** Description changed: [IMPACT] clamav-daemon won't listen on TCP sockets when reconfiguring the package. This is not an upstream clamav bug, it is a packaging one. When `sudo dpkg-reconfigure clamav-daemon` is run, the postinst script correctly updates the main configuration file (clamd.conf). - In Ubuntu - + In Ubuntu, clamav-daemon is integrated as a systemd service. Whether + clamav listens to a unix file of a TCP socket is configured in + clamd.conf (upstream bit). In Ubuntu this is passed to systemd service + by making the service depend a systemd socket file. However, this change is not propagated to the systemd socket unit, which continues to use the old settings. - - [TEST CASE] Run "sudo apt install clamav-daemon" Run "sudo dpkg-reconfigure clamav-daemon" Select "Socket type" as "TCP" Leave everything else as defaults and finish the config setup Run "sudo systemctl restart clamav-daemon" Check for the daemon running on a TCP socket (it won't be): sudo ss -pln | grep 3310 [Where problems could occur] TBD - [Other] Upstream related bug: https://github.com/Cisco-Talos/clamav/issues/1464
** Description changed: [IMPACT] clamav-daemon won't listen on TCP sockets when reconfiguring the package. This is not an upstream clamav bug, it is a packaging one. When `sudo dpkg-reconfigure clamav-daemon` is run, the postinst script correctly updates the main configuration file (clamd.conf). In Ubuntu, clamav-daemon is integrated as a systemd service. Whether clamav listens to a unix file of a TCP socket is configured in clamd.conf (upstream bit). In Ubuntu this is passed to systemd service - by making the service depend a systemd socket file. + by making the service depend a systemd socket: - However, this change is not propagated to the systemd socket unit, which - continues to use the old settings. + root@jammy:/usr/lib/systemd/system# cat clamav-daemon.socket + [Unit] + Description=Socket for Clam AntiVirus userspace daemon + Documentation=man:clamd(8) man:clamd.conf(5) https://docs.clamav.net/ + # Check for database existence + ConditionPathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc} + ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc} + + [Socket] + ListenStream=/run/clamav/clamd.ctl + #ListenStream=1024 + SocketUser=clamav + SocketGroup=clamav + RemoveOnStop=True + + [Install] + WantedBy=sockets.target + + + The problem is that when reconfiguring the package to make clamav listen to a TCP socket, this change is never reflected in the systemd socket file which keeps the old config (unix file). + + + To address this I can think of 2 ways: + a) Modify the postinst script to also update the systemd socket file. + b) Modify the systemd service to read its configuration directly from clamd.conf, making the socket file's configuration redundant. + [TEST CASE] Run "sudo apt install clamav-daemon" Run "sudo dpkg-reconfigure clamav-daemon" Select "Socket type" as "TCP" Leave everything else as defaults and finish the config setup Run "sudo systemctl restart clamav-daemon" Check for the daemon running on a TCP socket (it won't be): sudo ss -pln | grep 3310 [Where problems could occur] TBD [Other] Upstream related bug: https://github.com/Cisco-Talos/clamav/issues/1464 ** Description changed: [IMPACT] clamav-daemon won't listen on TCP sockets when reconfiguring the package. This is not an upstream clamav bug, it is a packaging one. When `sudo dpkg-reconfigure clamav-daemon` is run, the postinst script correctly updates the main configuration file (clamd.conf). In Ubuntu, clamav-daemon is integrated as a systemd service. Whether clamav listens to a unix file of a TCP socket is configured in clamd.conf (upstream bit). In Ubuntu this is passed to systemd service - by making the service depend a systemd socket: + by making the service depend on a systemd socket: - root@jammy:/usr/lib/systemd/system# cat clamav-daemon.socket + root@jammy:/usr/lib/systemd/system# cat clamav-daemon.socket [Unit] Description=Socket for Clam AntiVirus userspace daemon Documentation=man:clamd(8) man:clamd.conf(5) https://docs.clamav.net/ # Check for database existence ConditionPathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc} ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc} [Socket] ListenStream=/run/clamav/clamd.ctl #ListenStream=1024 SocketUser=clamav SocketGroup=clamav RemoveOnStop=True [Install] WantedBy=sockets.target - - The problem is that when reconfiguring the package to make clamav listen to a TCP socket, this change is never reflected in the systemd socket file which keeps the old config (unix file). - + The problem is that when reconfiguring the package to make clamav listen + to a TCP socket, this change is never reflected in the systemd socket + file which keeps the old config (unix file). To address this I can think of 2 ways: a) Modify the postinst script to also update the systemd socket file. b) Modify the systemd service to read its configuration directly from clamd.conf, making the socket file's configuration redundant. - [TEST CASE] Run "sudo apt install clamav-daemon" Run "sudo dpkg-reconfigure clamav-daemon" Select "Socket type" as "TCP" Leave everything else as defaults and finish the config setup Run "sudo systemctl restart clamav-daemon" Check for the daemon running on a TCP socket (it won't be): sudo ss -pln | grep 3310 [Where problems could occur] TBD [Other] Upstream related bug: https://github.com/Cisco-Talos/clamav/issues/1464 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2129160 Title: dpkg-reconfigure clamav-daemon does not respect TCP configuration To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/2129160/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
