[gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/ - gentoo-commits

From:	Sam James <sam@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/
Date:	Thu, 04 Aug 2022 01:45:57
Message-Id:	`1659575113.1834ff8e828e0df11b53339c24a830b9257e9eb9.sam@gentoo`

1

commit:     1834ff8e828e0df11b53339c24a830b9257e9eb9

2

Author:     Sam James <sam <AT> gentoo <DOT> org>

3

AuthorDate: Thu Aug  4 01:02:32 2022 +0000

4

Commit:     Sam James <sam <AT> gentoo <DOT> org>

5

CommitDate: Thu Aug  4 01:05:13 2022 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1834ff8e

7

8

app-antivirus/clamav: depend on libmilter

9

10

libmilter and sendmail no longer block each other, and we also need a := dep on

11

libmilter.

12

13

(Straight-to-stable is intentional as long been in stable anyway, but not dropping

14

old w/ git mv or similar yet in case folks want to downgrade to older sendmail for

15

now.)

16

17

Signed-off-by: Sam James <sam <AT> gentoo.org>

18

19

 app-antivirus/clamav/clamav-0.103.7-r1.ebuild | 239 ++++++++++++++++++++++++++

20

 app-antivirus/clamav/clamav-0.104.4-r1.ebuild | 215 +++++++++++++++++++++++

21

 2 files changed, 454 insertions(+)

22

23

diff --git a/app-antivirus/clamav/clamav-0.103.7-r1.ebuild b/app-antivirus/clamav/clamav-0.103.7-r1.ebuild

24

new file mode 100644

25

index 000000000000..af61b4ee3350

26

--- /dev/null

27

+++ b/app-antivirus/clamav/clamav-0.103.7-r1.ebuild

28

@@ -0,0 +1,239 @@

29

+# Copyright 1999-2022 Gentoo Authors

30

+# Distributed under the terms of the GNU General Public License v2

31

+

32

+EAPI=8

33

+

34

+inherit autotools flag-o-matic systemd tmpfiles

35

+

36

+DESCRIPTION="Clam Anti-Virus Scanner"

37

+HOMEPAGE="https://www.clamav.net/"

38

+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"

39

+

40

+LICENSE="GPL-2"

41

+SLOT="0"

42

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"

43

+IUSE="bzip2 doc clamonacc clamdtop clamsubmit iconv ipv6 libclamav-only milter metadata-analysis-api selinux systemd test xml"

44

+

45

+REQUIRED_USE="libclamav-only? ( !clamonacc !clamdtop !clamsubmit !milter !metadata-analysis-api )"

46

+

47

+RESTRICT="!test? ( test )"

48

+

49

+# Require acct-{user,group}/clamav at build time so that we can set

50

+# the permissions on /var/lib/clamav in src_install rather than in

51

+# pkg_postinst; calling "chown" on the live filesystem scares me.

52

+CDEPEND="acct-group/clamav

53

+	acct-user/clamav

54

+	dev-libs/libltdl

55

+	dev-libs/libmspack

56

+	|| ( dev-libs/libpcre2 >dev-libs/libpcre-6 )

57

+	dev-libs/tomsfastmath

58

+	>=sys-libs/zlib-1.2.2:=

59

+	bzip2? ( app-arch/bzip2 )

60

+	clamdtop? ( sys-libs/ncurses:0 )

61

+	clamsubmit? ( net-misc/curl dev-libs/json-c:= )

62

+	elibc_musl? ( sys-libs/fts-standalone )

63

+	iconv? ( virtual/libiconv )

64

+	!libclamav-only? ( net-misc/curl )

65

+	dev-libs/openssl:0=

66

+	milter? ( mail-filter/libmilter:= )

67

+	xml? ( dev-libs/libxml2 )"

68

+

69

+# We need at least autoconf-2.69-r5 because that's the first (patched)

70

+# version of it in Gentoo that supports ./configure --runstatedir.

71

+BDEPEND=">=sys-devel/autoconf-2.69-r5

72

+	virtual/pkgconfig"

73

+

74

+DEPEND="${CDEPEND}

75

+	metadata-analysis-api? ( dev-libs/json-c:* )

76

+	test? ( dev-libs/check )"

77

+RDEPEND="${CDEPEND}

78

+	selinux? ( sec-policy/selinux-clamav )"

79

+

80

+PATCHES=(

81

+	"${FILESDIR}/${PN}-0.102.1-libxml2_pkgconfig.patch" #661328

82

+	"${FILESDIR}/${PN}-0.102.2-fix-curl-detection.patch" #709616

83

+	"${FILESDIR}/${PN}-0.103.0-system-tomsfastmath.patch" # 649394

84

+	"${FILESDIR}/${PN}-0.103.1-upstream-openrc.patch"

85

+)

86

+

87

+src_prepare() {

88

+	default

89

+

90

+	# Be extra sure that we're using the system copy of tomsfastmath

91

+	einfo "removing bundled copy of dev-libs/tomsfastmath"

92

+	rm -r libclamav/tomsfastmath || \

93

+		die "failed to remove bundled tomsfastmath"

94

+

95

+	AT_NO_RECURSIVE="yes" eautoreconf

96

+}

97

+

98

+src_configure() {

99

+	use elibc_musl && append-ldflags -lfts

100

+	use ppc64 && append-flags -mminimal-toc

101

+

102

+	# according to configure help it should be

103

+	# $(use_enable xml)

104

+	# but that does not work

105

+	# do not add this, since --disable-xml seems to override

106

+	# --without-xml

107

+	JSONUSE="--without-libjson"

108

+

109

+	if use clamsubmit || use metadata-analysis-api; then

110

+		# either of those 2 requires libjson.

111

+		# clamsubmit will be built as soon as libjson and curl are found

112

+		# but we only install the binary if requested

113

+		JSONUSE="--with-libjson=${EPREFIX}/usr"

114

+	fi

115

+

116

+	local myeconfargs=(

117

+		$(use_enable bzip2)

118

+		$(use_enable clamonacc)

119

+		$(use_enable clamdtop)

120

+		$(use_enable ipv6)

121

+		$(use_enable milter)

122

+		$(use_enable test check)

123

+		$(use_with xml)

124

+		$(use_with iconv)

125

+		${JSONUSE}

126

+		$(use_enable libclamav-only)

127

+		$(use_with !libclamav-only libcurl)

128

+		--with-system-libmspack

129

+		--cache-file="${S}"/config.cache

130

+		--disable-experimental

131

+		--disable-static

132

+		--disable-zlib-vcheck

133

+		--enable-id-check

134

+		--with-dbdir="${EPREFIX}"/var/lib/clamav

135

+		# Don't call --with-zlib=/usr (see bug #699296)

136

+		--with-zlib

137

+		--disable-llvm

138

+		--enable-openrc

139

+		--runstatedir=/run

140

+	)

141

+	econf "${myeconfargs[@]}"

142

+}

143

+

144

+src_install() {

145

+	default

146

+

147

+	rm -rf "${ED}"/var/lib/clamav || die

148

+

149

+	if ! use libclamav-only ; then

150

+		if use systemd; then

151

+			# The tmpfiles entry is behind USE=systemd because the

152

+			# upstream OpenRC service files should (and do) ensure that

153

+			# the directories they need exist and have the correct

154

+			# permissions without the help of opentmpfiles. There are

155

+			# years-old root exploits in opentmpfiles, the design is

156

+			# fundamentally flawed, and the maintainer is not up to

157

+			# the task of fixing it.

158

+			dotmpfiles "${FILESDIR}/tmpfiles.d/clamav.conf"

159

+			systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service"

160

+			systemd_dounit "${FILESDIR}/clamd.service"

161

+			systemd_newunit "${FILESDIR}/freshclamd.service-r1" \

162

+							"freshclamd.service"

163

+		fi

164

+

165

+		insinto /etc/logrotate.d

166

+		newins "${FILESDIR}/clamd.logrotate" clamd

167

+		newins "${FILESDIR}/freshclam.logrotate" freshclam

168

+		use milter && \

169

+			newins "${FILESDIR}/clamav-milter.logrotate-r1" clamav-milter

170

+

171

+		# Modify /etc/{clamd,freshclam}.conf to be usable out of the box

172

+		sed -i -e "s:^\(Example\):\# \1:" \

173

+			-e "s/^#\(PidFile .*\)/\1/" \

174

+			-e "s/^#\(LocalSocket .*\)/\1/" \

175

+			-e "s/^#\(User .*\)/\1/" \

176

+			-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \

177

+			-e "s:^\#\(LogTime\).*:\1 yes:" \

178

+			-e "s/^#\(DatabaseDirectory .*\)/\1/" \

179

+			"${ED}"/etc/clamd.conf.sample || die

180

+

181

+		sed -i -e "s:^\(Example\):\# \1:" \

182

+			-e "s/^#\(PidFile .*\)/\1/" \

183

+			-e "s/^#\(DatabaseOwner .*\)/\1/" \

184

+			-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \

185

+			-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \

186

+			-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \

187

+			-e "s/^#\(DatabaseDirectory .*\)/\1/" \

188

+			"${ED}"/etc/freshclam.conf.sample || die

189

+

190

+		if use milter ; then

191

+			# Note: only keep the "unix" ClamdSocket and MilterSocket!

192

+			sed -i -e "s:^\(Example\):\# \1:" \

193

+				-e "s/^#\(PidFile .*\)/\1/" \

194

+				-e "s/^#\(ClamdSocket unix:.*\)/\1/" \

195

+				-e "s/^#\(User .*\)/\1/" \

196

+				-e "s/^#\(MilterSocket unix:.*\)/\1/" \

197

+				-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \

198

+				"${ED}"/etc/clamav-milter.conf.sample || die

199

+

200

+			cat >> "${ED}"/etc/conf.d/clamd <<-EOF

201

+				MILTER_NICELEVEL=19

202

+				START_MILTER=no

203

+			EOF

204

+

205

+			systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service

206

+		fi

207

+

208

+		local i

209

+		for i in clamd freshclam clamav-milter

210

+		do

211

+			if [[ -f "${ED}"/etc/"${i}".conf.sample ]]; then

212

+				mv "${ED}"/etc/"${i}".conf{.sample,} || die

213

+			fi

214

+		done

215

+

216

+		# These both need to be writable by the clamav user.

217

+		# TODO: use syslog by default; that's what it's for.

218

+		diropts -o clamav -g clamav

219

+		keepdir /var/lib/clamav

220

+		keepdir /var/log/clamav

221

+	fi

222

+

223

+	if use doc ; then

224

+		local HTML_DOCS=( docs/html/. )

225

+		einstalldocs

226

+

227

+		if ! use libclamav-only ; then

228

+			doman docs/man/*.[1-8]

229

+		fi

230

+	fi

231

+

232

+	find "${ED}" -name '*.la' -delete || die

233

+}

234

+

235

+src_test() {

236

+	if use libclamav-only ; then

237

+		ewarn "Test target not available when USE=libclamav-only is set, skipping tests ..."

238

+		return 0

239

+	fi

240

+

241

+	emake quick-check

242

+}

243

+

244

+pkg_postinst() {

245

+	if ! use libclamav-only ; then

246

+		if use systemd ; then

247

+			tmpfiles_process clamav.conf

248

+		fi

249

+	fi

250

+

251

+	if use milter ; then

252

+		elog "For simple instructions how to setup the clamav-milter read the"

253

+		elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"

254

+	fi

255

+

256

+	local databases=( "${EROOT}"/var/lib/clamav/main.c[lv]d )

257

+	if [[ ! -f "${databases}" ]] ; then

258

+		ewarn "You must run freshclam manually to populate the virus database"

259

+		ewarn "before starting clamav for the first time."

260

+	fi

261

+

262

+	ewarn "This version of ClamAV provides separate OpenRC services"

263

+	ewarn "for clamd, freshclam, clamav-milter, and clamonacc. The"

264

+	ewarn "clamd service now starts only the clamd daemon itself. You"

265

+	ewarn "should add freshclam (and perhaps clamav-milter) to any"

266

+	ewarn "runlevels that previously contained clamd."

267

+}

268

269

diff --git a/app-antivirus/clamav/clamav-0.104.4-r1.ebuild b/app-antivirus/clamav/clamav-0.104.4-r1.ebuild

270

new file mode 100644

271

index 000000000000..6514459df831

272

--- /dev/null

273

+++ b/app-antivirus/clamav/clamav-0.104.4-r1.ebuild

274

@@ -0,0 +1,215 @@

275

+# Copyright 1999-2022 Gentoo Authors

276

+# Distributed under the terms of the GNU General Public License v2

277

+

278

+EAPI=8

279

+

280

+PYTHON_COMPAT=( python3_{8..10} )

281

+inherit cmake flag-o-matic python-any-r1 systemd tmpfiles

282

+

283

+DESCRIPTION="Clam Anti-Virus Scanner"

284

+HOMEPAGE="https://www.clamav.net/"

285

+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"

286

+

287

+LICENSE="GPL-2"

288

+SLOT="0"

289

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"

290

+IUSE="doc clamonacc +clamapp libclamav-only milter rar selinux systemd test"

291

+

292

+REQUIRED_USE="libclamav-only? ( !clamonacc !clamapp !milter )

293

+	clamonacc? ( clamapp )

294

+	milter? ( clamapp )

295

+	test? ( !libclamav-only )"

296

+

297

+RESTRICT="!test? ( test )"

298

+

299

+# Require acct-{user,group}/clamav at build time so that we can set

300

+# the permissions on /var/lib/clamav in src_install rather than in

301

+# pkg_postinst; calling "chown" on the live filesystem scares me.

302

+CDEPEND="acct-group/clamav

303

+	acct-user/clamav

304

+	dev-libs/libltdl

305

+	dev-libs/libmspack

306

+	dev-libs/json-c:=

307

+	dev-libs/libpcre2

308

+	>=sys-libs/zlib-1.2.2:=

309

+	app-arch/bzip2

310

+	clamapp? ( sys-libs/ncurses:= net-misc/curl )

311

+	elibc_musl? ( sys-libs/fts-standalone )

312

+	virtual/libiconv

313

+	!libclamav-only? ( net-misc/curl )

314

+	dev-libs/openssl:=

315

+	milter? ( mail-filter/libmilter:= )

316

+	dev-libs/libxml2

317

+	rar? ( app-arch/unrar )

318

+	test? ( dev-python/pytest )"

319

+# TODO: there is no way to use this with the new build system instead of the bundled one

320

+#	dev-libs/tomsfastmath

321

+BDEPEND="virtual/pkgconfig

322

+	doc? ( app-doc/doxygen )

323

+	test? (

324

+		${PYTHON_DEPS}

325

+		$(python_gen_any_dep 'dev-python/pytest[${PYTHON_USEDEP}]')

326

+	)"

327

+DEPEND="${CDEPEND}

328

+	test? ( dev-libs/check )"

329

+RDEPEND="${CDEPEND}

330

+	selinux? ( sec-policy/selinux-clamav )"

331

+

332

+python_check_deps() {

333

+	has_version -b "dev-python/pytest[${PYTHON_USEDEP}]"

334

+}

335

+

336

+pkg_setup() {

337

+	use test && python-any-r1_pkg_setup

338

+}

339

+

340

+src_configure() {

341

+	use elibc_musl && append-ldflags -lfts

342

+	use ppc64 && append-flags -mminimal-toc

343

+

344

+	local mycmakeargs=(

345

+		-DDATABASE_DIRECTORY="${EPREFIX}"/var/lib/clamav

346

+		-DAPP_CONFIG_DIRECTORY="${EPREFIX}"/etc/clamav

347

+		-DENABLE_EXPERIMENTAL=OFF

348

+		-DENABLE_JSON_SHARED=ON

349

+		-DENABLE_APP=$(usex clamapp ON OFF)

350

+		-DENABLE_MILTER=$(usex milter ON OFF)

351

+		-DENABLE_CLAMONACC=$(usex clamonacc ON OFF)

352

+		-DCLAMAV_USER="clamav"

353

+		-DCLAMAV_GROUP="clamav"

354

+		-DBYTECODE_RUNTIME=interpreter

355

+		-DOPTIMIZE=ON

356

+		-DENABLE_EXTERNAL_MSPACK=ON

357

+		-DENABLE_MAN_PAGES=ON

358

+		-DENABLE_DOXYGEN=$(usex doc)

359

+		-DENABLE_UNRAR=$(usex rar ON OFF)

360

+		-DENABLE_TESTS=$(usex test ON OFF)

361

+		# Used to enable some more tests but doesn't behave well in

362

+		# sandbox necessarily(?) + needs certain debug symbols present

363

+		# in e.g. glibc.

364

+		-DCMAKE_DISABLE_FIND_PACKAGE_Valgrind=ON

365

+		-DENABLE_STATIC_LIB=OFF

366

+		-DENABLE_SHARED_LIB=ON

367

+		-DENABLE_SYSTEMD=$(usex systemd ON OFF)

368

+	)

369

+	cmake_src_configure

370

+}

371

+

372

+src_install() {

373

+	cmake_src_install

374

+

375

+	# init scripts

376

+	newinitd "${FILESDIR}/clamd.initd" clamd

377

+	newinitd "${FILESDIR}/freshclam.initd" freshclam

378

+	use clamonacc && \

379

+		newinitd "${FILESDIR}/clamonacc.initd" clamonacc

380

+	use milter && \

381

+		newinitd "${FILESDIR}/clamav-milter.initd" clamav-milter

382

+

383

+	rm -rf "${ED}"/var/lib/clamav || die

384

+

385

+	if ! use libclamav-only ; then

386

+		if use systemd ; then

387

+			# The tmpfiles entry is behind USE=systemd because the

388

+			# upstream OpenRC service files should (and do) ensure that

389

+			# the directories they need exist and have the correct

390

+			# permissions without the help of opentmpfiles. There are

391

+			# years-old root exploits in opentmpfiles, the design is

392

+			# fundamentally flawed, and the maintainer is not up to

393

+			# the task of fixing it.

394

+			dotmpfiles "${FILESDIR}/tmpfiles.d/clamav.conf"

395

+			systemd_newunit "${FILESDIR}/clamd_at.service-0.104.0" "clamd@.service"

396

+			systemd_dounit "${FILESDIR}/clamd.service"

397

+			systemd_newunit "${FILESDIR}/freshclamd.service-r1" \

398

+							"freshclamd.service"

399

+		fi

400

+

401

+		if use clamapp ; then

402

+			# Modify /etc/{clamd,freshclam}.conf to be usable out of the box

403

+			sed -e "s:^\(Example\):\# \1:" \

404

+				-e "s/^#\(PidFile .*\)/\1/" \

405

+				-e "s/^#\(LocalSocket .*\)/\1/" \

406

+				-e "s/^#\(User .*\)/\1/" \

407

+				-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \

408

+				-e "s:^\#\(LogTime\).*:\1 yes:" \

409

+				-e "s/^#\(DatabaseDirectory .*\)/\1/" \

410

+				"${ED}"/etc/clamav/clamd.conf.sample > \

411

+				"${ED}"/etc/clamav/clamd.conf || die

412

+

413

+			sed -e "s:^\(Example\):\# \1:" \

414

+				-e "s/^#\(PidFile .*\)/\1/" \

415

+				-e "s/^#\(DatabaseOwner .*\)/\1/" \

416

+				-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \

417

+				-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamav/clamd.conf:" \

418

+				-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \

419

+				-e "s/^#\(DatabaseDirectory .*\)/\1/" \

420

+				"${ED}"/etc/clamav/freshclam.conf.sample > \

421

+				"${ED}"/etc/clamav/freshclam.conf || die

422

+

423

+			if use milter ; then

424

+				# Note: only keep the "unix" ClamdSocket and MilterSocket!

425

+				sed -e "s:^\(Example\):\# \1:" \

426

+					-e "s/^#\(PidFile .*\)/\1/" \

427

+					-e "s/^#\(ClamdSocket unix:.*\)/\1/" \

428

+					-e "s/^#\(User .*\)/\1/" \

429

+					-e "s/^#\(MilterSocket unix:.*\)/\1/" \

430

+					-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \

431

+					"${ED}"/etc/clamav/clamav-milter.conf.sample > \

432

+					"${ED}"/etc/clamav/clamav-milter.conf || die

433

+

434

+				systemd_newunit "${FILESDIR}/clamav-milter.service-0.104.0" clamav-milter.service

435

+			fi

436

+

437

+			local i

438

+			for i in clamd freshclam clamav-milter

439

+			do

440

+				if [[ -f "${ED}"/etc/"${i}".conf.sample ]] ; then

441

+					mv "${ED}"/etc/"${i}".conf{.sample,} || die

442

+				fi

443

+			done

444

+

445

+			# These both need to be writable by the clamav user.

446

+			# TODO: use syslog by default; that's what it's for.

447

+			diropts -o clamav -g clamav

448

+			keepdir /var/lib/clamav

449

+			keepdir /var/log/clamav

450

+		fi

451

+	fi

452

+

453

+	if use doc ; then

454

+		local HTML_DOCS=( docs/html/. )

455

+		einstalldocs

456

+	fi

457

+

458

+	# Don't install man pages for utilities we didn't install

459

+	if use libclamav-only ; then

460

+		rm -r "${ED}"/usr/share/man || die

461

+	fi

462

+

463

+	find "${ED}" -name '*.la' -delete || die

464

+}

465

+

466

+pkg_postinst() {

467

+	if ! use libclamav-only ; then

468

+		if use systemd ; then

469

+			tmpfiles_process clamav.conf

470

+		fi

471

+	fi

472

+

473

+	if use milter ; then

474

+		elog "For simple instructions how to setup the clamav-milter read the"

475

+		elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"

476

+	fi

477

+

478

+	local databases=( "${EROOT}"/var/lib/clamav/main.c[lv]d )

479

+	if [[ ! -f "${databases}" ]] ; then

480

+		ewarn "You must run freshclam manually to populate the virus database"

481

+		ewarn "before starting clamav for the first time."

482

+	fi

483

+

484

+	ewarn "This version of ClamAV provides separate OpenRC services"

485

+	ewarn "for clamd, freshclam, clamav-milter, and clamonacc. The"

486

+	ewarn "clamd service now starts only the clamd daemon itself. You"

487

+	ewarn "should add freshclam (and perhaps clamav-milter) to any"

488

+	ewarn "runlevels that previously contained clamd."

489

+}

1	commit: 1834ff8e828e0df11b53339c24a830b9257e9eb9
2	Author: Sam James <sam <AT> gentoo <DOT> org>
3	AuthorDate: Thu Aug 4 01:02:32 2022 +0000
4	Commit: Sam James <sam <AT> gentoo <DOT> org>
5	CommitDate: Thu Aug 4 01:05:13 2022 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1834ff8e
7
8	app-antivirus/clamav: depend on libmilter
9
10	libmilter and sendmail no longer block each other, and we also need a := dep on
11	libmilter.
12
13	(Straight-to-stable is intentional as long been in stable anyway, but not dropping
14	old w/ git mv or similar yet in case folks want to downgrade to older sendmail for
15	now.)
16
17	Signed-off-by: Sam James <sam <AT> gentoo.org>
18
19	app-antivirus/clamav/clamav-0.103.7-r1.ebuild \| 239 ++++++++++++++++++++++++++
20	app-antivirus/clamav/clamav-0.104.4-r1.ebuild \| 215 +++++++++++++++++++++++
21	2 files changed, 454 insertions(+)
22
23	diff --git a/app-antivirus/clamav/clamav-0.103.7-r1.ebuild b/app-antivirus/clamav/clamav-0.103.7-r1.ebuild
24	new file mode 100644
25	index 000000000000..af61b4ee3350
26	--- /dev/null
27	+++ b/app-antivirus/clamav/clamav-0.103.7-r1.ebuild
28	@@ -0,0 +1,239 @@
29	+# Copyright 1999-2022 Gentoo Authors
30	+# Distributed under the terms of the GNU General Public License v2
31	+
32	+EAPI=8
33	+
34	+inherit autotools flag-o-matic systemd tmpfiles
35	+
36	+DESCRIPTION="Clam Anti-Virus Scanner"
37	+HOMEPAGE="https://www.clamav.net/"
38	+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"
39	+
40	+LICENSE="GPL-2"
41	+SLOT="0"
42	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"
43	+IUSE="bzip2 doc clamonacc clamdtop clamsubmit iconv ipv6 libclamav-only milter metadata-analysis-api selinux systemd test xml"
44	+
45	+REQUIRED_USE="libclamav-only? ( !clamonacc !clamdtop !clamsubmit !milter !metadata-analysis-api )"
46	+
47	+RESTRICT="!test? ( test )"
48	+
49	+# Require acct-{user,group}/clamav at build time so that we can set
50	+# the permissions on /var/lib/clamav in src_install rather than in
51	+# pkg_postinst; calling "chown" on the live filesystem scares me.
52	+CDEPEND="acct-group/clamav
53	+ acct-user/clamav
54	+ dev-libs/libltdl
55	+ dev-libs/libmspack
56	+ \|\| ( dev-libs/libpcre2 >dev-libs/libpcre-6 )
57	+ dev-libs/tomsfastmath
58	+ >=sys-libs/zlib-1.2.2:=
59	+ bzip2? ( app-arch/bzip2 )
60	+ clamdtop? ( sys-libs/ncurses:0 )
61	+ clamsubmit? ( net-misc/curl dev-libs/json-c:= )
62	+ elibc_musl? ( sys-libs/fts-standalone )
63	+ iconv? ( virtual/libiconv )
64	+ !libclamav-only? ( net-misc/curl )
65	+ dev-libs/openssl:0=
66	+ milter? ( mail-filter/libmilter:= )
67	+ xml? ( dev-libs/libxml2 )"
68	+
69	+# We need at least autoconf-2.69-r5 because that's the first (patched)
70	+# version of it in Gentoo that supports ./configure --runstatedir.
71	+BDEPEND=">=sys-devel/autoconf-2.69-r5
72	+ virtual/pkgconfig"
73	+
74	+DEPEND="${CDEPEND}
75	+ metadata-analysis-api? ( dev-libs/json-c:* )
76	+ test? ( dev-libs/check )"
77	+RDEPEND="${CDEPEND}
78	+ selinux? ( sec-policy/selinux-clamav )"
79	+
80	+PATCHES=(
81	+ "${FILESDIR}/${PN}-0.102.1-libxml2_pkgconfig.patch" #661328
82	+ "${FILESDIR}/${PN}-0.102.2-fix-curl-detection.patch" #709616
83	+ "${FILESDIR}/${PN}-0.103.0-system-tomsfastmath.patch" # 649394
84	+ "${FILESDIR}/${PN}-0.103.1-upstream-openrc.patch"
85	+)
86	+
87	+src_prepare() {
88	+ default
89	+
90	+ # Be extra sure that we're using the system copy of tomsfastmath
91	+ einfo "removing bundled copy of dev-libs/tomsfastmath"
92	+ rm -r libclamav/tomsfastmath \|\| \
93	+ die "failed to remove bundled tomsfastmath"
94	+
95	+ AT_NO_RECURSIVE="yes" eautoreconf
96	+}
97	+
98	+src_configure() {
99	+ use elibc_musl && append-ldflags -lfts
100	+ use ppc64 && append-flags -mminimal-toc
101	+
102	+ # according to configure help it should be
103	+ # $(use_enable xml)
104	+ # but that does not work
105	+ # do not add this, since --disable-xml seems to override
106	+ # --without-xml
107	+ JSONUSE="--without-libjson"
108	+
109	+ if use clamsubmit \|\| use metadata-analysis-api; then
110	+ # either of those 2 requires libjson.
111	+ # clamsubmit will be built as soon as libjson and curl are found
112	+ # but we only install the binary if requested
113	+ JSONUSE="--with-libjson=${EPREFIX}/usr"
114	+ fi
115	+
116	+ local myeconfargs=(
117	+ $(use_enable bzip2)
118	+ $(use_enable clamonacc)
119	+ $(use_enable clamdtop)
120	+ $(use_enable ipv6)
121	+ $(use_enable milter)
122	+ $(use_enable test check)
123	+ $(use_with xml)
124	+ $(use_with iconv)
125	+ ${JSONUSE}
126	+ $(use_enable libclamav-only)
127	+ $(use_with !libclamav-only libcurl)
128	+ --with-system-libmspack
129	+ --cache-file="${S}"/config.cache
130	+ --disable-experimental
131	+ --disable-static
132	+ --disable-zlib-vcheck
133	+ --enable-id-check
134	+ --with-dbdir="${EPREFIX}"/var/lib/clamav
135	+ # Don't call --with-zlib=/usr (see bug #699296)
136	+ --with-zlib
137	+ --disable-llvm
138	+ --enable-openrc
139	+ --runstatedir=/run
140	+ )
141	+ econf "${myeconfargs[@]}"
142	+}
143	+
144	+src_install() {
145	+ default
146	+
147	+ rm -rf "${ED}"/var/lib/clamav \|\| die
148	+
149	+ if ! use libclamav-only ; then
150	+ if use systemd; then
151	+ # The tmpfiles entry is behind USE=systemd because the
152	+ # upstream OpenRC service files should (and do) ensure that
153	+ # the directories they need exist and have the correct
154	+ # permissions without the help of opentmpfiles. There are
155	+ # years-old root exploits in opentmpfiles, the design is
156	+ # fundamentally flawed, and the maintainer is not up to
157	+ # the task of fixing it.
158	+ dotmpfiles "${FILESDIR}/tmpfiles.d/clamav.conf"
159	+ systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service"
160	+ systemd_dounit "${FILESDIR}/clamd.service"
161	+ systemd_newunit "${FILESDIR}/freshclamd.service-r1" \
162	+ "freshclamd.service"
163	+ fi
164	+
165	+ insinto /etc/logrotate.d
166	+ newins "${FILESDIR}/clamd.logrotate" clamd
167	+ newins "${FILESDIR}/freshclam.logrotate" freshclam
168	+ use milter && \
169	+ newins "${FILESDIR}/clamav-milter.logrotate-r1" clamav-milter
170	+
171	+ # Modify /etc/{clamd,freshclam}.conf to be usable out of the box
172	+ sed -i -e "s:^\(Example\):\# \1:" \
173	+ -e "s/^#\(PidFile .*\)/\1/" \
174	+ -e "s/^#\(LocalSocket .*\)/\1/" \
175	+ -e "s/^#\(User .*\)/\1/" \
176	+ -e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
177	+ -e "s:^\#\(LogTime\).*:\1 yes:" \
178	+ -e "s/^#\(DatabaseDirectory .*\)/\1/" \
179	+ "${ED}"/etc/clamd.conf.sample \|\| die
180	+
181	+ sed -i -e "s:^\(Example\):\# \1:" \
182	+ -e "s/^#\(PidFile .*\)/\1/" \
183	+ -e "s/^#\(DatabaseOwner .*\)/\1/" \
184	+ -e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
185	+ -e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \
186	+ -e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
187	+ -e "s/^#\(DatabaseDirectory .*\)/\1/" \
188	+ "${ED}"/etc/freshclam.conf.sample \|\| die
189	+
190	+ if use milter ; then
191	+ # Note: only keep the "unix" ClamdSocket and MilterSocket!
192	+ sed -i -e "s:^\(Example\):\# \1:" \
193	+ -e "s/^#\(PidFile .*\)/\1/" \
194	+ -e "s/^#\(ClamdSocket unix:.*\)/\1/" \
195	+ -e "s/^#\(User .*\)/\1/" \
196	+ -e "s/^#\(MilterSocket unix:.*\)/\1/" \
197	+ -e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
198	+ "${ED}"/etc/clamav-milter.conf.sample \|\| die
199	+
200	+ cat >> "${ED}"/etc/conf.d/clamd <<-EOF
201	+ MILTER_NICELEVEL=19
202	+ START_MILTER=no
203	+ EOF
204	+
205	+ systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service
206	+ fi
207	+
208	+ local i
209	+ for i in clamd freshclam clamav-milter
210	+ do
211	+ if [[ -f "${ED}"/etc/"${i}".conf.sample ]]; then
212	+ mv "${ED}"/etc/"${i}".conf{.sample,} \|\| die
213	+ fi
214	+ done
215	+
216	+ # These both need to be writable by the clamav user.
217	+ # TODO: use syslog by default; that's what it's for.
218	+ diropts -o clamav -g clamav
219	+ keepdir /var/lib/clamav
220	+ keepdir /var/log/clamav
221	+ fi
222	+
223	+ if use doc ; then
224	+ local HTML_DOCS=( docs/html/. )
225	+ einstalldocs
226	+
227	+ if ! use libclamav-only ; then
228	+ doman docs/man/*.[1-8]
229	+ fi
230	+ fi
231	+
232	+ find "${ED}" -name '*.la' -delete \|\| die
233	+}
234	+
235	+src_test() {
236	+ if use libclamav-only ; then
237	+ ewarn "Test target not available when USE=libclamav-only is set, skipping tests ..."
238	+ return 0
239	+ fi
240	+
241	+ emake quick-check
242	+}
243	+
244	+pkg_postinst() {
245	+ if ! use libclamav-only ; then
246	+ if use systemd ; then
247	+ tmpfiles_process clamav.conf
248	+ fi
249	+ fi
250	+
251	+ if use milter ; then
252	+ elog "For simple instructions how to setup the clamav-milter read the"
253	+ elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"
254	+ fi
255	+
256	+ local databases=( "${EROOT}"/var/lib/clamav/main.c[lv]d )
257	+ if [[ ! -f "${databases}" ]] ; then
258	+ ewarn "You must run freshclam manually to populate the virus database"
259	+ ewarn "before starting clamav for the first time."
260	+ fi
261	+
262	+ ewarn "This version of ClamAV provides separate OpenRC services"
263	+ ewarn "for clamd, freshclam, clamav-milter, and clamonacc. The"
264	+ ewarn "clamd service now starts only the clamd daemon itself. You"
265	+ ewarn "should add freshclam (and perhaps clamav-milter) to any"
266	+ ewarn "runlevels that previously contained clamd."
267	+}
268
269	diff --git a/app-antivirus/clamav/clamav-0.104.4-r1.ebuild b/app-antivirus/clamav/clamav-0.104.4-r1.ebuild
270	new file mode 100644
271	index 000000000000..6514459df831
272	--- /dev/null
273	+++ b/app-antivirus/clamav/clamav-0.104.4-r1.ebuild
274	@@ -0,0 +1,215 @@
275	+# Copyright 1999-2022 Gentoo Authors
276	+# Distributed under the terms of the GNU General Public License v2
277	+
278	+EAPI=8
279	+
280	+PYTHON_COMPAT=( python3_{8..10} )
281	+inherit cmake flag-o-matic python-any-r1 systemd tmpfiles
282	+
283	+DESCRIPTION="Clam Anti-Virus Scanner"
284	+HOMEPAGE="https://www.clamav.net/"
285	+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"
286	+
287	+LICENSE="GPL-2"
288	+SLOT="0"
289	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~riscv ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"
290	+IUSE="doc clamonacc +clamapp libclamav-only milter rar selinux systemd test"
291	+
292	+REQUIRED_USE="libclamav-only? ( !clamonacc !clamapp !milter )
293	+ clamonacc? ( clamapp )
294	+ milter? ( clamapp )
295	+ test? ( !libclamav-only )"
296	+
297	+RESTRICT="!test? ( test )"
298	+
299	+# Require acct-{user,group}/clamav at build time so that we can set
300	+# the permissions on /var/lib/clamav in src_install rather than in
301	+# pkg_postinst; calling "chown" on the live filesystem scares me.
302	+CDEPEND="acct-group/clamav
303	+ acct-user/clamav
304	+ dev-libs/libltdl
305	+ dev-libs/libmspack
306	+ dev-libs/json-c:=
307	+ dev-libs/libpcre2
308	+ >=sys-libs/zlib-1.2.2:=
309	+ app-arch/bzip2
310	+ clamapp? ( sys-libs/ncurses:= net-misc/curl )
311	+ elibc_musl? ( sys-libs/fts-standalone )
312	+ virtual/libiconv
313	+ !libclamav-only? ( net-misc/curl )
314	+ dev-libs/openssl:=
315	+ milter? ( mail-filter/libmilter:= )
316	+ dev-libs/libxml2
317	+ rar? ( app-arch/unrar )
318	+ test? ( dev-python/pytest )"
319	+# TODO: there is no way to use this with the new build system instead of the bundled one
320	+# dev-libs/tomsfastmath
321	+BDEPEND="virtual/pkgconfig
322	+ doc? ( app-doc/doxygen )
323	+ test? (
324	+ ${PYTHON_DEPS}
325	+ $(python_gen_any_dep 'dev-python/pytest[${PYTHON_USEDEP}]')
326	+ )"
327	+DEPEND="${CDEPEND}
328	+ test? ( dev-libs/check )"
329	+RDEPEND="${CDEPEND}
330	+ selinux? ( sec-policy/selinux-clamav )"
331	+
332	+python_check_deps() {
333	+ has_version -b "dev-python/pytest[${PYTHON_USEDEP}]"
334	+}
335	+
336	+pkg_setup() {
337	+ use test && python-any-r1_pkg_setup
338	+}
339	+
340	+src_configure() {
341	+ use elibc_musl && append-ldflags -lfts
342	+ use ppc64 && append-flags -mminimal-toc
343	+
344	+ local mycmakeargs=(
345	+ -DDATABASE_DIRECTORY="${EPREFIX}"/var/lib/clamav
346	+ -DAPP_CONFIG_DIRECTORY="${EPREFIX}"/etc/clamav
347	+ -DENABLE_EXPERIMENTAL=OFF
348	+ -DENABLE_JSON_SHARED=ON
349	+ -DENABLE_APP=$(usex clamapp ON OFF)
350	+ -DENABLE_MILTER=$(usex milter ON OFF)
351	+ -DENABLE_CLAMONACC=$(usex clamonacc ON OFF)
352	+ -DCLAMAV_USER="clamav"
353	+ -DCLAMAV_GROUP="clamav"
354	+ -DBYTECODE_RUNTIME=interpreter
355	+ -DOPTIMIZE=ON
356	+ -DENABLE_EXTERNAL_MSPACK=ON
357	+ -DENABLE_MAN_PAGES=ON
358	+ -DENABLE_DOXYGEN=$(usex doc)
359	+ -DENABLE_UNRAR=$(usex rar ON OFF)
360	+ -DENABLE_TESTS=$(usex test ON OFF)
361	+ # Used to enable some more tests but doesn't behave well in
362	+ # sandbox necessarily(?) + needs certain debug symbols present
363	+ # in e.g. glibc.
364	+ -DCMAKE_DISABLE_FIND_PACKAGE_Valgrind=ON
365	+ -DENABLE_STATIC_LIB=OFF
366	+ -DENABLE_SHARED_LIB=ON
367	+ -DENABLE_SYSTEMD=$(usex systemd ON OFF)
368	+ )
369	+ cmake_src_configure
370	+}
371	+
372	+src_install() {
373	+ cmake_src_install
374	+
375	+ # init scripts
376	+ newinitd "${FILESDIR}/clamd.initd" clamd
377	+ newinitd "${FILESDIR}/freshclam.initd" freshclam
378	+ use clamonacc && \
379	+ newinitd "${FILESDIR}/clamonacc.initd" clamonacc
380	+ use milter && \
381	+ newinitd "${FILESDIR}/clamav-milter.initd" clamav-milter
382	+
383	+ rm -rf "${ED}"/var/lib/clamav \|\| die
384	+
385	+ if ! use libclamav-only ; then
386	+ if use systemd ; then
387	+ # The tmpfiles entry is behind USE=systemd because the
388	+ # upstream OpenRC service files should (and do) ensure that
389	+ # the directories they need exist and have the correct
390	+ # permissions without the help of opentmpfiles. There are
391	+ # years-old root exploits in opentmpfiles, the design is
392	+ # fundamentally flawed, and the maintainer is not up to
393	+ # the task of fixing it.
394	+ dotmpfiles "${FILESDIR}/tmpfiles.d/clamav.conf"
395	+ systemd_newunit "${FILESDIR}/clamd_at.service-0.104.0" "clamd@.service"
396	+ systemd_dounit "${FILESDIR}/clamd.service"
397	+ systemd_newunit "${FILESDIR}/freshclamd.service-r1" \
398	+ "freshclamd.service"
399	+ fi
400	+
401	+ if use clamapp ; then
402	+ # Modify /etc/{clamd,freshclam}.conf to be usable out of the box
403	+ sed -e "s:^\(Example\):\# \1:" \
404	+ -e "s/^#\(PidFile .*\)/\1/" \
405	+ -e "s/^#\(LocalSocket .*\)/\1/" \
406	+ -e "s/^#\(User .*\)/\1/" \
407	+ -e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
408	+ -e "s:^\#\(LogTime\).*:\1 yes:" \
409	+ -e "s/^#\(DatabaseDirectory .*\)/\1/" \
410	+ "${ED}"/etc/clamav/clamd.conf.sample > \
411	+ "${ED}"/etc/clamav/clamd.conf \|\| die
412	+
413	+ sed -e "s:^\(Example\):\# \1:" \
414	+ -e "s/^#\(PidFile .*\)/\1/" \
415	+ -e "s/^#\(DatabaseOwner .*\)/\1/" \
416	+ -e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
417	+ -e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamav/clamd.conf:" \
418	+ -e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
419	+ -e "s/^#\(DatabaseDirectory .*\)/\1/" \
420	+ "${ED}"/etc/clamav/freshclam.conf.sample > \
421	+ "${ED}"/etc/clamav/freshclam.conf \|\| die
422	+
423	+ if use milter ; then
424	+ # Note: only keep the "unix" ClamdSocket and MilterSocket!
425	+ sed -e "s:^\(Example\):\# \1:" \
426	+ -e "s/^#\(PidFile .*\)/\1/" \
427	+ -e "s/^#\(ClamdSocket unix:.*\)/\1/" \
428	+ -e "s/^#\(User .*\)/\1/" \
429	+ -e "s/^#\(MilterSocket unix:.*\)/\1/" \
430	+ -e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
431	+ "${ED}"/etc/clamav/clamav-milter.conf.sample > \
432	+ "${ED}"/etc/clamav/clamav-milter.conf \|\| die
433	+
434	+ systemd_newunit "${FILESDIR}/clamav-milter.service-0.104.0" clamav-milter.service
435	+ fi
436	+
437	+ local i
438	+ for i in clamd freshclam clamav-milter
439	+ do
440	+ if [[ -f "${ED}"/etc/"${i}".conf.sample ]] ; then
441	+ mv "${ED}"/etc/"${i}".conf{.sample,} \|\| die
442	+ fi
443	+ done
444	+
445	+ # These both need to be writable by the clamav user.
446	+ # TODO: use syslog by default; that's what it's for.
447	+ diropts -o clamav -g clamav
448	+ keepdir /var/lib/clamav
449	+ keepdir /var/log/clamav
450	+ fi
451	+ fi
452	+
453	+ if use doc ; then
454	+ local HTML_DOCS=( docs/html/. )
455	+ einstalldocs
456	+ fi
457	+
458	+ # Don't install man pages for utilities we didn't install
459	+ if use libclamav-only ; then
460	+ rm -r "${ED}"/usr/share/man \|\| die
461	+ fi
462	+
463	+ find "${ED}" -name '*.la' -delete \|\| die
464	+}
465	+
466	+pkg_postinst() {
467	+ if ! use libclamav-only ; then
468	+ if use systemd ; then
469	+ tmpfiles_process clamav.conf
470	+ fi
471	+ fi
472	+
473	+ if use milter ; then
474	+ elog "For simple instructions how to setup the clamav-milter read the"
475	+ elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"
476	+ fi
477	+
478	+ local databases=( "${EROOT}"/var/lib/clamav/main.c[lv]d )
479	+ if [[ ! -f "${databases}" ]] ; then
480	+ ewarn "You must run freshclam manually to populate the virus database"
481	+ ewarn "before starting clamav for the first time."
482	+ fi
483	+
484	+ ewarn "This version of ClamAV provides separate OpenRC services"
485	+ ewarn "for clamd, freshclam, clamav-milter, and clamonacc. The"
486	+ ewarn "clamd service now starts only the clamd daemon itself. You"
487	+ ewarn "should add freshclam (and perhaps clamav-milter) to any"
488	+ ewarn "runlevels that previously contained clamd."
489	+}

Gentoo Archives: gentoo-commits