From a4863d741de28b8036ea135f2a25cadba3b3483b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9rgio=20M=2E=20Basto?= Date: Mon, 7 Nov 2022 01:02:52 +0000 Subject: [PATCH] (#2023371) Add documentation to preserve user permissions of DatabaseOwner --- README.fedora | 23 ++++++++--------------- clamav.spec | 6 +++++- 2 files changed, 13 insertions(+), 16 deletions(-) diff --git a/README.fedora b/README.fedora index e512782..dd9cfe5 100644 --- a/README.fedora +++ b/README.fedora @@ -1,36 +1,21 @@ Please note for Fedora and EPEL 7+ we use only systemd. -upstart and sysvinit only apply to EPEL 6. A clamav-milter setup consists of the following three components: * the clamav-milter itself - --> this is provided by the 'clamav-milter' package plus (alternatively) - 'clamav-milter-upstart' or 'clamav-milter-sysvinit' - The main configuration is in /etc/mail/clamav-milter.conf and MUST be changed before first use. This can be enabled with: 'systemctl enable clamav-milter.service' - The -sysvinit package is managed by the traditional tools, but - -upstart requires modification of /etc/event.d/clamav-milter to - enable automatic startup. See comments there for more details. - * a clamav scanner daemon - --> this is in the clamd package (or on EL6: - 'clamav-scanner-upstart' or 'clamav-scanner-sysvinit') - The daemon is configured by /etc/clamd.d/scan.conf (which MUST be edited before first use). This can be enabled with: 'systemctl enable clamd@scan.service' - The -sysvinit package is managed by the traditional tools, but - -upstart requires modification of /etc/event.d/clamd.scan to enable - automatic startup. See comments there for more details. - * the MTA (sendmail/postfix) --> you should know how to install this... @@ -43,6 +28,14 @@ A clamav-milter setup consists of the following three components: to your sendmail.mc. +* Changing permissions of directory /var/lib/clamav + Whenever ClamAV is upgraded by dnf, the permissions for the /var/lib/clamav directory change to user clamupdate + If for some reason you need DatabaseOwner be another user, you may copy /usr/lib/systemd/system/clamav-freshclam.service to /etc/systemd/system/ + and add ExecStartPre=+/usr/bin/chown youruser:yourgroup /var/lib/clamav and updates won't break your configuration ... + Please add comments to https://bugzilla.redhat.com/show_bug.cgi?id=2023371 if not work for you or if you have any suggestion. + Note: =+ on systemd.service (man 5 systemd.service, Special executable prefixes) + If the executable path is prefixed with "+" then the process is executed with full privileges. + EXAMPLE ======= diff --git a/clamav.spec b/clamav.spec index 4d29f22..4458e10 100644 --- a/clamav.spec +++ b/clamav.spec @@ -34,7 +34,7 @@ Summary: End-user tools for the Clam Antivirus scanner Name: clamav Version: 0.103.7 -Release: 3%{?dist} +Release: 4%{?dist} License: %{?with_unrar:proprietary}%{!?with_unrar:GPLv2} URL: https://www.clamav.net/ %if %{with unrar} @@ -590,6 +590,10 @@ test -e %{freshclamlog} || { %changelog +* Mon Nov 07 2022 Sérgio Basto - 0.103.7-4 +- (#2136977) not requires data(clamav) on clamav-libs +- (#2023371) Add documentation to preserve user permissions of DatabaseOwner + * Thu Sep 22 2022 Sérgio Basto - 0.103.7-3 - (#2128276) Please port your pcre dependency to pcre2 - Explicit dependency on systemd since systemd-devel no longer has this dependency on F37+