+ { "StatsPEDisabled", "disable-pe-stats", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },
+ { "StatsTimeout", "stats-timeout", 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, -1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_FRESHCLAM | OPT_DEPRECATED, "", "" },
+ { "SubmitDetectionStats", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", "" },
+ { "DetectionStatsCountry", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", "" },
+ { "DetectionStatsHostID", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", "" },
/* Milter specific options */

View File

@ -1,33 +0,0 @@
--- clamav-0.100.0/clamav-milter/clamav-milter.c 2018-04-04 02:13:58.000000000 +0200
+++ clamav-0.100.0/clamav-milter/clamav-milter.c.umask 2018-05-28 23:25:12.374047156 +0200
@@ -432,7 +432,7 @@
if((opt = optget(opts, "PidFile"))->enabled) {
FILE *fd;
- mode_t old_umask = umask(0002);
+ mode_t old_umask = umask(0022);
if((fd = fopen(opt->strarg, "w")) == NULL) {
logg("!Can't save PID in file %s\n", opt->strarg);
--- clamav-0.100.0/shared/output.c 2018-04-04 02:13:58.000000000 +0200
+++ clamav-0.100.0/shared/output.c.umask 2018-05-28 23:24:41.968851516 +0200
@@ -379,7 +379,7 @@
if (!logg_fp && logg_file)
{
- old_umask = umask(0037);
+ old_umask = umask(0077);
if ((logg_fp = fopen(logg_file, "at")) == NULL)
{
umask(old_umask);
--- clamav-0.100.0/freshclam/freshclam.c 2018-04-04 02:13:58.000000000 +0200
+++ clamav-0.100.0/freshclam/freshclam.c.umask 2018-05-28 23:25:30.675164850 +0200
@@ -127,7 +127,7 @@
{
FILE *fd;
int old_umask;
- old_umask = umask (0006);
+ old_umask = umask (0022);
if ((fd = fopen (pidfile, "w")) == NULL)
{
logg ("!Can't save PID to file %s: %s\n", pidfile, strerror (errno));

View File

@ -1,4 +1,4 @@
VERSION=0.101.4
VERSION=0.102.2
NAME=clamav
TARBALL_CLEAN=${NAME}-${VERSION}-norar.tar.xz
TARBALL=${NAME}-${VERSION}.tar.gz
@ -6,6 +6,4 @@ TARBALL=${NAME}-${VERSION}.tar.gz
wget https://www.clamav.net/downloads/production/${TARBALL}
wget https://www.clamav.net/downloads/production/${TARBALL}.sig
gpg --verify ${TARBALL}.sig ${TARBALL}
#rm -f ${TARBALL}.tmp
zcat ${TARBALL} | tar --delete -f - '*/libclamunrar/*' | xz -c > ${TARBALL_CLEAN}
#mv ${TARBALL}.tmp ${TARBALL_CLEAN}

View File

@ -1,19 +1,78 @@
--- ./clamconf/clamconf.c.orig 2018-07-30 05:28:40.199759145 +0100
+++ ./clamconf/clamconf.c 2018-07-30 05:30:12.083760295 +0100
@@ -58,9 +58,9 @@ static struct _cfgfile {
diff -up clamav-0.102.0/clamconf/clamconf.c.default_confs clamav-0.102.0/clamconf/clamconf.c
--- clamav-0.102.0/clamconf/clamconf.c.default_confs 2019-10-11 20:46:32.216962895 -0600
+++ clamav-0.102.0/clamconf/clamconf.c 2019-10-11 20:47:16.201174669 -0600
@@ -60,9 +60,9 @@ static struct _cfgfile {
const char *name;
int tool;
} cfgfile[] = {
- { "clamd.conf", OPT_CLAMD },
+ { "clamd.d/scan.conf", OPT_CLAMD },
{ "freshclam.conf", OPT_FRESHCLAM },
- { "clamav-milter.conf", OPT_MILTER },
+ { "mail/clamav-milter.conf", OPT_MILTER },
{ NULL, 0 }
};
- {"clamd.conf", OPT_CLAMD},
+ {"clamd.d/scan.conf", OPT_CLAMD},
{"freshclam.conf", OPT_FRESHCLAM},
- {"clamav-milter.conf", OPT_MILTER},
+ {"mail/clamav-milter.conf", OPT_MILTER},
{NULL, 0}};
--- ./platform.h.in.orig 2018-07-30 06:27:54.437257754 +0100
+++ ./platform.h.in 2018-07-30 06:29:18.920124404 +0100
static void printopts(struct optstruct *opts, int nondef)
diff -up clamav-0.102.0/docs/man/clamav-milter.8.in.default_confs clamav-0.102.0/docs/man/clamav-milter.8.in
--- clamav-0.102.0/docs/man/clamav-milter.8.in.default_confs 2019-10-01 11:24:08.000000000 -0600
+++ clamav-0.102.0/docs/man/clamav-milter.8.in 2019-10-11 20:46:32.218962904 -0600
@@ -27,7 +27,7 @@ Print the version number and exit.
Read configuration from FILE.
.SH "FILES"
.LP
-@CFGDIR@/clamav-milter.conf
+@CFGDIR@/mail/clamav-milter.conf
.SH "AUTHOR"
.LP
aCaB <acab@clamav.net>
diff -up clamav-0.102.0/docs/man/clamav-milter.conf.5.in.default_confs clamav-0.102.0/docs/man/clamav-milter.conf.5.in
--- clamav-0.102.0/docs/man/clamav-milter.conf.5.in.default_confs 2019-10-01 11:24:08.000000000 -0600
+++ clamav-0.102.0/docs/man/clamav-milter.conf.5.in 2019-10-11 20:46:32.218962904 -0600
@@ -239,7 +239,7 @@ Default: no
All options expressing a size are limited to max 4GB. Values in excess will be reset to the maximum.
.SH "FILES"
.LP
-@CFGDIR@/clamav-milter.conf
+@CFGDIR@/mail/clamav-milter.conf
.SH "AUTHOR"
.LP
aCaB <acab@clamav.net>
diff -up clamav-0.102.0/docs/man/clamd.8.in.default_confs clamav-0.102.0/docs/man/clamd.8.in
--- clamav-0.102.0/docs/man/clamd.8.in.default_confs 2019-10-01 11:24:08.000000000 -0600
+++ clamav-0.102.0/docs/man/clamd.8.in 2019-10-11 20:46:32.220962914 -0600
@@ -7,7 +7,7 @@ clamd \- an anti\-virus daemon
clamd [options]
.SH "DESCRIPTION"
.LP
-The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CFGDIR@/clamd.conf
+The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CFGDIR@/clamd.d/scan.conf
.SH "COMMANDS"
.LP
It's recommended to prefix clamd commands with the letter \fBz\fR (eg. zSCAN) to indicate that the command will be delimited by a NULL character and that clamd should continue reading command data until a NULL character is read. The null delimiter assures that the complete command and its entire argument will be processed as a single command. Alternatively commands may be prefixed with the letter \fBn\fR (e.g. nSCAN) to use a newline character as the delimiter. Clamd replies will honour the requested terminator in turn.
@@ -125,7 +125,7 @@ Reload the signature databases.
Perform a clean exit.
.SH "FILES"
.LP
-@CFGDIR@/clamd.conf
+@CFGDIR@/clamd.d/scan.conf
.SH "CREDITS"
Please check the full documentation for credits.
.SH "AUTHOR"
diff -up clamav-0.102.0/docs/man/clamd.conf.5.in.default_confs clamav-0.102.0/docs/man/clamd.conf.5.in
--- clamav-0.102.0/docs/man/clamd.conf.5.in.default_confs 2019-10-01 11:24:08.000000000 -0600
+++ clamav-0.102.0/docs/man/clamd.conf.5.in 2019-10-11 20:46:32.219962909 -0600
@@ -742,7 +742,7 @@ Default: no
All options expressing a size are limited to max 4GB. Values in excess will be reset to the maximum.
.SH "FILES"
.LP
-@CFGDIR@/clamd.conf
+@CFGDIR@/clamd.d/scan.conf
.SH "AUTHORS"
.LP
Tomasz Kojm <tkojm@clamav.net>, Kevin Lin <klin@sourcefire.com>
diff -up clamav-0.102.0/platform.h.in.default_confs clamav-0.102.0/platform.h.in
--- clamav-0.102.0/platform.h.in.default_confs 2019-10-01 11:24:09.000000000 -0600
+++ clamav-0.102.0/platform.h.in 2019-10-11 20:46:32.217962899 -0600
@@ -34,9 +34,9 @@ typedef unsigned int in_addr_t;
#define PATHSEP "/"
#endif
@ -26,56 +85,3 @@
#define cli_to_utf8_maybe_alloc(x) (x)
#define cli_strdup_to_utf8(x) strdup(x)
--- ./docs/man/clamav-milter.conf.5.in.orig 2018-07-31 02:47:52.768212114 +0100
+++ ./docs/man/clamav-milter.conf.5.in 2018-07-31 02:48:57.295032444 +0100
@@ -239,7 +239,7 @@ Default: no
All options expressing a size are limited to max 4GB. Values in excess will be reset to the maximum.
.SH "FILES"
.LP
-@CFGDIR@/clamav-milter.conf
+@CFGDIR@/mail/clamav-milter.conf
.SH "AUTHOR"
.LP
aCaB <acab@clamav.net>
--- ./docs/man/clamav-milter.8.in.orig 2018-07-31 02:47:45.154130364 +0100
+++ ./docs/man/clamav-milter.8.in 2018-07-31 02:48:39.484792893 +0100
@@ -27,7 +27,7 @@ Print the version number and exit.
Read configuration from FILE.
.SH "FILES"
.LP
-@CFGDIR@/clamav-milter.conf
+@CFGDIR@/mail/clamav-milter.conf
.SH "AUTHOR"
.LP
aCaB <acab@clamav.net>
--- ./docs/man/clamd.conf.5.in.orig 2018-07-31 02:52:12.607659460 +0100
+++ ./docs/man/clamd.conf.5.in 2018-07-31 02:52:37.396992885 +0100
@@ -703,7 +703,7 @@ Default: no
All options expressing a size are limited to max 4GB. Values in excess will be reset to the maximum.
.SH "FILES"
.LP
-@CFGDIR@/clamd.conf
+@CFGDIR@/clamd.d/scan.conf
.SH "AUTHORS"
.LP
Tomasz Kojm <tkojm@clamav.net>, Kevin Lin <klin@sourcefire.com>
--- ./docs/man/clamd.8.in.orig 2018-07-31 02:51:22.897990849 +0100
+++ ./docs/man/clamd.8.in 2018-07-31 02:53:22.170595103 +0100
@@ -7,7 +7,7 @@ clamd \- an anti\-virus daemon
clamd [options]
.SH "DESCRIPTION"
.LP
-The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CFGDIR@/clamd.conf
+The daemon listens for incoming connections on Unix and/or TCP socket and scans files or directories on demand. It reads the configuration from @CFGDIR@/clamd.d/scan.conf
.SH "COMMANDS"
.LP
It's recommended to prefix clamd commands with the letter \fBz\fR (eg. zSCAN) to indicate that the command will be delimited by a NULL character and that clamd should continue reading command data until a NULL character is read. The null delimiter assures that the complete command and its entire argument will be processed as a single command. Alternatively commands may be prefixed with the letter \fBn\fR (e.g. nSCAN) to use a newline character as the delimiter. Clamd replies will honour the requested terminator in turn.
@@ -119,7 +119,7 @@ Reload the signature databases.
Perform a clean exit.
.SH "FILES"
.LP
-@CFGDIR@/clamd.conf
+@CFGDIR@/clamd.d/scan.conf
.SH "CREDITS"
Please check the full documentation for credits.
.SH "AUTHOR"

View File

@ -0,0 +1,17 @@
diff -up clamav-0.102.0/shared/optparser.c.stats-deprecation clamav-0.102.0/shared/optparser.c
--- clamav-0.102.0/shared/optparser.c.stats-deprecation 2019-10-10 21:55:31.245995091 -0600
+++ clamav-0.102.0/shared/optparser.c 2019-10-11 20:40:04.580067432 -0600
@@ -524,6 +524,13 @@ const struct clam_option __clam_options[
{"ArchiveLimitMemoryUsage", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD | OPT_DEPRECATED, "", ""},
{"MailFollowURLs", "mail-follow-urls", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", ""},
{"AllowSupplementaryGroups", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_MILTER | OPT_DEPRECATED, "Initialize a supplementary group access (the process must be started by root).", "no"},
+ {"StatsHostID", "stats-host-id", 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", "" },
+ {"StatsEnabled", "enable-stats", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_FRESHCLAM | OPT_CLAMSCAN | OPT_DEPRECATED, "", ""},
+ {"StatsPEDisabled", "disable-pe-stats", 0, CLOPT_TYPE_BOOL, MATCH_BOOL, 0, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_DEPRECATED, "", ""},
+ {"StatsTimeout", "stats-timeout", 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, -1, NULL, 0, OPT_CLAMD | OPT_CLAMSCAN | OPT_FRESHCLAM | OPT_DEPRECATED, "", ""},
+ {"SubmitDetectionStats", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", ""},
+ {"DetectionStatsCountry", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", ""},
+ {"DetectionStatsHostID", NULL, 0, CLOPT_TYPE_STRING, NULL, -1, NULL, 0, OPT_FRESHCLAM | OPT_DEPRECATED, "", ""},
{"ScanOnAccess", NULL, 0, CLOPT_TYPE_BOOL, MATCH_BOOL, -1, NULL, 0, OPT_CLAMD | OPT_DEPRECATED, "", ""},
/* Milter specific options */

6
clamav-update.crond Normal file
View File

@ -0,0 +1,6 @@
## Adjust this line...
MAILTO=root
## It is ok to execute it as root; freshclam drops privileges and becomes
## user 'clamupdate' as soon as possible
0 */3 * * * root /usr/share/clamav/freshclam-sleep

4
clamav-update.logrotate Normal file
View File

@ -0,0 +1,4 @@
/var/log/freshclam.log {
monthly
notifempty
}

View File

@ -1,6 +1,14 @@
#global prerelease rc1
%global _hardened_build 1
## Fedora Extras specific customization below...
# EL7's curl is too old
%if 0%{?fedora} || 0%{?rhel} >= 8
%bcond_without clamonacc
%else
%bcond_with clamonacc
%endif
%bcond_without tmpfiles
%bcond_with unrar
%ifnarch ppc64
@ -9,9 +17,11 @@
%bcond_with llvm
%endif
##
%global _hardened_build 1
%if 0%{?fedora} && 0%{?rhel} >= 8
%bcond_with old_freshclam
%else
%bcond_without old_freshclam
%endif
%ifnarch s390 s390x
%global have_ocaml 1
@ -24,17 +34,19 @@
%global updateuser clamupdate
%global homedir %_var/lib/clamav
%global freshclamlog %_var/log/freshclam.log
%global milteruser clamilt
%global milterlog %_var/log/clamav-milter.log
%global milterstatedir %_rundir/clamav-milter
%global pkgdatadir %_datadir/%name
%global scanuser clamscan
%global scanstatedir %_rundir/clamd.scan
Summary: End-user tools for the Clam Antivirus scanner
Name: clamav
Version: 0.101.5
Release: 7%{?dist}
Version: 0.102.2
Release: 1%{?dist}
License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2}
URL: https://www.clamav.net/
%if %{with unrar}
@ -55,11 +67,16 @@ Source5: clamd-README
# Check the first line of the file for version or run file *cvd
# Attention file < 5.33-7 have bugs see https://bugzilla.redhat.com/show_bug.cgi?id=1539107
#http://database.clamav.net/main.cvd
Source10: main-58.cvd
Source10: main-59.cvd
#http://database.clamav.net/daily.cvd
Source11: daily-25642.cvd
Source11: daily-25719.cvd
#http://database.clamav.net/bytecode.cvd
Source12: bytecode-331.cvd
#for update
Source200: freshclam-sleep
Source201: freshclam.sysconfig
Source202: clamav-update.crond
Source203: clamav-update.logrotate
#for milter
Source300: README.fedora
#for clamav-milter.systemd
@ -67,17 +84,26 @@ Source330: clamav-milter.systemd
#for scanner-systemd/server-systemd
Source530: clamd@.service
Patch0: clamav-0.100.0-stats-deprecation.patch
Patch1: clamav-0.100.1-defaults_locations.patch
Patch24: clamav-0.99-private.patch
Patch27: clamav-0.100.0-umask.patch
# Restore some options removed in 0.100 as deprecated
# Could be dropped in F32 with a note
# https://bugzilla.redhat.com/show_bug.cgi?id=1565381#c1
Patch0: clamav-stats-deprecation.patch
# Change default config locations for Fedora
Patch1: clamav-default_confs.patch
# Fix pkg-config flags for static linking, multilib
Patch2: clamav-0.99-private.patch
BuildRequires: autoconf automake gettext-devel libtool libtool-ltdl-devel
BuildRequires: gcc-c++
BuildRequires: zlib-devel bzip2-devel gmp-devel curl-devel json-c-devel
BuildRequires: ncurses-devel openssl-devel libxml2-devel
BuildRequires: bzip2-devel
BuildRequires: curl-devel
BuildRequires: gmp-devel
BuildRequires: json-c-devel
BuildRequires: libxml2-devel
BuildRequires: ncurses-devel
BuildRequires: openssl-devel
BuildRequires: pcre2-devel
BuildRequires: zlib-devel
#BuildRequires: %%_includedir/tcpd.h
BuildRequires: bc tcl groff graphviz
%{?have_ocaml:BuildRequires: ocaml}
@ -147,7 +173,7 @@ BuildArch: noarch
%description data
This package contains the virus-database needed by clamav. This
database should be updated regularly; the 'clamav-update' package
ships a corresponding systemd unit file. Use this package when you want a
ships a corresponding cron-job. Use this package when you want a
working (but perhaps outdated) virus scanner immediately after package
installation.
@ -155,6 +181,10 @@ installation.
%package update
Summary: Auto-updater for the Clam Antivirus scanner data-files
Requires: clamav-filesystem = %version-%release
%if %{with old_freshclam}
Requires: crontabs
Requires: /etc/cron.d
%endif
Provides: data(clamav) = empty
Provides: clamav-data-empty = %{version}-%{release}
Obsoletes: clamav-data-empty < %{version}-%{release}
@ -162,7 +192,7 @@ Obsoletes: clamav-data-empty < %{version}-%{release}
%description update
This package contains programs which can be used to update the clamav
anti-virus database automatically. It uses the freshclam(1) utility for
this task. To activate it use, systemctl enable --now clamav-freshclam .
this task. To activate it use, uncomment the entry in /etc/cron.d/clamav-update.
Use this package when you go updating the virus database regulary and
do not want to download a >160MB sized rpm-package with outdated virus
definitions.
@ -204,15 +234,16 @@ Obsoletes: clamav-milter-systemd < %{version}-%{release}
%description milter
This package contains files which are needed to run the clamav-milter.
## ------------------------------------------------------------
%prep
%setup -q -n %{name}-%{version}%{?prerelease}
%patch0 -p0 -b .stats-deprecation
# No longer support deprecated options in F32+ and EL8+
%if (0%{?fedora} && 0%{?fedora} < 32) || (0%{?rhel} && 0%{?rhel} < 8)
%patch0 -p1 -b .stats-deprecation
%endif
%patch1 -p1 -b .default_confs
%patch24 -p1 -b .private
%patch27 -p1 -b .umask
%patch2 -p1 -b .private
install -p -m0644 %SOURCE300 clamav-milter/
@ -220,8 +251,6 @@ mkdir -p libclamunrar{,_iface}
%{!?with_unrar:touch libclamunrar/{Makefile.in,all,install}}
## ------------------------------------------------------------
%build
# add -Wl,--as-needed if not exist
echo %{?__global_ldflags} | sed '/-Wl,--as-needed/!s/$/ -Wl,--as-needed/'
@ -245,6 +274,7 @@ autoreconf -i
--disable-rpath \
--disable-silent-rules \
--enable-clamdtop \
%{!?with_clamonacc:--disable-clamonacc} \
%{!?with_llvm:--disable-llvm}
# TODO: check periodically that CLAMAVUSER is used for freshclam only
@ -257,14 +287,12 @@ sed -i \
%make_build
## ------------------------------------------------------------
%install
rm -rf _doc*
%make_install
install -d -m 0755 \
$RPM_BUILD_ROOT%_sysconfdir/{mail,clamd.d} \
$RPM_BUILD_ROOT%_sysconfdir/{mail,clamd.d,logrotate.d} \
$RPM_BUILD_ROOT%_tmpfilesdir \
$RPM_BUILD_ROOT%_rundir \
$RPM_BUILD_ROOT%_var/log \
@ -289,6 +317,16 @@ install -D -m 0644 -p %SOURCE5 _doc_server/README
install -D -p -m 0644 %SOURCE530 $RPM_BUILD_ROOT%_unitdir/clamd@.service
%if %{with old_freshclam}
## prepare the update-files
install -D -m 0644 -p %SOURCE203 $RPM_BUILD_ROOT%_sysconfdir/logrotate.d/clamav-update
touch $RPM_BUILD_ROOT%freshclamlog
install -D -p -m 0755 %SOURCE200 $RPM_BUILD_ROOT%pkgdatadir/freshclam-sleep
install -D -p -m 0644 %SOURCE201 $RPM_BUILD_ROOT%_sysconfdir/sysconfig/freshclam
install -D -p -m 0600 %SOURCE202 $RPM_BUILD_ROOT%_sysconfdir/cron.d/clamav-update
%endif
### The freshclam stuff
sed -ri \
-e 's!^Example!#Example!' \
@ -300,6 +338,27 @@ mv $RPM_BUILD_ROOT%_sysconfdir/freshclam.conf{.sample,}
# Can contain HTTPProxyPassword (bugz#1733112)
chmod 600 $RPM_BUILD_ROOT%_sysconfdir/freshclam.conf
%if %{with old_freshclam}
function smartsubst() {
local tmp
local regexp=$1
shift
tmp=$(mktemp /tmp/%name-subst.XXXXXX)
for i; do
sed -e "$regexp" "$i" >$tmp
cmp -s $tmp "$i" || cat $tmp >"$i"
rm -f $tmp
done
}
smartsubst 's!webmaster,clamav!webmaster,%updateuser!g;
s!/usr/share/clamav!%pkgdatadir!g;
s!/usr/bin!%_bindir!g;
s!/usr/sbin!%_sbindir!g;' \
$RPM_BUILD_ROOT%_sysconfdir/cron.d/clamav-update \
$RPM_BUILD_ROOT%pkgdatadir/freshclam-sleep
%endif
### The scanner stuff
sed -ri \
-e 's!^Example!#Example!' \
@ -343,12 +402,10 @@ EOF
# TODO: Evaluate using upstream's unit with clamav-daemon.socket
rm $RPM_BUILD_ROOT%_unitdir/clamav-daemon.*
## ------------------------------------------------------------
%check
make check
## ------------------------------------------------------------
%pre filesystem
getent group %{updateuser} >/dev/null || groupadd -r %{updateuser}
@ -412,6 +469,21 @@ test -e %milterlog || {
%systemd_postun_with_restart clamav-milter.service
%post update
%if %{with old_freshclam}
test -e %freshclamlog || {
touch %freshclamlog
%__chmod 0664 %freshclamlog
%__chown root:%updateuser %freshclamlog
! test -x /sbin/restorecon || /sbin/restorecon %freshclamlog
}
%else
if [ $1 -eq 2 ] ; then
echo "Warning: clamav-update package changed"
echo "Now we provide clamav-freshclam.service systemd unit instead old scripts and the cron.d entry."
echo "Unfortunately this may break existing unattended installations."
echo "Please run 'systemctl enable clamav-freshclam --now' to enable freshclam updates again."
fi
%endif
%systemd_post clamav-freshclam.service
%preun update
@ -430,6 +502,9 @@ test -e %milterlog || {
%_bindir/clamconf
%_bindir/clamdscan
%_bindir/clamdtop
%if %{with clamonacc}
%_bindir/clamonacc
%endif
%_bindir/clamscan
%_bindir/clamsubmit
%_bindir/sigtool
@ -437,7 +512,6 @@ test -e %milterlog || {
%exclude %_mandir/*/freshclam*
%exclude %_mandir/man5/clamd.conf.5*
## -----------------------
%files lib
%_libdir/libclamav.so.9*
@ -446,7 +520,6 @@ test -e %milterlog || {
%_libdir/libclamunrar*.so.9*
%endif
## -----------------------
%files devel
%_includedir/*
@ -454,13 +527,11 @@ test -e %milterlog || {
%_libdir/pkgconfig/*
%_bindir/clamav-config
## -----------------------
%files filesystem
%attr(-,%updateuser,%updateuser) %dir %homedir
%dir %_sysconfdir/clamd.d
## -----------------------
%files data
%defattr(-,%updateuser,%updateuser,-)
@ -472,15 +543,21 @@ test -e %milterlog || {
%files update
%_bindir/freshclam
%_libdir/libfreshclam.so.2*
%_mandir/*/freshclam*
%_unitdir/clamav-freshclam.service
%config(noreplace) %verify(not mtime) %_sysconfdir/freshclam.conf
%if %{with old_freshclam}
%pkgdatadir/freshclam-sleep
%config(noreplace) %verify(not mtime) %_sysconfdir/logrotate.d/*
%config(noreplace) %_sysconfdir/cron.d/clamav-update
%config(noreplace) %_sysconfdir/sysconfig/freshclam
%ghost %attr(0664,root,%updateuser) %verify(not size md5 mtime) %freshclamlog
%endif
%ghost %attr(0664,%updateuser,%updateuser) %homedir/*.cld
%ghost %attr(0664,%updateuser,%updateuser) %homedir/mirrors.dat
## -----------------------
%files -n clamd
%doc _doc_server/*
%_mandir/man5/clamd.conf.5*
@ -497,7 +574,6 @@ test -e %milterlog || {
%dir %attr(0710,%scanuser,virusgroup) %scanstatedir
%endif
## -----------------------
%files milter
%doc clamav-milter/README.fedora
@ -518,6 +594,22 @@ test -e %milterlog || {
%changelog
* Sun Feb 9 2020 Orion Poplawski <orion@nwra.com> - 0.102.2-1
- Update to 0.102.2
- Drop supporting deprecated options for F32+ and EL8+
- Drop old umask patch
* Sun Feb 09 2020 Orion Poplawski <orion@nwra.com> - 0.101.5-10
- Re-add clamav-update.cron (bz#1800226)
- Add conditional old_freshclam
* Tue Feb 04 2020 Sérgio Basto <sergio@serjux.com> - 0.101.5-9
- Add a message warning that We now provide clamav-freshclam.service systemd
unit instead old scripts
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.101.5-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Mon Jan 27 2020 Sérgio Basto <sergio@serjux.com> - 0.101.5-7
- More cleanups
- Remove llvm-glibc.patch (upstream already fixed it)

52
freshclam-sleep Executable file
View File

@ -0,0 +1,52 @@
#! /bin/bash
# Copyright (C) 2005 Enrico Scholz <enrico.scholz@informatik.tu-chemnitz.de>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
FRESHCLAM_MOD=$[ 3*60 ] # 3 hours
f=/etc/sysconfig/freshclam
test ! -e "$f" || . "$f"
case x"$1" in
(xnow) FRESHCLAM_DELAY=0;;
(x|xrandom) : ${FRESHCLAM_DELAY:=$[ 0x`hostid` ]};;
(*) FRESHCLAM_DELAY=$1;;
esac
set -e
case $FRESHCLAM_DELAY in
(disabled-warn)
echo $"\
WARNING: update of clamav database is disabled; please see
'$f'
for information how to enable the periodic update resp. how to turn
off this message." >&2
exit 1
;;
(disabled)
exit 0
;;
(*)
let FRESHCLAM_MOD*=60
sleep $[ (FRESHCLAM_DELAY % FRESHCLAM_MOD + FRESHCLAM_MOD) % FRESHCLAM_MOD ]
;;
esac
/usr/bin/freshclam --quiet

18
freshclam.sysconfig Normal file
View File

@ -0,0 +1,18 @@
## When changing the periodicity of freshclam runs in the crontab,
## this value must be adjusted also. Its value is the timespan between
## two subsequent freshclam runs in minutes. E.g. for the default
##
## | 0 */3 * * * ...
##
## crontab line, the value is 180 (minutes).
# FRESHCLAM_MOD=
## A predefined value for the delay in seconds. By default, the value is
## calculated by the 'hostid' program. This predefined value guarantees
## constant timespans of 3 hours between two subsequent freshclam runs.
##
## This option accepts two special values:
## 'disabled-warn' ... disables the automatic freshclam update and
## gives out a warning
## 'disabled' ... disables the automatic freshclam silently
# FRESHCLAM_DELAY=

View File

@ -1,4 +1,4 @@
SHA512 (clamav-0.101.5-norar.tar.xz) = f649ec4de6a77b766c2c17ed7a974eb29c1f3604faa12f204448d0025e61dcf417baa1cc07978d3cfa18535a7c52f117e85dcf4703264614d03e6c214039de60
SHA512 (main-58.cvd) = 71309a7ea26f0fbfe329252c728173c895b107b7ea2e0bd613b12475db1d0270a496d707c4d80c842bf8b6f21680e86edfa7fa3b8aea075e93d67c91d696603a
SHA512 (clamav-0.102.2-norar.tar.xz) = e03368f37a3d98c6301924c21cf5af815e01238a022d87f572fcbc8452844e83c5fca92135a88e967a67671fb3b3e3ecb9b621f4937aa4ce44ba4b1c1fe1eedc
SHA512 (main-59.cvd) = c01792bdb9e07889af04ead91ba49f440cd4510b81b1c83bdfb10c65f099cf29416699f5485cc13b07c4d24195c81abc0b1c4439f5ba6d5d391b7406ba9fe26c
SHA512 (bytecode-331.cvd) = 41957106337cb28fd0eb6459bd70ab23b4ce218b3691d592e0f1bc14841696b36b1fbbc4feaef64f7b572b6cbe400f5d44fc4efedd07afe37921a9044a1a8f53
SHA512 (daily-25642.cvd) = 021cb0e57d18c655a76dd8b48cf311106feed5c3e7a4349433d2956c42bfc6ff77741e6f470d3f6a90f3eb56ac2f4e8870c33678814f240a2b5467a6bdc5667c
SHA512 (daily-25719.cvd) = 652320ff562862d7daa93020173ff43791c4b34618b725879b6ce520f8b364687a8ad7a851a4ffe6d4d4631ec2d527641c70c5678a15bf3733b0914ad9c57822