Перенесён ebuild clamav для исколючения блокировки при бинарном обновлении

8 years ago · b6e387901a
parent 54888eef28
commit b6e387901a
12 changed files with 398 additions and 0 deletions
--- a/app-antivirus/clamav/Manifest
+++ b/app-antivirus/clamav/Manifest
@ -0,0 +1 @@
+DIST clamav-0.99.tar.gz 15968038 SHA256 d2792c8cfadd685fffc40b2199679628815df031fd3149ccf961649fc8787ea9 SHA512 328e66fa412ba61f5e44c839b254c7a84d2ce7821fda6cf29e4ee9532c06e45bdec62f202ca561223e984fff170bfd8280e5cc8e306c09a3017b17e7db3bbf56 WHIRLPOOL 696b425c0d3a6639d627e6dba000a57c4e532232f9f42a564a992c0b459d8041a1947b09548d99b621a5685c78d91045adf4b61731242f55eda2b8d5150fc8b8
--- a/app-antivirus/clamav/clamav-0.99-r1.ebuild
+++ b/app-antivirus/clamav/clamav-0.99-r1.ebuild
@ -0,0 +1,141 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit eutils flag-o-matic user systemd
+
+DESCRIPTION="Clam Anti-Virus Scanner"
+HOMEPAGE="http://www.clamav.net/"
+SRC_URI="mirror://sourceforge/${PN}/${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd ~amd64-linux ~x86-linux ~ppc-macos ~sparc-solaris ~x86-solaris"
+IUSE="bzip2 clamdtop iconv ipv6 libressl milter metadata-analysis-api selinux static-libs uclibc"
+
+CDEPEND="bzip2? ( app-arch/bzip2 )
+	clamdtop? ( sys-libs/ncurses:0 )
+	iconv? ( virtual/libiconv )
+	metadata-analysis-api? ( dev-libs/json-c )
+	milter? ( || ( mail-filter/libmilter mail-mta/sendmail ) )
+	dev-libs/libtommath
+	>=sys-libs/zlib-1.2.2
+	!libressl? ( dev-libs/openssl:0= )
+	libressl? ( dev-libs/libressl:0= )
+	sys-devel/libtool"
+# openssl is now *required* see this link as to why
+# http://blog.clamav.net/2014/02/introducing-openssl-as-dependency-to.html
+DEPEND="${CDEPEND}
+	!!<app-antivirus/clamav-0.99
+	virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+	selinux? ( sec-policy/selinux-clamav )"
+
+DOCS=( AUTHORS BUGS ChangeLog FAQ INSTALL NEWS README UPGRADE )
+
+pkg_setup() {
+	enewgroup clamav
+	enewuser clamav -1 -1 /dev/null clamav
+}
+
+src_prepare() {
+	use ppc64 && append-flags -mminimal-toc
+	use uclibc && export ac_cv_type_error_t=yes
+}
+
+src_configure() {
+	econf \
+		--disable-experimental \
+		--disable-fanotify \
+		--enable-id-check \
+		--with-dbdir="${EPREFIX}"/var/lib/clamav \
+		--with-system-tommath \
+		--with-zlib="${EPREFIX}"/usr \
+		$(use_enable bzip2) \
+		$(use_enable clamdtop) \
+		$(use_enable ipv6) \
+		$(use_enable milter) \
+		$(use_enable static-libs static) \
+		$(use_with iconv) \
+		$(use_with metadata-analysis-api libjson /usr)
+}
+
+src_install() {
+	default
+
+	rm -rf "${ED}"/var/lib/clamav
+	newinitd "${FILESDIR}"/clamd.initd-r6 clamd
+	newconfd "${FILESDIR}"/clamd.conf-r1 clamd
+
+	systemd_dotmpfilesd "${FILESDIR}/tmpfiles.d/clamav.conf"
+	systemd_newunit "${FILESDIR}/clamd_at.service" "clamd@.service"
+	systemd_dounit "${FILESDIR}/clamd.service"
+	systemd_dounit "${FILESDIR}/freshclamd.service"
+
+	keepdir /var/lib/clamav
+	fowners clamav:clamav /var/lib/clamav
+	keepdir /var/log/clamav
+	fowners clamav:clamav /var/log/clamav
+
+	dodir /etc/logrotate.d
+	insinto /etc/logrotate.d
+	newins "${FILESDIR}"/clamav.logrotate clamav
+
+	# Modify /etc/{clamd,freshclam}.conf to be usable out of the box
+	sed -i -e "s:^\(Example\):\# \1:" \
+		-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.pid:" \
+		-e "s:.*\(LocalSocket\) .*:\1 ${EPREFIX}/var/run/clamav/clamd.sock:" \
+		-e "s:.*\(User\) .*:\1 clamav:" \
+		-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamd.log:" \
+		-e "s:^\#\(LogTime\).*:\1 yes:" \
+		-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+		"${ED}"/etc/clamd.conf.sample || die
+	sed -i -e "s:^\(Example\):\# \1:" \
+		-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/freshclam.pid:" \
+		-e "s:.*\(DatabaseOwner\) .*:\1 clamav:" \
+		-e "s:^\#\(UpdateLogFile\) .*:\1 ${EPREFIX}/var/log/clamav/freshclam.log:" \
+		-e "s:^\#\(NotifyClamd\).*:\1 ${EPREFIX}/etc/clamd.conf:" \
+		-e "s:^\#\(ScriptedUpdates\).*:\1 yes:" \
+		-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+		"${ED}"/etc/freshclam.conf.sample || die
+
+	if use milter ; then
+		# MilterSocket one to include ' /' because there is a 2nd line for
+		# inet: which we want to leave
+		dodoc "${FILESDIR}"/clamav-milter.README.gentoo
+		sed -i -e "s:^\(Example\):\# \1:" \
+			-e "s:.*\(PidFile\) .*:\1 ${EPREFIX}/var/run/clamav/clamav-milter.pid:" \
+			-e "s+^\#\(ClamdSocket\) .*+\1 unix:${EPREFIX}/var/run/clamav/clamd.sock+" \
+			-e "s:.*\(User\) .*:\1 clamav:" \
+			-e "s+^\#\(MilterSocket\) /.*+\1 unix:${EPREFIX}/var/run/clamav/clamav-milter.sock+" \
+			-e "s:^\#\(AllowSupplementaryGroups\).*:\1 yes:" \
+			-e "s:^\#\(LogFile\) .*:\1 ${EPREFIX}/var/log/clamav/clamav-milter.log:" \
+			"${ED}"/etc/clamav-milter.conf.sample || die
+		cat >> "${ED}"/etc/conf.d/clamd <<-EOF
+			MILTER_NICELEVEL=19
+			START_MILTER=no
+		EOF
+
+		systemd_newunit "${FILESDIR}/clamav-milter.service-r1" clamav-milter.service
+	fi
+
+	for i in clamd freshclam clamav-milter
+	do
+		[[ -f "${D}"/etc/"${i}".conf.sample ]] && mv "${D}"/etc/"${i}".conf{.sample,}
+	done
+
+	prune_libtool_files --all
+}
+
+pkg_postinst() {
+	if use milter ; then
+		elog "For simple instructions how to setup the clamav-milter read the"
+		elog "clamav-milter.README.gentoo in /usr/share/doc/${PF}"
+	fi
+	if test -z $(find "${ROOT}"var/lib/clamav -maxdepth 1 -name 'main.c*' -print -quit) ; then
+		ewarn "You must run freshclam manually to populate the virus database files"
+		ewarn "before starting clamav for the first time.\n"
+	fi
+}
--- a/app-antivirus/clamav/files/clamav-milter.README.gentoo
+++ b/app-antivirus/clamav/files/clamav-milter.README.gentoo
@ -0,0 +1,44 @@
+Nick Hadaway <raker@gentoo.org>
+Updated by Andrea Barisani <lcars@gentoo.org>
+18/05/2004
+
+Setting up clamav-milter on Gentoo Linux
+
+Step 1 - Configure clamd
+
+Check /etc/clamd.conf, default values should work out of the box but 
+read and understand all the options especially if you are going to
+use it on production boxes.
+
+Step 2 - Tell the init script to start clamd as well as freshclam and the
+         milter itself.
+
+	nano -w /etc/conf.d/clamd
+
+	START_CLAMD=yes
+	START_FRESHCLAM=yes
+	START_MILTER=yes
+
+Step 3 - Edit sendmail.mc
+
+	Add these lines to sendmail.mc before any any other 
+	INPUT_MAIL_FILTER lines and before MAILER(local)
+	NOTE: ANY INPUT_MAIL_FILTER definitions put before these lines
+	will be discarded due to the use of confINPUT_MAIL_FILTERS
+	Make this your first mail filter. :)
+
+	INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m;R:4m')dnl
+	define(`confINPUT_MAIL_FILTERS', `clmilter')dnl
+
+Step 4 - Rebuild sendmail.cf
+
+	cd /etc/mail
+	m4 sendmail.mc > sendmail.cf
+
+Step 5 - Start clamad
+
+	/etc/init.d/clamd start
+
+Step 6 - Restart sendmail
+
+	/etc/init.d/sendmail restart
--- a/app-antivirus/clamav/files/clamav-milter.service-r1
+++ b/app-antivirus/clamav/files/clamav-milter.service-r1
@ -0,0 +1,13 @@
+[Unit]
+Description=Milter module for the ClamAV scanner
+After=nss-lookup.target network.target
+Before=sendmail.service
+Before=postfix.service
+
+[Service]
+Type=forking
+PIDFile=/run/clamav/clamav-milter.pid
+ExecStart=/usr/sbin/clamav-milter -c /etc/clamav-milter.conf
+
+[Install]
+WantedBy=multi-user.target
--- a/app-antivirus/clamav/files/clamav.logrotate
+++ b/app-antivirus/clamav/files/clamav.logrotate
@ -0,0 +1,17 @@
+/var/log/clamav/clamd.log {
+	su clamav clamav
+	missingok
+	postrotate
+		/etc/init.d/clamd logfix
+		/bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null` 2>/dev/null || true
+	endscript
+}
+
+/var/log/clamav/freshclam.log {
+	su clamav clamav
+	missingok
+	postrotate
+		/etc/init.d/clamd logfix
+		/bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2> /dev/null` 2>/dev/null || true
+	endscript
+}
--- a/app-antivirus/clamav/files/clamd.conf-r1
+++ b/app-antivirus/clamav/files/clamd.conf-r1
@ -0,0 +1,7 @@
+# Config file for /etc/init.d/clamd
+
+START_CLAMD=yes
+START_FRESHCLAM=yes
+CLAMD_NICELEVEL=3
+FRESHCLAM_NICELEVEL=19
+IONICE_LEVEL=2
--- a/app-antivirus/clamav/files/clamd.initd-r6
+++ b/app-antivirus/clamav/files/clamd.initd-r6
@ -0,0 +1,129 @@
+#!/sbin/runscript
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+daemon_clamd="/usr/sbin/clamd"
+daemon_freshclam="/usr/bin/freshclam"
+daemon_milter="/usr/sbin/clamav-milter"
+
+extra_commands="logfix"
+
+depend() {
+	use net
+	provide antivirus
+}
+
+get_config() {
+	clamconf | sed 's/["=]//g' | \
+	awk "{
+	if(\$0==\"Config file: $1.conf\") S=1
+	if(S==1&&\$0==\"\") {
+		print \"$3\"
+		exit
+	}
+	if(S==1&&\$1~\"^$2\$\") {
+		print \$2!=\"disabled\"?\$2:\"$3\"
+		exit
+	}
+	}"
+}
+
+start() {
+	# populate variables and fix log file permissions
+	logfix
+
+	if [ "${START_CLAMD}" = "yes" ]; then
+		checkpath --quiet --mode 755 \
+			--owner "${clamd_user}":"${clamd_user}" \
+			--directory `dirname ${clamd_socket}`
+		if [ -S "${clamd_socket}" ]; then
+			rm -f ${clamd_socket}
+		fi
+		ebegin "Starting clamd"
+		start-stop-daemon --start --quiet \
+			--nicelevel ${CLAMD_NICELEVEL:-0} \
+			--ionice ${IONICE_LEVEL:-0} \
+			--exec ${daemon_clamd}
+		eend $? "Failed to start clamd"
+	fi
+
+	if [ "${START_FRESHCLAM}" = "yes" ]; then
+		checkpath --quiet --mode 755 \
+			--owner "${clamd_user}":"${clamd_user}" \
+			--directory `dirname ${clamd_socket}`
+		ebegin "Starting freshclam"
+		start-stop-daemon --start --quiet \
+			--nicelevel ${FRESHCLAM_NICELEVEL:-0} \
+			--ionice ${IONICE_LEVEL:-0} \
+			--exec ${daemon_freshclam} -- -d
+		retcode=$?
+		if [ ${retcode} = 1 ]; then
+			eend 0
+			einfo "Virus databases are already up to date."
+		else
+			eend ${retcode} "Failed to start freshclam"
+		fi
+	fi
+
+	if [ "${START_MILTER}" = "yes" ]; then
+		if [ -z "${MILTER_CONF_FILE}" ]; then
+			MILTER_CONF_FILE="/etc/clamav-milter.conf"
+		fi
+
+		ebegin "Starting clamav-milter"
+		start-stop-daemon --start --quiet \
+			--nicelevel ${MILTER_NICELEVEL:-0} \
+			--ionice ${IONICE_LEVEL:-0} \
+			--exec ${daemon_milter} -- -c ${MILTER_CONF_FILE}
+		eend $? "Failed to start clamav-milter"
+	fi
+}
+
+stop() {
+	if [ "${START_CLAMD}" = "yes" ]; then
+		ebegin "Stopping clamd"
+		start-stop-daemon --stop --quiet --name clamd
+		eend $? "Failed to stop clamd"
+	fi
+	if [ "${START_FRESHCLAM}" = "yes" ]; then
+		ebegin "Stopping freshclam"
+		start-stop-daemon --stop --quiet --name freshclam
+		eend $? "Failed to stop freshclam"
+	fi
+	if [ "${START_MILTER}" = "yes" ]; then
+		ebegin "Stopping clamav-milter"
+		start-stop-daemon --stop --quiet --name clamav-milter
+		eend $? "Failed to stop clamav-milter"
+	fi
+}
+
+logfix() {
+	clamd_socket=$(get_config clamd LocalSocket /run/clamav/clamd.sock)
+	clamd_user=$(get_config clamd User clamav)
+	freshclam_user=$(get_config freshclam DatabaseOwner clamav)
+
+	if [ "${START_CLAMD}" = "yes" ]; then
+		# fix clamd log permissions
+		# (might be clobbered by logrotate or something)
+		local logfile=$(get_config clamd LogFile)
+		if [ -n "${logfile}" ]; then
+			checkpath --quiet \
+				--owner "${clamd_user}":"${clamd_user}" \
+				--mode 640 \
+				--file ${logfile}
+		fi
+	fi
+
+	if [ "${START_FRESHCLAM}" = "yes" ]; then
+		# fix freshclam log permissions
+		# (might be clobbered by logrotate or something)
+		local logfile=$(get_config freshclam UpdateLogFile)
+		if [ -n "${logfile}" ]; then
+			checkpath --quiet \
+				--owner "${freshclam_user}":"${freshclam_user}" \
+				--mode 640 \
+				--file ${logfile}
+		fi
+	fi
+}
--- a/app-antivirus/clamav/files/clamd.service
+++ b/app-antivirus/clamav/files/clamd.service
@ -0,0 +1,7 @@
+.include /usr/lib/systemd/system/clamd@.service
+
+[Unit]
+Description=Generic ClamAV scanner daemon
+
+[Install]
+WantedBy=multi-user.target
--- a/app-antivirus/clamav/files/clamd_at.service
+++ b/app-antivirus/clamav/files/clamd_at.service
@ -0,0 +1,9 @@
+[Unit]
+Description=clamd scanner (%i) daemon
+After=nss-lookup.target network.target
+
+[Service]
+Type=forking
+ExecStart=/usr/sbin/clamd -c /etc/clamd%i.conf
+Restart=on-failure
+PrivateTmp=true
--- a/app-antivirus/clamav/files/freshclamd.service
+++ b/app-antivirus/clamav/files/freshclamd.service
@ -0,0 +1,10 @@
+[Unit]
+Description=clamav updater
+
+[Service]
+Type=forking
+PIDFile=/run/clamav/freshclam.pid
+ExecStart=/usr/bin/freshclam -d -p /run/clamav/freshclam.pid
+
+[Install]
+WantedBy=multi-user.target
--- a/app-antivirus/clamav/files/tmpfiles.d/clamav.conf
+++ b/app-antivirus/clamav/files/tmpfiles.d/clamav.conf
@ -0,0 +1 @@
+d /run/clamav 0710 clamav clamav
--- a/app-antivirus/clamav/metadata.xml
+++ b/app-antivirus/clamav/metadata.xml
@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+  <maintainer type="project">
+    <email>net-mail@gentoo.org</email>
+    <name>Net-Mail</name>
+  </maintainer>
+  <maintainer type="project">
+    <email>antivirus@gentoo.org</email>
+    <name>Gentoo Antivirus Project</name>
+  </maintainer>
+  <use>
+    <flag name="clamdtop">A Top like tool which shows what clamd is currently scanning amongst other things</flag>
+    <flag name="metadata-analysis-api">Enables collection of file property metadata using ClamAV API for analysis by ClamAV bytecode programs.</flag>
+  </use>
+  <upstream>
+    <remote-id type="sourceforge">clamav</remote-id>
+  </upstream>
+</pkgmetadata>
				`@ -0,0 +1 @@`
				`DIST clamav-0.99.tar.gz 15968038 SHA256 d2792c8cfadd685fffc40b2199679628815df031fd3149ccf961649fc8787ea9 SHA512 328e66fa412ba61f5e44c839b254c7a84d2ce7821fda6cf29e4ee9532c06e45bdec62f202ca561223e984fff170bfd8280e5cc8e306c09a3017b17e7db3bbf56 WHIRLPOOL 696b425c0d3a6639d627e6dba000a57c4e532232f9f42a564a992c0b459d8041a1947b09548d99b621a5685c78d91045adf4b61731242f55eda2b8d5150fc8b8`