[gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/ - gentoo-commits

From:	Sam James <sam@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: app-antivirus/clamav/, app-antivirus/clamav/files/
Date:	Tue, 29 Jun 2021 04:40:09
Message-Id:	`1624939921.5e66ceb053b88d41ef3a76fdecd3144495d62976.sam@gentoo`

1

commit:     5e66ceb053b88d41ef3a76fdecd3144495d62976

2

Author:     Hank Leininger <hlein <AT> korelogic <DOT> com>

3

AuthorDate: Sun Jun 27 18:11:39 2021 +0000

4

Commit:     Sam James <sam <AT> gentoo <DOT> org>

5

CommitDate: Tue Jun 29 04:12:01 2021 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5e66ceb0

7

8

app-antivirus/clamav: fix logrotate file deployed when USE=milter

9

10

command -v writes to stdout, not stderr, so the check for openrc/systemd

11

was generating output and emails.

12

13

Signed-off-by: Hank Leininger <hlein <AT> korelogic.com>

14

Closes: https://bugs.gentoo.org/798933

15

Package-Manager: Portage-3.0.20, Repoman-3.0.3

16

Signed-off-by: Sam James <sam <AT> gentoo.org>

17

18

 app-antivirus/clamav/clamav-0.103.3-r1.ebuild      | 234 +++++++++++++++++++++

19

 .../clamav/files/clamav-milter.logrotate-r1        |  25 +++

20

 2 files changed, 259 insertions(+)

21

22

diff --git a/app-antivirus/clamav/clamav-0.103.3-r1.ebuild b/app-antivirus/clamav/clamav-0.103.3-r1.ebuild

23

new file mode 100644

24

index 00000000000..5fcae6ee66c

25

--- /dev/null

26

+++ b/app-antivirus/clamav/clamav-0.103.3-r1.ebuild

27

@@ -0,0 +1,234 @@

28

+# Copyright 1999-2021 Gentoo Authors

29

+# Distributed under the terms of the GNU General Public License v2

30

+

31

+EAPI=7

32

+

33

+inherit autotools flag-o-matic systemd tmpfiles

34

+

35

+DESCRIPTION="Clam Anti-Virus Scanner"

36

+HOMEPAGE="https://www.clamav.net/"

37

+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"

38

+

39

+LICENSE="GPL-2"

40

+SLOT="0"

41

+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"

42

+IUSE="bzip2 doc clamonacc clamdtop clamsubmit iconv ipv6 libclamav-only milter metadata-analysis-api selinux systemd test uclibc xml"

43

+

44

+REQUIRED_USE="libclamav-only? ( !clamonacc !clamdtop !clamsubmit !milter !metadata-analysis-api )"

45

+

46

+RESTRICT="!test? ( test )"

47

+

48

+# Require acct-{user,group}/clamav at build time so that we can set

49

+# the permissions on /var/lib/clamav in src_install rather than in

50

+# pkg_postinst; calling "chown" on the live filesystem scares me.

51

+CDEPEND="acct-group/clamav

52

+	acct-user/clamav

53

+	dev-libs/libltdl

54

+	dev-libs/libmspack

55

+	|| ( dev-libs/libpcre2 >dev-libs/libpcre-6 )

56

+	dev-libs/tomsfastmath

57

+	>=sys-libs/zlib-1.2.2:=

58

+	bzip2? ( app-arch/bzip2 )

59

+	clamdtop? ( sys-libs/ncurses:0 )

60

+	clamsubmit? ( net-misc/curl dev-libs/json-c:= )

61

+	elibc_musl? ( sys-libs/fts-standalone )

62

+	iconv? ( virtual/libiconv )

63

+	!libclamav-only? ( net-misc/curl )

64

+	dev-libs/openssl:0=

65

+	milter? ( || ( mail-filter/libmilter mail-mta/sendmail ) )

66

+	xml? ( dev-libs/libxml2 )"

67

+

68

+# We need at least autoconf-2.69-r5 because that's the first (patched)

69

+# version of it in Gentoo that supports ./configure --runstatedir.

70

+BDEPEND=">=sys-devel/autoconf-2.69-r5

71

+	virtual/pkgconfig"

72

+

73

+DEPEND="${CDEPEND}

74

+	metadata-analysis-api? ( dev-libs/json-c:* )

75

+	test? ( dev-libs/check )"

76

+RDEPEND="${CDEPEND}

77

+	selinux? ( sec-policy/selinux-clamav )"

78

+

79

+PATCHES=(

80

+	"${FILESDIR}/${PN}-0.102.1-libxml2_pkgconfig.patch" #661328

81

+	"${FILESDIR}/${PN}-0.102.2-fix-curl-detection.patch" #709616

82

+	"${FILESDIR}/${PN}-0.103.0-system-tomsfastmath.patch" # 649394

83

+	"${FILESDIR}/${PN}-0.103.1-upstream-openrc.patch"

84

+)

85

+

86

+src_prepare() {

87

+	default

88

+

89

+	# Be extra sure that we're using the system copy of tomsfastmath

90

+	einfo "removing bundled copy of dev-libs/tomsfastmath"

91

+	rm -r libclamav/tomsfastmath || \

92

+		die "failed to remove bundled tomsfastmath"

93

+

94

+	AT_NO_RECURSIVE="yes" eautoreconf

95

+}

96

+

97

+src_configure() {

98

+	use elibc_musl && append-ldflags -lfts

99

+	use ppc64 && append-flags -mminimal-toc

100

+	use uclibc && export ac_cv_type_error_t=yes

101

+

102

+	# according to configure help it should be

103

+	# $(use_enable xml)

104

+	# but that does not work

105

+	# do not add this, since --disable-xml seems to override

106

+	# --without-xml

107

+	JSONUSE="--without-libjson"

108

+

109

+	if use clamsubmit || use metadata-analysis-api; then

110

+		# either of those 2 requires libjson.

111

+		# clamsubmit will be built as soon as libjson and curl are found

112

+		# but we only install the binary if requested

113

+		JSONUSE="--with-libjson=${EPREFIX}/usr"

114

+	fi

115

+

116

+	local myeconfargs=(

117

+		$(use_enable bzip2)

118

+		$(use_enable clamonacc)

119

+		$(use_enable clamdtop)

120

+		$(use_enable ipv6)

121

+		$(use_enable milter)

122

+		$(use_enable test check)

123

+		$(use_with xml)

124

+		$(use_with iconv)

125

+		${JSONUSE}

126

+		$(use_enable libclamav-only)

127

+		$(use_with !libclamav-only libcurl)

128

+		--with-system-libmspack

129

+		--cache-file="${S}"/config.cache

130

+		--disable-experimental

131

+		--disable-static

132

+		--disable-zlib-vcheck

133

+		--enable-id-check

134

+		--with-dbdir="${EPREFIX}"/var/lib/clamav

135

+		# Don't call --with-zlib=/usr (see bug #699296)

136

+		--with-zlib

137

+		--disable-llvm

138

+		--enable-openrc

139

+		--runstatedir=/run

140

+	)

141

+	econf "${myeconfargs[@]}"

142

+}

143

+

144

+src_install() {

145

+	default

146

+

147

+	rm -rf "${ED}"/var/lib/clamav || die

148

+

149

+	if ! use libclamav-only ; then

150

+		if use systemd; then

151

+			# The tmpfiles entry is behind USE=systemd because the

152

+			# upstream OpenRC service files should (and do) ensure that

153

+			# the directories they need exist and have the correct

154

+			# permissions without the help of opentmpfiles. There are

155

+			# years-old root exploits in opentmpfiles, the design is

156

+			# fundamentally flawed, and the maintainer is not up to

157

+			# the task of fixing it.

158

+			dotmpfiles "${FILESDIR}/tmpfiles.d/clamav.conf"

159

+			systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service"

160

+			systemd_dounit "${FILESDIR}/clamd.service"

161

+			systemd_newunit "${FILESDIR}/freshclamd.service-r1" \

162

+							"freshclamd.service"

163

+		fi

164

+

165

+		insinto /etc/logrotate.d

166

+		newins "${FILESDIR}/clamd.logrotate" clamd

167

+		newins "${FILESDIR}/freshclam.logrotate" freshclam

168

+		use milter && \

169

+			newins "${FILESDIR}/clamav-milter.logrotate-r1" clamav-milter

170

+

171

+		# Modify /etc/{clamd,freshclam}.conf to be usable out of the box

172

+		sed -i -e "s:^\(Example\):\# \1:" \

173

+			-e "s/^#\(PidFile .*\)/\1/" \

174

+			-e "s/^#\(LocalSocket .*\)/\1/" \

175

+			-e "s/^#\(User .*\)/\1/" \

176

+			-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \

177

+			-e "s:^\#\(LogTime\).*:\1 yes:" \

178

+			-e "s/^#\(DatabaseDirectory .*\)/\1/" \

179

+			"${ED}"/etc/clamd.conf.sample || die

180

+

181

+		sed -i -e "s:^\(Example\):\# \1:" \

182

+			-e "s/^#\(PidFile .*\)/\1/" \

183

+			-e "s/^#\(DatabaseOwner .*\)/\1/" \

184

+			-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \

185

+			-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \

186

+			-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \

187

+			-e "s/^#\(DatabaseDirectory .*\)/\1/" \

188

+			"${ED}"/etc/freshclam.conf.sample || die

189

+

190

+		if use milter ; then

191

+			# Note: only keep the "unix" ClamdSocket and MilterSocket!

192

+			sed -i -e "s:^\(Example\):\# \1:" \

193

+				-e "s/^#\(PidFile .*\)/\1/" \

194

+				-e "s/^#\(ClamdSocket unix:.*\)/\1/" \

195

+				-e "s/^#\(User .*\)/\1/" \

196

+				-e "s/^#\(MilterSocket unix:.*\)/\1/" \

197

+				-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \

198

+				"${ED}"/etc/clamav-milter.conf.sample || die

199

+

200

+			cat >> "${ED}"/etc/conf.d/clamd <<-EOF

201

+				MILTER_NICELEVEL=19

202

+				START_MILTER=no

203

+			EOF

204

+

205

+			systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service

206

+		fi

207

+

208

+		local i

209

+		for i in clamd freshclam clamav-milter

210

+		do

211

+			if [[ -f "${ED}"/etc/"${i}".conf.sample ]]; then

212

+				mv "${ED}"/etc/"${i}".conf{.sample,} || die

213

+			fi

214

+		done

215

+

216

+		# These both need to be writable by the clamav user.

217

+		# TODO: use syslog by default; that's what it's for.

218

+		diropts -o clamav -g clamav

219

+		keepdir /var/lib/clamav

220

+		keepdir /var/log/clamav

221

+	fi

222

+

223

+	if use doc ; then

224

+		local HTML_DOCS=( docs/html/. )

225

+		einstalldocs

226

+

227

+		if ! use libclamav-only ; then

228

+			doman docs/man/*.[1-8]

229

+		fi

230

+	fi

231

+

232

+	find "${ED}" -name '*.la' -delete || die

233

+}

234

+

235

+src_test() {

236

+	if use libclamav-only ; then

237

+		ewarn "Test target not available when USE=libclamav-only is set, skipping tests ..."

238

+		return 0

239

+	fi

240

+

241

+	emake quick-check

242

+}

243

+

244

+pkg_postinst() {

245

+	if use milter ; then

246

+		elog "For simple instructions how to setup the clamav-milter read the"

247

+		elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"

248

+	fi

249

+

250

+	local databases=( "${EROOT}"/var/lib/clamav/main.c[lv]d )

251

+	if [[ ! -f "${databases}" ]] ; then

252

+		ewarn "You must run freshclam manually to populate the virus database"

253

+		ewarn "before starting clamav for the first time."

254

+	fi

255

+

256

+	ewarn "This version of ClamAV provides separate OpenRC services"

257

+	ewarn "for clamd, freshclam, clamav-milter, and clamonacc. The"

258

+	ewarn "clamd service now starts only the clamd daemon itself. You"

259

+	ewarn "should add freshclam (and perhaps clamav-milter) to any"

260

+	ewarn "runlevels that previously contained clamd."

261

+}

262

263

diff --git a/app-antivirus/clamav/files/clamav-milter.logrotate-r1 b/app-antivirus/clamav/files/clamav-milter.logrotate-r1

264

new file mode 100644

265

index 00000000000..8d2f31a852a

266

--- /dev/null

267

+++ b/app-antivirus/clamav/files/clamav-milter.logrotate-r1

268

@@ -0,0 +1,25 @@

269

+# This script is intended to rotate the logs for clamav-milter in its

270

+# default configuration on Gentoo, where clamav-milter writes to its

271

+# own log file but does not rotate that file itself. The clamav-milter

272

+# daemon is capable of rotating its own logs; if you have "LogRotate

273

+# yes" in clamav-milter.conf then you do not need this script (and

274

+# should disable it). Likewise, if you are logging to syslog

275

+# (LogSyslog yes), this is redundant.

276

+#

277

+# This is more complicated than the clamd/freshclam scripts because

278

+# the milter doesn't yet reopen its log files when it receives a

279

+# SIGHUP. See https://bugzilla.clamav.net/show_bug.cgi?id=12615

280

+# for that. Instead we have to attempt OpenRC/systemd service

281

+# restarts on (only) the machines that support them.

282

+/var/log/clamav/clamav-milter.log {

283

+  su clamav clamav

284

+  missingok

285

+  postrotate

286

+    if command -v rc-service >/dev/null; then

287

+      rc-service clamav-milter status 2>/dev/null 1>&2 && rc-service clamav-milter restart 1>/dev/null

288

+    fi

289

+    if command -v systemctl >/dev/null; then

290

+      systemctl try-restart clamav-milter

291

+    fi

292

+  endscript

293

+}

1	commit: 5e66ceb053b88d41ef3a76fdecd3144495d62976
2	Author: Hank Leininger <hlein <AT> korelogic <DOT> com>
3	AuthorDate: Sun Jun 27 18:11:39 2021 +0000
4	Commit: Sam James <sam <AT> gentoo <DOT> org>
5	CommitDate: Tue Jun 29 04:12:01 2021 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5e66ceb0
7
8	app-antivirus/clamav: fix logrotate file deployed when USE=milter
9
10	command -v writes to stdout, not stderr, so the check for openrc/systemd
11	was generating output and emails.
12
13	Signed-off-by: Hank Leininger <hlein <AT> korelogic.com>
14	Closes: https://bugs.gentoo.org/798933
15	Package-Manager: Portage-3.0.20, Repoman-3.0.3
16	Signed-off-by: Sam James <sam <AT> gentoo.org>
17
18	app-antivirus/clamav/clamav-0.103.3-r1.ebuild \| 234 +++++++++++++++++++++
19	.../clamav/files/clamav-milter.logrotate-r1 \| 25 +++
20	2 files changed, 259 insertions(+)
21
22	diff --git a/app-antivirus/clamav/clamav-0.103.3-r1.ebuild b/app-antivirus/clamav/clamav-0.103.3-r1.ebuild
23	new file mode 100644
24	index 00000000000..5fcae6ee66c
25	--- /dev/null
26	+++ b/app-antivirus/clamav/clamav-0.103.3-r1.ebuild
27	@@ -0,0 +1,234 @@
28	+# Copyright 1999-2021 Gentoo Authors
29	+# Distributed under the terms of the GNU General Public License v2
30	+
31	+EAPI=7
32	+
33	+inherit autotools flag-o-matic systemd tmpfiles
34	+
35	+DESCRIPTION="Clam Anti-Virus Scanner"
36	+HOMEPAGE="https://www.clamav.net/"
37	+SRC_URI="https://www.clamav.net/downloads/production/${P}.tar.gz"
38	+
39	+LICENSE="GPL-2"
40	+SLOT="0"
41	+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"
42	+IUSE="bzip2 doc clamonacc clamdtop clamsubmit iconv ipv6 libclamav-only milter metadata-analysis-api selinux systemd test uclibc xml"
43	+
44	+REQUIRED_USE="libclamav-only? ( !clamonacc !clamdtop !clamsubmit !milter !metadata-analysis-api )"
45	+
46	+RESTRICT="!test? ( test )"
47	+
48	+# Require acct-{user,group}/clamav at build time so that we can set
49	+# the permissions on /var/lib/clamav in src_install rather than in
50	+# pkg_postinst; calling "chown" on the live filesystem scares me.
51	+CDEPEND="acct-group/clamav
52	+ acct-user/clamav
53	+ dev-libs/libltdl
54	+ dev-libs/libmspack
55	+ \|\| ( dev-libs/libpcre2 >dev-libs/libpcre-6 )
56	+ dev-libs/tomsfastmath
57	+ >=sys-libs/zlib-1.2.2:=
58	+ bzip2? ( app-arch/bzip2 )
59	+ clamdtop? ( sys-libs/ncurses:0 )
60	+ clamsubmit? ( net-misc/curl dev-libs/json-c:= )
61	+ elibc_musl? ( sys-libs/fts-standalone )
62	+ iconv? ( virtual/libiconv )
63	+ !libclamav-only? ( net-misc/curl )
64	+ dev-libs/openssl:0=
65	+ milter? ( \|\| ( mail-filter/libmilter mail-mta/sendmail ) )
66	+ xml? ( dev-libs/libxml2 )"
67	+
68	+# We need at least autoconf-2.69-r5 because that's the first (patched)
69	+# version of it in Gentoo that supports ./configure --runstatedir.
70	+BDEPEND=">=sys-devel/autoconf-2.69-r5
71	+ virtual/pkgconfig"
72	+
73	+DEPEND="${CDEPEND}
74	+ metadata-analysis-api? ( dev-libs/json-c:* )
75	+ test? ( dev-libs/check )"
76	+RDEPEND="${CDEPEND}
77	+ selinux? ( sec-policy/selinux-clamav )"
78	+
79	+PATCHES=(
80	+ "${FILESDIR}/${PN}-0.102.1-libxml2_pkgconfig.patch" #661328
81	+ "${FILESDIR}/${PN}-0.102.2-fix-curl-detection.patch" #709616
82	+ "${FILESDIR}/${PN}-0.103.0-system-tomsfastmath.patch" # 649394
83	+ "${FILESDIR}/${PN}-0.103.1-upstream-openrc.patch"
84	+)
85	+
86	+src_prepare() {
87	+ default
88	+
89	+ # Be extra sure that we're using the system copy of tomsfastmath
90	+ einfo "removing bundled copy of dev-libs/tomsfastmath"
91	+ rm -r libclamav/tomsfastmath \|\| \
92	+ die "failed to remove bundled tomsfastmath"
93	+
94	+ AT_NO_RECURSIVE="yes" eautoreconf
95	+}
96	+
97	+src_configure() {
98	+ use elibc_musl && append-ldflags -lfts
99	+ use ppc64 && append-flags -mminimal-toc
100	+ use uclibc && export ac_cv_type_error_t=yes
101	+
102	+ # according to configure help it should be
103	+ # $(use_enable xml)
104	+ # but that does not work
105	+ # do not add this, since --disable-xml seems to override
106	+ # --without-xml
107	+ JSONUSE="--without-libjson"
108	+
109	+ if use clamsubmit \|\| use metadata-analysis-api; then
110	+ # either of those 2 requires libjson.
111	+ # clamsubmit will be built as soon as libjson and curl are found
112	+ # but we only install the binary if requested
113	+ JSONUSE="--with-libjson=${EPREFIX}/usr"
114	+ fi
115	+
116	+ local myeconfargs=(
117	+ $(use_enable bzip2)
118	+ $(use_enable clamonacc)
119	+ $(use_enable clamdtop)
120	+ $(use_enable ipv6)
121	+ $(use_enable milter)
122	+ $(use_enable test check)
123	+ $(use_with xml)
124	+ $(use_with iconv)
125	+ ${JSONUSE}
126	+ $(use_enable libclamav-only)
127	+ $(use_with !libclamav-only libcurl)
128	+ --with-system-libmspack
129	+ --cache-file="${S}"/config.cache
130	+ --disable-experimental
131	+ --disable-static
132	+ --disable-zlib-vcheck
133	+ --enable-id-check
134	+ --with-dbdir="${EPREFIX}"/var/lib/clamav
135	+ # Don't call --with-zlib=/usr (see bug #699296)
136	+ --with-zlib
137	+ --disable-llvm
138	+ --enable-openrc
139	+ --runstatedir=/run
140	+ )
141	+ econf "${myeconfargs[@]}"
142	+}
143	+
144	+src_install() {
145	+ default
146	+
147	+ rm -rf "${ED}"/var/lib/clamav \|\| die
148	+
149	+ if ! use libclamav-only ; then
150	+ if use systemd; then
151	+ # The tmpfiles entry is behind USE=systemd because the
152	+ # upstream OpenRC service files should (and do) ensure that
153	+ # the directories they need exist and have the correct
154	+ # permissions without the help of opentmpfiles. There are
155	+ # years-old root exploits in opentmpfiles, the design is
156	+ # fundamentally flawed, and the maintainer is not up to
157	+ # the task of fixing it.
158	+ dotmpfiles "${FILESDIR}/tmpfiles.d/clamav.conf"
159	+ systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service"
160	+ systemd_dounit "${FILESDIR}/clamd.service"
161	+ systemd_newunit "${FILESDIR}/freshclamd.service-r1" \
162	+ "freshclamd.service"
163	+ fi
164	+
165	+ insinto /etc/logrotate.d
166	+ newins "${FILESDIR}/clamd.logrotate" clamd
167	+ newins "${FILESDIR}/freshclam.logrotate" freshclam
168	+ use milter && \
169	+ newins "${FILESDIR}/clamav-milter.logrotate-r1" clamav-milter
170	+
171	+ # Modify /etc/{clamd,freshclam}.conf to be usable out of the box
172	+ sed -i -e "s:^\(Example\):\# \1:" \
173	+ -e "s/^#\(PidFile .*\)/\1/" \
174	+ -e "s/^#\(LocalSocket .*\)/\1/" \
175	+ -e "s/^#\(User .*\)/\1/" \
176	+ -e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
177	+ -e "s:^\#\(LogTime\).*:\1 yes:" \
178	+ -e "s/^#\(DatabaseDirectory .*\)/\1/" \
179	+ "${ED}"/etc/clamd.conf.sample \|\| die
180	+
181	+ sed -i -e "s:^\(Example\):\# \1:" \
182	+ -e "s/^#\(PidFile .*\)/\1/" \
183	+ -e "s/^#\(DatabaseOwner .*\)/\1/" \
184	+ -e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
185	+ -e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \
186	+ -e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
187	+ -e "s/^#\(DatabaseDirectory .*\)/\1/" \
188	+ "${ED}"/etc/freshclam.conf.sample \|\| die
189	+
190	+ if use milter ; then
191	+ # Note: only keep the "unix" ClamdSocket and MilterSocket!
192	+ sed -i -e "s:^\(Example\):\# \1:" \
193	+ -e "s/^#\(PidFile .*\)/\1/" \
194	+ -e "s/^#\(ClamdSocket unix:.*\)/\1/" \
195	+ -e "s/^#\(User .*\)/\1/" \
196	+ -e "s/^#\(MilterSocket unix:.*\)/\1/" \
197	+ -e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
198	+ "${ED}"/etc/clamav-milter.conf.sample \|\| die
199	+
200	+ cat >> "${ED}"/etc/conf.d/clamd <<-EOF
201	+ MILTER_NICELEVEL=19
202	+ START_MILTER=no
203	+ EOF
204	+
205	+ systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service
206	+ fi
207	+
208	+ local i
209	+ for i in clamd freshclam clamav-milter
210	+ do
211	+ if [[ -f "${ED}"/etc/"${i}".conf.sample ]]; then
212	+ mv "${ED}"/etc/"${i}".conf{.sample,} \|\| die
213	+ fi
214	+ done
215	+
216	+ # These both need to be writable by the clamav user.
217	+ # TODO: use syslog by default; that's what it's for.
218	+ diropts -o clamav -g clamav
219	+ keepdir /var/lib/clamav
220	+ keepdir /var/log/clamav
221	+ fi
222	+
223	+ if use doc ; then
224	+ local HTML_DOCS=( docs/html/. )
225	+ einstalldocs
226	+
227	+ if ! use libclamav-only ; then
228	+ doman docs/man/*.[1-8]
229	+ fi
230	+ fi
231	+
232	+ find "${ED}" -name '*.la' -delete \|\| die
233	+}
234	+
235	+src_test() {
236	+ if use libclamav-only ; then
237	+ ewarn "Test target not available when USE=libclamav-only is set, skipping tests ..."
238	+ return 0
239	+ fi
240	+
241	+ emake quick-check
242	+}
243	+
244	+pkg_postinst() {
245	+ if use milter ; then
246	+ elog "For simple instructions how to setup the clamav-milter read the"
247	+ elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"
248	+ fi
249	+
250	+ local databases=( "${EROOT}"/var/lib/clamav/main.c[lv]d )
251	+ if [[ ! -f "${databases}" ]] ; then
252	+ ewarn "You must run freshclam manually to populate the virus database"
253	+ ewarn "before starting clamav for the first time."
254	+ fi
255	+
256	+ ewarn "This version of ClamAV provides separate OpenRC services"
257	+ ewarn "for clamd, freshclam, clamav-milter, and clamonacc. The"
258	+ ewarn "clamd service now starts only the clamd daemon itself. You"
259	+ ewarn "should add freshclam (and perhaps clamav-milter) to any"
260	+ ewarn "runlevels that previously contained clamd."
261	+}
262
263	diff --git a/app-antivirus/clamav/files/clamav-milter.logrotate-r1 b/app-antivirus/clamav/files/clamav-milter.logrotate-r1
264	new file mode 100644
265	index 00000000000..8d2f31a852a
266	--- /dev/null
267	+++ b/app-antivirus/clamav/files/clamav-milter.logrotate-r1
268	@@ -0,0 +1,25 @@
269	+# This script is intended to rotate the logs for clamav-milter in its
270	+# default configuration on Gentoo, where clamav-milter writes to its
271	+# own log file but does not rotate that file itself. The clamav-milter
272	+# daemon is capable of rotating its own logs; if you have "LogRotate
273	+# yes" in clamav-milter.conf then you do not need this script (and
274	+# should disable it). Likewise, if you are logging to syslog
275	+# (LogSyslog yes), this is redundant.
276	+#
277	+# This is more complicated than the clamd/freshclam scripts because
278	+# the milter doesn't yet reopen its log files when it receives a
279	+# SIGHUP. See https://bugzilla.clamav.net/show_bug.cgi?id=12615
280	+# for that. Instead we have to attempt OpenRC/systemd service
281	+# restarts on (only) the machines that support them.
282	+/var/log/clamav/clamav-milter.log {
283	+ su clamav clamav
284	+ missingok
285	+ postrotate
286	+ if command -v rc-service >/dev/null; then
287	+ rc-service clamav-milter status 2>/dev/null 1>&2 && rc-service clamav-milter restart 1>/dev/null
288	+ fi
289	+ if command -v systemctl >/dev/null; then
290	+ systemctl try-restart clamav-milter
291	+ fi
292	+ endscript
293	+}

Gentoo Archives: gentoo-commits