ports/75607: clamav: some practical ideas
Yar Tikhiy
yar at FreeBSD.org
Wed Dec 29 13:50:15 UTC 2004
>Number: 75607
>Category: ports
>Synopsis: clamav: some practical ideas
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Wed Dec 29 13:50:14 GMT 2004
>Closed-Date:
>Last-Modified:
>Originator: Yar Tikhiy
>Release: FreeBSD 4.11-PRERELEASE i386
>Organization:
Moscow State University
>Environment:
System: FreeBSD bsd.chem.msu.ru 4.11-PRERELEASE FreeBSD 4.11-PRERELEASE #0: Thu Dec 16 16:11:22 MSK 2004 yar at bsd.chem.msu.ru:/ar/obj/ar/4.11/src/sys/BSD i386
>Description:
1. Deinstalling clamav while clamav-milter is active won't
go beyond trying to stop clamd, which isn't going to exit
on a signal until all its clients disconnect. I'd rather
add an @unexec to stop clamav-milter before clamd if the
former is active.
2. Clamd should start before freshclam and clamav-milter IMHO.
This can be achieved by means of rcorder(8) keywords.
3. Clamav-milter won't write its pidfile unlike the rest of
clamav daemons. This can be fixed easily.
Thanks!
>How-To-Repeat:
>Fix:
To Rob Evers: I can commit this patch if you like my ideas.
Index: Makefile
===================================================================
RCS file: /home/pcvs/ports/security/clamav/Makefile,v
retrieving revision 1.43
diff -u -r1.43 Makefile
--- Makefile 22 Dec 2004 02:10:11 -0000 1.43
+++ Makefile 29 Dec 2004 13:25:34 -0000
@@ -40,7 +40,8 @@
PORTDOCS= NEWS ChangeLog html
DBDIR= /var/db/clamav
-PLIST_SUB+= DBDIR=${DBDIR}
+RUNDIR= /var/run/clamav
+PLIST_SUB+= DBDIR=${DBDIR} RUNDIR=${RUNDIR}
CONFIGURE_ARGS= --with-dbdir=${DBDIR} \
--disable-clamuko \
@@ -63,11 +64,12 @@
CLAMAVUSER?= clamav
CLAMAVGROUP?= clamav
-CLAMAV_CLAMD_SOCKET?= /var/run/clamav/clamd
-CLAMAV_MILTER_SOCKET?= /var/run/clamav/clmilter.sock
+CLAMAV_CLAMD_SOCKET?= ${RUNDIR}/clamd
+CLAMAV_MILTER_SOCKET?= ${RUNDIR}/clmilter.sock
SED_SCRIPT= -e 's|%%PREFIX%%|${PREFIX}|g' \
-e 's|%%DBDIR%%|${DBDIR}|g' \
+ -e 's|%%RUNDIR%%|${RUNDIR}|g' \
-e 's|%%CLAMAVUSER%%|${CLAMAVUSER}|g' \
-e 's|%%CLAMAVGROUP%%|${CLAMAVGROUP}|g' \
-e 's|%%CLAMAV_CLAMD_SOCKET%%|${CLAMAV_CLAMD_SOCKET}|g' \
@@ -75,7 +77,7 @@
SED_CONF= -E -e 's|^\#?(Example)$$|\#\1|' \
-e 's|^\#?((Update)?LogFile) .*/([a-z]+\.log)$$|\1 /var/log/clamav/\3|' \
- -e 's|^\#?(PidFile) .*/([a-z]+\.pid)$$|\1 /var/run/clamav/\2|' \
+ -e 's|^\#?(PidFile) .*/([a-z]+\.pid)$$|\1 ${RUNDIR}/\2|' \
-e 's|^\#?(LocalSocket) .*$$|\1 ${CLAMAV_CLAMD_SOCKET}|' \
-e 's|^\#?(User) .*$$|\1 ${CLAMAVUSER}|' \
-e 's|^\#?(AllowSupplementaryGroups)$$|\1|' \
Index: pkg-plist
===================================================================
RCS file: /home/pcvs/ports/security/clamav/pkg-plist,v
retrieving revision 1.18
diff -u -r1.18 pkg-plist
--- pkg-plist 22 Dec 2004 02:10:11 -0000 1.18
+++ pkg-plist 29 Dec 2004 13:25:34 -0000
@@ -1,6 +1,7 @@
@comment $FreeBSD: ports/security/clamav/pkg-plist,v 1.18 2004/12/22 02:10:11 edwin Exp $
- at unexec [ ! -f /var/run/clamav/clamd.pid ] || %%RC_DIR%%/clamav-clamd%%RC_SUFX%% stop || true
- at unexec [ ! -f /var/run/clamav/freshclam.pid ] || %%RC_DIR%%/clamav-freshclam%%RC_SUFX%% stop || true
+%%CLAMAV-MILTER%%@unexec [ ! -f %%RUNDIR%%/clamav-milter.pid ] || %%RC_DIR%%/clamav-milter%%RC_SUFX%% stop || true
+ at unexec [ ! -f %%RUNDIR%%/freshclam.pid ] || %%RC_DIR%%/clamav-freshclam%%RC_SUFX%% stop || true
+ at unexec [ ! -f %%RUNDIR%%/clamd.pid ] || %%RC_DIR%%/clamav-clamd%%RC_SUFX%% stop || true
bin/clamav-config
bin/clamscan
bin/clamdscan
@@ -25,5 +26,5 @@
@unexec [ ! -f %%DBDIR%%/daily.cvd ] || rm -f %%DBDIR%%/daily.cvd || true
@unexec [ ! -f %%DBDIR%%/main.cvd ] || rm -f %%DBDIR%%/main.cvd || true
@unexec rmdir %%DBDIR%%
- at unexec rmdir /var/run/clamav 2>/dev/null || true
+ at unexec rmdir %%RUNDIR%% 2>/dev/null || true
@unexec rmdir /var/log/clamav 2>/dev/null || true
Index: files/clamav-clamd.sh
===================================================================
RCS file: /home/pcvs/ports/security/clamav/files/clamav-clamd.sh,v
retrieving revision 1.5
diff -u -r1.5 clamav-clamd.sh
--- files/clamav-clamd.sh 22 Dec 2004 02:10:11 -0000 1.5
+++ files/clamav-clamd.sh 29 Dec 2004 13:25:34 -0000
@@ -22,7 +22,7 @@
rcvar=`set_rcvar`
command=%%PREFIX%%/sbin/clamd
-pidfile=/var/run/clamav/clamd.pid
+pidfile=%%RUNDIR%%/clamd.pid
required_dirs=%%DBDIR%%
required_files=%%PREFIX%%/etc/clamd.conf
Index: files/clamav-freshclam.sh
===================================================================
RCS file: /home/pcvs/ports/security/clamav/files/clamav-freshclam.sh,v
retrieving revision 1.5
diff -u -r1.5 clamav-freshclam.sh
--- files/clamav-freshclam.sh 22 Dec 2004 02:10:11 -0000 1.5
+++ files/clamav-freshclam.sh 29 Dec 2004 13:25:34 -0000
@@ -4,7 +4,7 @@
#
# PROVIDE: freshclam
-# REQUIRE: LOGIN
+# REQUIRE: LOGIN clamd
# BEFORE: mail
# KEYWORD: FreeBSD shutdown
@@ -22,7 +22,7 @@
rcvar=`set_rcvar`
command=%%PREFIX%%/bin/freshclam
-pidfile=/var/run/clamav/freshclam.pid
+pidfile=%%RUNDIR%%/freshclam.pid
command_args="--daemon"
required_dirs=%%DBDIR%%
required_files=%%PREFIX%%/etc/freshclam.conf
Index: files/clamav-milter.sh
===================================================================
RCS file: /home/pcvs/ports/security/clamav/files/clamav-milter.sh,v
retrieving revision 1.4
diff -u -r1.4 clamav-milter.sh
--- files/clamav-milter.sh 22 Dec 2004 02:10:11 -0000 1.4
+++ files/clamav-milter.sh 29 Dec 2004 13:25:34 -0000
@@ -4,7 +4,7 @@
#
# PROVIDE: clamav-milter
-# REQUIRE: LOGIN
+# REQUIRE: LOGIN clamd
# BEFORE: mail
# KEYWORD: FreeBSD shutdown
@@ -22,6 +22,7 @@
rcvar=`set_rcvar`
command=%%PREFIX%%/sbin/clamav-milter
+pidfile=%%RUNDIR%%/clamav-milter.pid
required_dirs=%%DBDIR%%
required_files=%%PREFIX%%/etc/clamd.conf
@@ -33,7 +34,7 @@
warn "Stale socket $clamav_milter_socket removed."
rm "$clamav_milter_socket"
fi
- rc_flags="${flags:-$clamav_milter_flags} $clamav_milter_socket"
+ rc_flags="--pidfile ${pidfile} ${flags:-$clamav_milter_flags} $clamav_milter_socket"
}
# read settings, set default values
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list