Your message dated Mon, 4 Sep 2017 20:36:28 +0200 with message-id <[email protected]> and subject line Re: Bug#851129: clamav-freshclam: call to restorecon isn't working, please consider this patch has caused the Debian Bug report #851129, regarding clamav-freshclam: call to restorecon isn't working, please consider this patch to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 851129: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851129 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: clamav-freshclam Version: 0.99.2+dfsg-5 Severity: normal Tags: patch The below patch gives the directories the correct context on my system. Pathfind doesn't seem to work. --- clamav-freshclam.orig 2017-01-12 20:20:51.853784565 +1100 +++ clamav-freshclam 2017-01-12 20:32:56.887718374 +1100 @@ -84,7 +84,7 @@ ucf --three-way --debconf-ok "$sourcefile" "$configfile" else [ -d /var/lib/ucf/cache ] || mkdir -p /var/lib/ucf/cache - pathfind restorecon && restorecon /var/lib/ucf/cache + [ -x /sbin/restorecon ] && /sbin/restorecon /var/lib/ucf/cache cp $sourcefile $configfile add_to_ucf $configfile $ucffile fi @@ -193,7 +193,7 @@ [ -n "$User" ] || User=clamav mkdir -p -m 0755 "$DIR" chown "$User" "$DIR" - pathfind restorecon && restorecon "$DIR" + [ -x /sbin/restorecon ] && /sbin/restorecon "$DIR" } # Debconf Functions -- Package-specific info: --- configuration --- Checking configuration files in /etc/clamav Config file: clamd.conf ----------------------- LogFile = "/var/log/clamav/clamav.log" StatsHostID = "auto" StatsEnabled disabled StatsPEDisabled = "yes" StatsTimeout = "10" LogFileUnlock disabled LogFileMaxSize = "4294967295" LogTime = "yes" LogClean disabled LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" ExtendedDetectionInfo = "yes" PidFile disabled TemporaryDirectory disabled DatabaseDirectory = "/var/lib/clamav" OfficialDatabaseOnly disabled LocalSocket = "/var/run/clamav/clamd.ctl" LocalSocketGroup = "clamav" LocalSocketMode = "666" FixStaleSocket = "yes" TCPSocket disabled TCPAddr disabled MaxConnectionQueueLength = "15" StreamMaxLength = "26214400" StreamMinPort = "1024" StreamMaxPort = "2048" MaxThreads = "12" ReadTimeout = "180" CommandReadTimeout = "5" SendBufTimeout = "200" MaxQueue = "100" IdleTimeout = "30" ExcludePath disabled MaxDirectoryRecursion = "15" FollowDirectorySymlinks disabled FollowFileSymlinks disabled CrossFilesystems = "yes" SelfCheck = "3600" DisableCache disabled VirusEvent disabled ExitOnOOM disabled AllowAllMatchScan = "yes" Foreground disabled Debug disabled LeaveTemporaryFiles disabled User = "clamav" Bytecode = "yes" BytecodeSecurity = "TrustSigned" BytecodeTimeout = "60000" BytecodeUnsigned disabled BytecodeMode = "Auto" DetectPUA disabled ExcludePUA disabled IncludePUA disabled AlgorithmicDetection = "yes" ScanPE = "yes" ScanELF = "yes" DetectBrokenExecutables disabled ScanMail = "yes" ScanPartialMessages disabled PhishingSignatures = "yes" PhishingScanURLs = "yes" PhishingAlwaysBlockCloak disabled PhishingAlwaysBlockSSLMismatch disabled PartitionIntersection disabled HeuristicScanPrecedence disabled StructuredDataDetection disabled StructuredMinCreditCardCount = "3" StructuredMinSSNCount = "3" StructuredSSNFormatNormal = "yes" StructuredSSNFormatStripped disabled ScanHTML = "yes" ScanOLE2 = "yes" OLE2BlockMacros disabled ScanPDF = "yes" ScanSWF = "yes" ScanXMLDOCS = "yes" ScanHWP3 = "yes" ScanArchive = "yes" ArchiveBlockEncrypted disabled ForceToDisk disabled MaxScanSize = "104857600" MaxFileSize = "26214400" MaxRecursion = "16" MaxFiles = "10000" MaxEmbeddedPE = "10485760" MaxHTMLNormalize = "10485760" MaxHTMLNoTags = "2097152" MaxScriptNormalize = "5242880" MaxZipTypeRcg = "1048576" MaxPartitions = "50" MaxIconsPE = "100" MaxRecHWP3 = "16" PCREMatchLimit = "10000" PCRERecMatchLimit = "5000" PCREMaxFileSize = "26214400" ScanOnAccess disabled OnAccessMountPath disabled OnAccessIncludePath disabled OnAccessExcludePath disabled OnAccessExcludeUID disabled OnAccessMaxFileSize = "5242880" OnAccessDisableDDD disabled OnAccessPrevention disabled OnAccessExtraScanning disabled DevACOnly disabled DevACDepth disabled DevPerformance disabled DevLiblog disabled DisableCertCheck disabled Config file: freshclam.conf --------------------------- StatsHostID disabled StatsEnabled disabled StatsTimeout disabled LogFileMaxSize = "4294967295" LogTime = "yes" LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" PidFile disabled DatabaseDirectory = "/var/lib/clamav" Foreground disabled Debug disabled UpdateLogFile = "/var/log/clamav/freshclam.log" DatabaseOwner = "clamav" Checks = "24" DNSDatabaseInfo = "current.cvd.clamav.net" DatabaseMirror = "db.local.clamav.net", "database.clamav.net" PrivateMirror disabled MaxAttempts = "5" ScriptedUpdates = "yes" TestDatabases = "yes" CompressLocalDatabase disabled ExtraDatabase disabled DatabaseCustomURL disabled HTTPProxyServer disabled HTTPProxyPort disabled HTTPProxyUsername disabled HTTPProxyPassword disabled HTTPUserAgent disabled NotifyClamd = "/etc/clamav/clamd.conf" OnUpdateExecute disabled OnErrorExecute disabled OnOutdatedExecute disabled LocalIPAddress disabled ConnectTimeout = "30" ReceiveTimeout = "30" SubmitDetectionStats disabled DetectionStatsCountry disabled DetectionStatsHostID disabled SafeBrowsing disabled Bytecode = "yes" Config file: clamav-milter.conf ------------------------------- LogFile = "/var/log/clamav/clamav-milter.log" LogFileUnlock disabled LogFileMaxSize = "1048576" LogTime = "yes" LogSyslog = "yes" LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" PidFile = "/var/run/clamav/clamav-milter.pid" TemporaryDirectory = "/tmp" FixStaleSocket = "yes" MaxThreads = "10" ReadTimeout = "120" Foreground disabled User = "clamav" MaxFileSize = "26214400" ClamdSocket = "unix:/var/run/clamav/clamd.ctl" MilterSocket = "/var/run/clamav/clamav-milter.ctl" MilterSocketGroup = "clamav" MilterSocketMode = "666" LocalNet disabled OnClean = "Accept" OnInfected = "Reject" OnFail = "Defer" RejectMsg disabled AddHeader = "Replace" ReportHostname disabled VirusAction disabled Chroot disabled Whitelist disabled SkipAuthenticated disabled LogInfected = "Full" LogClean = "Off" SupportMultipleRecipients disabled Software settings ----------------- Version: 0.99.2 Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2 LIBXML2 PCRE ICONV JSON JIT Database information -------------------- Database directory: /var/lib/clamav daily.cld: version 22878, sigs: 1337674, built on Thu Jan 12 19:06:53 2017 bytecode.cld: version 285, sigs: 57, built on Thu Nov 17 06:41:30 2016 main.cvd: version 57, sigs: 4218790, built on Thu Mar 17 10:17:06 2016 Total number of signatures: 5556521 Platform information -------------------- uname: Linux 4.8.0-1-amd64 #1 SMP Debian 4.8.7-1 (2016-11-13) x86_64 OS: linux-gnu, ARCH: x86_64, CPU: x86_64 zlib version: 1.2.8 (1.2.8), compile flags: a9 Triple: x86_64-pc-linux-gnu CPU: pentium2, Little-endian platform id: 0x0a2152520806020102060201 Build information ----------------- GNU C: 6.2.1 20161124 (6.2.1) GNU C++: 6.2.1 20161124 (6.2.1) CPPFLAGS: -Wdate-time -D_FORTIFY_SOURCE=2 CFLAGS: -g -O2 -fdebug-prefix-map=/build/clamav-z6WOPP/clamav-0.99.2+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 -fno-strict-aliasing -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE CXXFLAGS: -g -O2 -fdebug-prefix-map=/build/clamav-z6WOPP/clamav-0.99.2+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 LDFLAGS: -Wl,-z,relro -Wl,-z,now -Wl,--as-needed Configure: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu' '--libexecdir=/usr/lib/x86_64-linux-gnu' '--disable-maintainer-mode' '--disable-dependency-tracking' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/clamav-z6WOPP/clamav-0.99.2+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fdebug-prefix-map=/build/clamav-z6WOPP/clamav-0.99.2+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now -Wl,--as-needed' '--with-dbdir=/var/lib/clamav' '--sysconfdir=/etc/clamav' '--disable-clamav' '--disable-unrar' '--enable-milter' '--enable-dns-fix' '--with-libjson' '--with-gnu-ld' '-with-system-llvm=/usr/bin/llvm-config' '--with-llvm-linking=dynami c' '--with-systemdsystemunitdir=/lib/systemd/system' 'build_alias=x86_64-linux-gnu' sizeof(void*) = 8 Engine flevel: 82, dconf: 82 --- data dir --- total 197208 -rw-r--r--. 1 clamav clamav 494080 Nov 24 05:30 bytecode.cld -rw-r--r--. 1 clamav clamav 92283392 Jan 12 20:18 daily.cld -rw-r--r--. 1 clamav clamav 109143933 Mar 17 2016 main.cvd -rw-------. 1 clamav clamav 1456 Jan 12 20:27 mirrors.dat -- System Information: Debian Release: stretch/sid APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'testing'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.8.0-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages clamav-freshclam depends on: ii clamav-base 0.99.2+dfsg-5 ii debconf [debconf-2.0] 1.5.59 ii dpkg 1.18.18 ii init-system-helpers 1.46 ii libc6 2.24-8 ii libclamav7 0.99.2+dfsg-5 ii libssl1.1 1.1.0c-2 ii logrotate 3.8.7-2 ii lsb-base 9.20161125 ii procps 2:3.3.12-3 ii ucf 3.0036 ii zlib1g 1:1.2.8.dfsg-4 clamav-freshclam recommends no packages. Versions of packages clamav-freshclam suggests: pn apparmor <none> pn clamav-docs <none> -- Configuration Files: /etc/init.d/clamav-freshclam changed: DAEMON=/usr/bin/freshclam NAME=freshclam DESC="ClamAV virus database updater" [ -x $DAEMON ] || exit 0 CLAMAV_CONF_FILE=/etc/clamav/clamd.conf FRESHCLAM_CONF_FILE=/etc/clamav/freshclam.conf to_lower() { word="$1" lcword=$(echo "$word" | tr A-Z a-z) echo "$lcword" } is_true() { var="$1" lcvar=$(to_lower "$var") [ 'true' = "$lcvar" ] || [ 'yes' = "$lcvar" ] || [ 1 = "$lcvar" ] return $? } is_false() { var="$1" lcvar=$(to_lower "$var") [ 'false' = "$lcvar" ] || [ 'no' = "$lcvar" ] || [ 0 = "$lcvar" ] return $? } ucf_cleanup() { # This only does something if I've fucked up before # Not entirely impossible :( configfile=$1 if [ `grep "$configfile" /var/lib/ucf/hashfile | wc -l` -gt 1 ]; then grep -v "$configfile" /var/lib/ucf/hashfile > /var/lib/ucf/hashfile.tmp grep "$configfile" /var/lib/ucf/hashfile | tail -n 1 >> /var/lib/ucf/hashfile.tmp mv /var/lib/ucf/hashfile.tmp /var/lib/ucf/hashfile fi } add_to_ucf() { configfile=$1 ucffile=$2 if ! grep -q "$configfile" /var/lib/ucf/hashfile; then md5sum $configfile >> /var/lib/ucf/hashfile cp $configfile $ucffile fi } ucf_upgrade_check() { configfile=$1 sourcefile=$2 ucffile=$3 if [ -f "$configfile" ]; then add_to_ucf $configfile $ucffile ucf --three-way --debconf-ok "$sourcefile" "$configfile" else [ -d /var/lib/ucf/cache ] || mkdir -p /var/lib/ucf/cache [ -x /sbin/restorecon ] && /sbin/restorecon /var/lib/ucf/cache cp $sourcefile $configfile add_to_ucf $configfile $ucffile fi } slurp_config() { CLAMAVCONF="$1" if [ -e "$CLAMAVCONF" ]; then for variable in `egrep -a -v '^[[:space:]]*(#|$)' "$CLAMAVCONF" | awk '{print $1}'`; do case "$variable" in DatabaseMirror) if [ -z "$DatabaseMirror" ]; then for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do value="$value $i" done else continue fi ;; DatabaseCustomURL) if [ -z "$DatabaseCustomURL" ]; then for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do value="$value $i" done else continue fi ;; IncludePUA) if [ -z "$IncludePUA" ]; then for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do value="$i $value" done else continue fi ;; ExcludePUA) if [ -z "$ExcludePUA" ]; then for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do value="$i $value" done else continue fi ;; ExtraDatabase) if [ -z "$ExtraDatabase" ]; then for i in `grep -a ^$variable $CLAMAVCONF | awk '{print $2}'`; do value="$value $i" done else continue fi ;; VirusEvent|OnUpdateExecute|OnErrorExecute|RejectMsg) value=`grep -a ^$variable $CLAMAVCONF | head -n1 | sed -e s/$variable\ //` ;; *) value=`grep -a "^$variable[[:space:]]" $CLAMAVCONF | head -n1 | awk '{print $2}'` ;; esac if [ -z "$value" ]; then export "$variable"="true" elif [ "$value" != "$variable" ]; then export "$variable"="$value" else export "$variable"="true" fi unset value done fi } pathfind() { OLDIFS="$IFS" IFS=: for p in $PATH; do if [ -x "$p/$*" ]; then IFS="$OLDIFS" return 0 fi done IFS="$OLDIFS" return 1 } set_debconf_value() { prog=$1 name=$2 eval variable="\$${name}" if [ -n "$variable" ]; then db_set clamav-$prog/$name "$variable" || true fi } make_dir() { DIR=$1 if [ -d "$DIR" ]; then return 0; fi [ -n "$User" ] || User=clamav mkdir -p -m 0755 "$DIR" chown "$User" "$DIR" [ -x /sbin/restorecon ] && /sbin/restorecon "$DIR" } isdigit () { case $1 in [[:digit:]]*) ISDIGIT=1 ;; *) ISDIGIT=0 ;; esac } inputdigit () { ISDIGIT=0 while [ "$ISDIGIT" = '0' ]; do db_input "$1" "$2" || true if ! db_go; then return 30 fi db_get $2 || true isdigit $RET if [ "$ISDIGIT" = '0' ]; then db_input critical clamav-base/numinfo || true db_go fi done return 0 } StateGeneric() { PRIO=$1 QUESTION=$2 NEXT=$3 LAST=$4 db_input $PRIO $QUESTION || true if db_go; then STATE=$NEXT else STATE=$LAST fi } StateGenericDigit() { PRIO=$1 QUESTION=$2 NEXT=$3 LAST=$4 inputdigit $PRIO $QUESTION || true if db_go; then STATE=$NEXT else STATE=$LAST fi } . /lib/lsb/init-functions slurp_config "$FRESHCLAM_CONF_FILE" if [ -z "$PidFile" ] then # Set the default PidFile. PidFile='/run/clamav/freshclam.pid' fi [ -n "$DataBaseDirectory" ] || DataBaseDirectory=/var/run/clamav make_dir "$DataBaseDirectory" make_dir $(dirname "$PidFile") [ -z "$UpdateLogFile" ] && UpdateLogFile=/var/log/clamav/freshclam.log [ -z "$DatabaseDirectory" ] && DatabaseDirectory=/var/lib/clamav/ [ -n "$DatabaseOwner" ] || DatabaseOwner=clamav case "$1" in no-daemon) su "$DatabaseOwner" -p -s /bin/sh -c "freshclam -l $UpdateLogFile --datadir $DatabaseDirectory" ;; start) if [ ! -f "$PidFile" ]; then # If clamd is run under a different UID than freshclam then we need # to make sure the PidFile can be written or else we won't be able to # kill it. touch $PidFile chown $DatabaseOwner $PidFile fi # If user wants it run from cron, we only accept no-daemon and stop if [ -f /etc/cron.d/clamav-freshclam ]; then log_warning_msg "Not starting $NAME - cron option selected" log_warning_msg "Run the init script with the 'no-daemon' option" # this is similar to the daemon already running exit 0 fi log_daemon_msg "Starting $DESC" "$NAME" start-stop-daemon --start --oknodo -c "$DatabaseOwner" --exec $DAEMON --pidfile $PidFile --quiet -- -d --quiet --config-file=$FRESHCLAM_CONF_FILE --pid=$PidFile log_end_msg $? ;; stop) log_daemon_msg "Stopping $DESC" "$NAME" start-stop-daemon --stop --oknodo --name $NAME --pidfile $PidFile --quiet --retry TERM/30/KILL/5 log_end_msg $? ;; restart|force-reload) $0 stop $0 start ;; reload-log) # If user wants it run from cron, we only accept no-daemon and stop if [ -f /etc/cron.d/clamav-freshclam ]; then log_warning_msg "Not reloading log for $NAME - cron option selected" # log-reloading is not needed, because freshclam is not run as daemon exit 0 fi log_daemon_msg "Reloading $DESC" "$NAME" pkill -HUP -F $PidFile $NAME log_end_msg $? ;; skip) ;; status) start-stop-daemon --status --name $NAME --pidfile $PidFile ret="$?" if [ "$ret" = 0 ]; then log_success_msg "$NAME is running" exit 0 else log_failure_msg "$NAME is not running" exit "$ret" fi ;; *) log_action_msg "Usage: $0 {no-daemon|start|stop|restart|force-reload|reload-log|skip|status}" >&2 # invalid arguments exit 2 ;; esac exit 0 -- debconf information excluded
--- End Message ---
--- Begin Message ---On 2017-08-20 19:06:49 [+0200], To Scott Kitterman wrote: > where do we stand here? bug, no-bug? > `pathfind' works expected with sh set to bash or dash. However it looks > here for `restorecon' which is part of `policycoreutils' and this might > or might not be installed. > If `pathfind' isn't really working could this be a side effect of > something else? Closing since there response from submitter and it does not look like a bug. If the issue is still there, feel free to reopen and please provide additional information. Sebastian
--- End Message ---
