From patchwork Wed Sep 8 16:28:31 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Matthias Fischer X-Patchwork-Id: 4692 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4H4SHp0cd0z3xJR for ; Wed, 8 Sep 2021 16:28:38 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4H4SHn0Kd0z1Cv; Wed, 8 Sep 2021 16:28:37 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4H4SHm6CVrz2xLW; Wed, 8 Sep 2021 16:28:36 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) client-signature ECDSA (P-384)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4H4SHm2Y1Fz2xDH for ; Wed, 8 Sep 2021 16:28:36 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4H4SHl4VGDz94 for ; Wed, 8 Sep 2021 16:28:35 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1631118515; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=Ul1vnzcplaSHok24h4Dg+w7iwNKFimYJ11wV86ST7c0=; b=Clov+GrXxqaC92RCjjhuiCJZG4P28+1ipmz3b4xssFJ7ophPUw14DLMyPPx3LtjFjd0agN 0piiuXWy6jMIVODQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1631118515; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc; bh=Ul1vnzcplaSHok24h4Dg+w7iwNKFimYJ11wV86ST7c0=; b=WWOvwZGfK4/Ex5+p6oXDxnxI/Tp8l95winpXY9DtF6rzNipt6FpQjhUWnNduSZK8N43wvZ DEbNIYchG3pJaM71eSPRYUiCZiZVaiCPT2ehhOzf66h/4gm0iguoOJd5iB3fWgQ/Qckkrb v0Q1cttoCfqlqQGsGtwygjB6JSNikYxRae7jTLAf0eUSWR/ivBaUyeDn5U5D7Xh7vDY6uS 1Lm4mHJF6OuBNUdQxDQa4bWq0KV5DiOq2N+/8kYs3qEUeHXpAo29lBgP2KPFnPKRzsrj1D NN0Ks+jzS+ItCsye3i61qC6WAHjd0d4aSE0EHze74MTIQYJH2kknbSHik8nIpg== From: Matthias Fischer To: development@lists.ipfire.org Subject: [PATCH] clamav: Update to 0.104.0 Date: Wed, 8 Sep 2021 18:28:31 +0200 Message-Id: <20210908162831.3800-1-matthias.fischer@ipfire.org> X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" For details see: https://blog.clamav.net/2021/09/clamav-01040-released.html New requirements and major changes: "As of ClamAV 0.104, CMake is required to build ClamAV ... The built-in LLVM for the bytecode runtime has been removed." But since the current 'llvm 12.0.1' version refused to be build "...you will need to supply the development libraries for LLVM version 3.6.2" - which is ~6 years old - I gave up with 'llvm' and stayed with the bytecode "interpreter". Cited: "The bytecode interpreter is the default runtime for bytecode signatures just as it was in ClamAV 0.103. @ALL: In 'clamav 0.104.0' there is no appropriate cmake option for "CONFIGURE_FLAGS = --disable-fanotify" for ARM buildings anymore. Perhaps there is a kernel option for this? => https://docs.clamav.net/manual/OnAccess.html#requirements Signed-off-by: Matthias Fischer Reviewed-by: Michael Tremer --- config/rootfiles/packages/clamav | 164 ++++++++++++++++++++++++++----- lfs/clamav | 40 +++++--- 2 files changed, 164 insertions(+), 40 deletions(-) diff --git a/config/rootfiles/packages/clamav b/config/rootfiles/packages/clamav index a27bb584f..5240b71c6 100644 --- a/config/rootfiles/packages/clamav +++ b/config/rootfiles/packages/clamav @@ -12,46 +12,162 @@ usr/bin/sigtool #usr/include/clamav-version.h #usr/include/clamav.h #usr/include/libfreshclam.h -#usr/lib/libclamav.la usr/lib/libclamav.so usr/lib/libclamav.so.9 -usr/lib/libclamav.so.9.0.5 -#usr/lib/libclammspack.la +usr/lib/libclamav.so.9.1.0 usr/lib/libclammspack.so usr/lib/libclammspack.so.0 -usr/lib/libclammspack.so.0.1.0 -#usr/lib/libclamunrar.la +usr/lib/libclammspack.so.0.8.0 usr/lib/libclamunrar.so usr/lib/libclamunrar.so.9 -usr/lib/libclamunrar.so.9.0.5 -#usr/lib/libclamunrar_iface.la +usr/lib/libclamunrar.so.9.1.0 usr/lib/libclamunrar_iface.so usr/lib/libclamunrar_iface.so.9 -usr/lib/libclamunrar_iface.so.9.0.5 -#usr/lib/libfreshclam.la +usr/lib/libclamunrar_iface.so.9.1.0 usr/lib/libfreshclam.so usr/lib/libfreshclam.so.2 -usr/lib/libfreshclam.so.2.0.1 +usr/lib/libfreshclam.so.2.0.2 #usr/lib/pkgconfig/libclamav.pc usr/sbin/clamd -#usr/share/man/man1/clambc.1 -#usr/share/man/man1/clamconf.1 -#usr/share/man/man1/clamdscan.1 -#usr/share/man/man1/clamdtop.1 -#usr/share/man/man1/clamscan.1 -#usr/share/man/man1/clamsubmit.1 -#usr/share/man/man1/freshclam.1 -#usr/share/man/man1/sigtool.1 -#usr/share/man/man5/clamav-milter.conf.5 -#usr/share/man/man5/clamd.conf.5 -#usr/share/man/man5/freshclam.conf.5 -#usr/share/man/man8/clamav-milter.8 -#usr/share/man/man8/clamd.8 +#usr/share/doc/ClamAV +#usr/share/doc/ClamAV/html +#usr/share/doc/ClamAV/html/404.html +#usr/share/doc/ClamAV/html/FontAwesome +#usr/share/doc/ClamAV/html/FontAwesome/css +#usr/share/doc/ClamAV/html/FontAwesome/css/font-awesome.css +#usr/share/doc/ClamAV/html/FontAwesome/fonts +#usr/share/doc/ClamAV/html/FontAwesome/fonts/FontAwesome.ttf +#usr/share/doc/ClamAV/html/FontAwesome/fonts/fontawesome-webfont.eot +#usr/share/doc/ClamAV/html/FontAwesome/fonts/fontawesome-webfont.svg +#usr/share/doc/ClamAV/html/FontAwesome/fonts/fontawesome-webfont.ttf +#usr/share/doc/ClamAV/html/FontAwesome/fonts/fontawesome-webfont.woff +#usr/share/doc/ClamAV/html/FontAwesome/fonts/fontawesome-webfont.woff2 +#usr/share/doc/ClamAV/html/Introduction.html +#usr/share/doc/ClamAV/html/ace.js +#usr/share/doc/ClamAV/html/appendix +#usr/share/doc/ClamAV/html/appendix/Appendix.html +#usr/share/doc/ClamAV/html/appendix/Authenticode.html +#usr/share/doc/ClamAV/html/appendix/CvdPrivateMirror.html +#usr/share/doc/ClamAV/html/appendix/FileTypes.html +#usr/share/doc/ClamAV/html/appendix/FunctionalityLevels.html +#usr/share/doc/ClamAV/html/appendix/Terminology.html +#usr/share/doc/ClamAV/html/ayu-highlight.css +#usr/share/doc/ClamAV/html/book.js +#usr/share/doc/ClamAV/html/clipboard.min.js +#usr/share/doc/ClamAV/html/css +#usr/share/doc/ClamAV/html/css/chrome.css +#usr/share/doc/ClamAV/html/css/general.css +#usr/share/doc/ClamAV/html/css/print.css +#usr/share/doc/ClamAV/html/css/variables.css +#usr/share/doc/ClamAV/html/editor.js +#usr/share/doc/ClamAV/html/elasticlunr.min.js +#usr/share/doc/ClamAV/html/faq +#usr/share/doc/ClamAV/html/faq/faq-cvd.html +#usr/share/doc/ClamAV/html/faq/faq-eol.html +#usr/share/doc/ClamAV/html/faq/faq-freshclam.html +#usr/share/doc/ClamAV/html/faq/faq-ignore.html +#usr/share/doc/ClamAV/html/faq/faq-misc.html +#usr/share/doc/ClamAV/html/faq/faq-ml.html +#usr/share/doc/ClamAV/html/faq/faq-pua.html +#usr/share/doc/ClamAV/html/faq/faq-safebrowsing.html +#usr/share/doc/ClamAV/html/faq/faq-scan-alerts.html +#usr/share/doc/ClamAV/html/faq/faq-troubleshoot.html +#usr/share/doc/ClamAV/html/faq/faq-uninstall.html +#usr/share/doc/ClamAV/html/faq/faq-upgrade.html +#usr/share/doc/ClamAV/html/faq/faq-whichversion.html +#usr/share/doc/ClamAV/html/faq/faq-win32.html +#usr/share/doc/ClamAV/html/faq/faq.html +#usr/share/doc/ClamAV/html/favicon.png +#usr/share/doc/ClamAV/html/fonts +#usr/share/doc/ClamAV/html/fonts/OPEN-SANS-LICENSE.txt +#usr/share/doc/ClamAV/html/fonts/SOURCE-CODE-PRO-LICENSE.txt +#usr/share/doc/ClamAV/html/fonts/fonts.css +#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-300.woff2 +#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-300italic.woff2 +#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-600.woff2 +#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-600italic.woff2 +#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-700.woff2 +#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-700italic.woff2 +#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-800.woff2 +#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-800italic.woff2 +#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-italic.woff2 +#usr/share/doc/ClamAV/html/fonts/open-sans-v17-all-charsets-regular.woff2 +#usr/share/doc/ClamAV/html/fonts/source-code-pro-v11-all-charsets-500.woff2 +#usr/share/doc/ClamAV/html/highlight.css +#usr/share/doc/ClamAV/html/highlight.js +#usr/share/doc/ClamAV/html/images +#usr/share/doc/ClamAV/html/images/change-fork-name.png +#usr/share/doc/ClamAV/html/images/cisco.png +#usr/share/doc/ClamAV/html/images/clone-your-fork.png +#usr/share/doc/ClamAV/html/images/create-a-fork.png +#usr/share/doc/ClamAV/html/images/demon.png +#usr/share/doc/ClamAV/html/images/flamegraph.svg +#usr/share/doc/ClamAV/html/images/fork-is-behind.png +#usr/share/doc/ClamAV/html/images/logo.png +#usr/share/doc/ClamAV/html/images/new-git-workflow.png +#usr/share/doc/ClamAV/html/images/old-git-workflow.png +#usr/share/doc/ClamAV/html/index.html +#usr/share/doc/ClamAV/html/manual +#usr/share/doc/ClamAV/html/manual/Development +#usr/share/doc/ClamAV/html/manual/Development.html +#usr/share/doc/ClamAV/html/manual/Development/Contribute.html +#usr/share/doc/ClamAV/html/manual/Development/build-installer-packages.html +#usr/share/doc/ClamAV/html/manual/Development/clamav-git-work-flow.html +#usr/share/doc/ClamAV/html/manual/Development/code-coverage.html +#usr/share/doc/ClamAV/html/manual/Development/development-builds.html +#usr/share/doc/ClamAV/html/manual/Development/fuzzing-sanitizers.html +#usr/share/doc/ClamAV/html/manual/Development/github-pr-basics.html +#usr/share/doc/ClamAV/html/manual/Development/libclamav.html +#usr/share/doc/ClamAV/html/manual/Development/performance-profiling.html +#usr/share/doc/ClamAV/html/manual/Development/personal-forks.html +#usr/share/doc/ClamAV/html/manual/Development/testing-pull-requests.html +#usr/share/doc/ClamAV/html/manual/Development/tips-and-tricks.html +#usr/share/doc/ClamAV/html/manual/Installing +#usr/share/doc/ClamAV/html/manual/Installing.html +#usr/share/doc/ClamAV/html/manual/Installing/Add-clamav-user.html +#usr/share/doc/ClamAV/html/manual/Installing/Community-projects.html +#usr/share/doc/ClamAV/html/manual/Installing/Docker.html +#usr/share/doc/ClamAV/html/manual/Installing/Installing-from-source-Unix-old.html +#usr/share/doc/ClamAV/html/manual/Installing/Installing-from-source-Unix.html +#usr/share/doc/ClamAV/html/manual/Installing/Installing-from-source-Windows.html +#usr/share/doc/ClamAV/html/manual/Installing/Packages.html +#usr/share/doc/ClamAV/html/manual/OnAccess.html +#usr/share/doc/ClamAV/html/manual/Signatures +#usr/share/doc/ClamAV/html/manual/Signatures.html +#usr/share/doc/ClamAV/html/manual/Signatures/AllowLists.html +#usr/share/doc/ClamAV/html/manual/Signatures/AuthenticodeRules.html +#usr/share/doc/ClamAV/html/manual/Signatures/BodySignatureFormat.html +#usr/share/doc/ClamAV/html/manual/Signatures/BytecodeSignatures.html +#usr/share/doc/ClamAV/html/manual/Signatures/ContainerMetadata.html +#usr/share/doc/ClamAV/html/manual/Signatures/DatabaseInfo.html +#usr/share/doc/ClamAV/html/manual/Signatures/DynamicConfig.html +#usr/share/doc/ClamAV/html/manual/Signatures/EncryptedArchives.html +#usr/share/doc/ClamAV/html/manual/Signatures/ExtendedSignatures.html +#usr/share/doc/ClamAV/html/manual/Signatures/FileTypeMagic.html +#usr/share/doc/ClamAV/html/manual/Signatures/HashSignatures.html +#usr/share/doc/ClamAV/html/manual/Signatures/LogicalSignatures.html +#usr/share/doc/ClamAV/html/manual/Signatures/PhishSigs.html +#usr/share/doc/ClamAV/html/manual/Signatures/YaraRules.html +#usr/share/doc/ClamAV/html/manual/Usage +#usr/share/doc/ClamAV/html/manual/Usage.html +#usr/share/doc/ClamAV/html/manual/Usage/Configuration.html +#usr/share/doc/ClamAV/html/manual/Usage/ReportABug.html +#usr/share/doc/ClamAV/html/manual/Usage/Scanning.html +#usr/share/doc/ClamAV/html/manual/Usage/Services.html +#usr/share/doc/ClamAV/html/manual/Usage/SignatureManagement.html +#usr/share/doc/ClamAV/html/mark.min.js +#usr/share/doc/ClamAV/html/mode-rust.js +#usr/share/doc/ClamAV/html/print.html +#usr/share/doc/ClamAV/html/searcher.js +#usr/share/doc/ClamAV/html/searchindex.js +#usr/share/doc/ClamAV/html/searchindex.json +#usr/share/doc/ClamAV/html/theme-dawn.js +#usr/share/doc/ClamAV/html/theme-tomorrow_night.js +#usr/share/doc/ClamAV/html/tomorrow-night.css #var/ipfire/clamav var/ipfire/clamav/clamd.conf var/ipfire/clamav/clamd.conf.sample var/ipfire/clamav/freshclam.conf var/ipfire/clamav/freshclam.conf.sample var/lib/clamav -etc/rc.d/init.d/clamav usr/local/bin/clamavctrl diff --git a/lfs/clamav b/lfs/clamav index 4dc996ea4..9076d0f71 100644 --- a/lfs/clamav +++ b/lfs/clamav @@ -24,7 +24,7 @@ include Config -VER = 0.103.3 +VER = 0.104.0 THISAPP = clamav-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -32,14 +32,10 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = clamav -PAK_VER = 56 +PAK_VER = 57 DEPS = -ifeq "$(BUILD_PLATFORM)" "arm" -CONFIGURE_FLAGS = --disable-fanotify -endif - DATABASE_DIR = /var/lib/clamav ############################################################################### @@ -50,7 +46,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_MD5 = f8dcf678953f6af056ddd5917bcc50c3 +$(DL_FILE)_MD5 = 3f4789c09f5a35e9ea580edd5c3e54b6 install : $(TARGET) @@ -83,19 +79,31 @@ $(subst %,%_MD5,$(objects)) : $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) @$(PREBUILD) @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE) - cd $(DIR_APP) && ./configure \ - --prefix=/usr \ - --disable-clamonacc \ - --sysconfdir=/var/ipfire/clamav \ - --with-dbdir=$(DATABASE_DIR) \ - $(CONFIGURE_FLAGS) - cd $(DIR_APP) && make $(MAKETUNING) - cd $(DIR_APP) && make install + + cd $(DIR_APP) && mkdir -pv build + cd $(DIR_APP)/build && cmake .. -G Ninja \ + -DCMAKE_BUILD_TYPE=Release \ + -DCMAKE_INSTALL_PREFIX=/usr \ + -DCMAKE_INSTALL_LIBDIR=/usr/lib \ + -DOPTIMIZE=ON \ + -DBYTECODE_RUNTIME="interpreter" \ + -DENABLE_TESTS=OFF \ + -DENABLE_CLAMONACC=OFF \ + -DENABLE_MILTER=OFF \ + -DENABLE_MAN_PAGES=OFF \ + -DENABLE_EXTERNAL_MSPACK=OFF \ + -DENABLE_FRESHCLAM_DNS_FIX=ON \ + -DAPP_CONFIG_DIRECTORY=/var/ipfire/clamav \ + -DDATABASE_DIRECTORY=$(DATABASE_DIR) + + cd $(DIR_APP)/build && ninja $(MAKETUNING) && ninja install + mkdir -pv $(DATABASE_DIR) chown clamav.clamav -R $(DATABASE_DIR) rm -rfv $(DATABASE_DIR)/*.cvd + mkdir -pv /var/ipfire/clamav cp -rf $(DIR_SRC)/config/clamav/* /var/ipfire/clamav/ - mkdir -p /var/run/clamav + mkdir -pv /var/run/clamav chown clamav:clamav /var/run/clamav #install initscripts $(call INSTALL_INITSCRIPT,clamav)