Commit Graph

25 Commits

Author SHA1 Message Date
Zoltán Böszörményi
ea062563aa clamav: Set clamav:clamav ownership on /var/lib/clamav in do_install
Also, rearrange the runtime-dependencies a little so
clamav-freshclam is installed later than clamav.

The issue is that clamav-freshclam ships /var/lib/clamav
and the main clamav package uses chown in pkg_postinst to set
the ownership of this directory. But pkg_postinst is not
marked as "ontarget" so this chown only took effect when
upgrading or reinstalling the package.

So when clamav is part of an OS image out of the box, freshclamd
cannot populate this directory since it's running under the clamav
user.

Fix this by creating /var/lib/clamav with the proper ownership
in do_install and rearrange runtime-dependencies, so clamav-freshclam
RDEPENDS on clamav and clamav relaxes its runtime-dependency into
RRECOMMENDS so clamav-freshclam is installed later than clamav,
avoiding these warnings:

  Installing       : clamav-freshclam-...            487/1954
warning: user clamav does not exist - using root
warning: group clamav does not exist - using root

Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-09-28 16:18:59 -07:00
Armin Kuster
1bf7f30ca9 chkrootkit: update to 0.55
changes:
Umbreon Linux Rootkit detection
Kinsing.A Backdoor
RotaJakito Backdoor
Minor bug fixes

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-09-28 16:18:17 -07:00
Armin Kuster
0cd37cd076 checksec: set precise BSD license
"BSD" is ambiguous, use the precise licenses BSD-3-Clause

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-09-15 06:48:26 -07:00
Armin Kuster
11a67b861a meta-security: Convert to new override syntax
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-08-01 08:47:08 -07:00
Armin Kuster
d3a484abf8 clamav: fix branch name and update
They dropped the dev branch for rel. Update to tip.
Refresh patches

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-07-28 18:21:25 -07:00
Upgrade Helper
77db981282 clamav: upgrade to latest revision
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-06-05 19:25:17 +00:00
Armin Kuster
448426a1ba clamav: fix systemd startup
cleanup recipe

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16 13:23:55 -07:00
Armin Kuster
75d37ed02a clamav: update to tip.
Add UPSTEAM_CHECK

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-05-16 13:23:55 -07:00
Armin Kuster
879330ae38 clamav: remove rest of mirror.dat ref
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-04-14 13:49:47 +00:00
Armin Kuster
2223b8692e clamav: fix systemd service install
ERROR: clamav-0.104.0-r0 do_package: QA Issue: clamav: Files/directories were installed but not shipped in any package:
  /lib/systemd/system/clamav-daemon.service
    /lib/systemd/system/clamav-clamonacc.service

Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-04-02 08:21:34 -07:00
Armin Kuster
90504a2580 clamav: upgrade 104.0
convert to cmake and general cleanup

include on oe env patch and glibc 2.33 header fixup

if running w/in qemu, need to add qemuparams="-m 2048" to allow
freshclam not to oom

Signed-off-by: Armin Kuster <akuster808@gmail.com>

---
V2]
Bump PV to match what is being d/l
2021-04-02 08:21:34 -07:00
Armin Kuster
d172529675 checksec: upgrade 2.1.0 -> 2.4.0
LIC_FILES_CHKSUM update do to yr change
2021-03-02 11:56:27 -08:00
Armin Kuster
b1d0346eb8 arpwatch: upgrade 3.0 -> 3.1
LIC_FILES_CHKSUM update do to yr change
2021-03-02 11:56:27 -08:00
Armin Kuster
b6d0148899 nikito: Update common-licenses references to match new names
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2021-02-23 20:34:51 -08:00
Yi Zhao
ab133ef3f6 clamav: unify volatiles file name
Make the volatiles file name starts with digital.

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-11-03 15:16:23 -08:00
Charlie Davies
b265ca0b63 clamav: update SO_VER to 9.0.4
Signed-off-by: Charlie Davies <charles.davies@whitetree.xyz>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-09-13 07:08:34 -07:00
Charlie Davies
3becd114a2 clamav: add INSTALL_CLAMAV_CVD flag to do_install
Recipe provides INSTALL_CLAMAV_CVD flag to bypass clamav
cvd db creation. During do_install this flag should be
used to conditionally skip install of cvd db if needed.

Signed-off-by: Charlie Davies <charles.davies@whitetree.xyz>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-08-04 10:41:00 -07:00
Jeremy Puhlman
b78a433767 clamav: resolve multilib issues
Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-06-19 16:03:23 -07:00
Armin Kuster
20ef03b0f1 buck-security: fix runtime issue with missing per module
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-05-15 05:20:31 -07:00
Armin Kuster
98a6664408 arpwatch: add new recipe
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-03-27 16:53:25 -07:00
Armin Kuster
5b82f67c48 buck-security: move to recipes-scanners
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-03-27 16:53:25 -07:00
Armin Kuster
7beb91332f checksecurity: move to recipes-scanners
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-03-27 16:53:25 -07:00
Armin Kuster
a9e3b04576 checksec: move to recipe-scanners
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-03-27 16:53:25 -07:00
Armin Kuster
e4a2dd0b4a clamav: move to recipes-scanners
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-03-27 16:53:25 -07:00
Armin Kuster
4447296ca3 chkrootkit: add rootkit recipe
Signed-off-by: Armin Kuster <akuster808@gmail.com>
2020-03-27 16:53:25 -07:00