clamav/clamav.spec
Marcus Meissner a0b6eedea9 Accepting request 147180 from home:AndreasStieger:branches:security
- update daily.cvd to ver. 16364 
  released on 04 Jan 2013 20:37 :0500 (sig count: 492103)
- add cvd signature verification to %check section
- make Release field of clamav-db package contain cvd file versions

OBS-URL: https://build.opensuse.org/request/show/147180
OBS-URL: https://build.opensuse.org/package/show/security/clamav?expand=0&rev=70
2013-01-05 14:28:49 +00:00

305 lines
9.0 KiB
RPMSpec

#
# spec file for package clamav
#
# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
Name: clamav
BuildRequires: ncurses-devel
BuildRequires: sed
BuildRequires: sendmail
BuildRequires: sendmail-devel
%define llvm --disable-llvm
%if 0%{?suse_version} >= 1010
BuildRequires: bc
BuildRequires: pkgconfig
BuildRequires: zlib-devel
%ifarch %ix86 x86_64
%define llvm --enable-llvm
# Needed for compiling LLVM.
BuildRequires: gcc-c++
%endif
%endif
%if 0%{?suse_version} >= 1030
BuildRequires: check-devel
BuildRequires: libbz2-devel
BuildRequires: pwdutils
BuildRequires: python-devel
%define clamav_check --enable-check
%else
BuildRequires: bzip2
%define clamav_check --disable-check
%endif
Summary: Antivirus Toolkit
License: GPL-2.0
Group: Productivity/Security
# version updates should also fetch the current cvd files for the db subpackage
Version: 0.97.6
Release: 0
Url: http://www.clamav.net
Requires: latex2html-pngicons
Obsoletes: clamav-db < 0.88.3
PreReq: %_sbindir/groupadd %_sbindir/useradd %_sbindir/usermod
PreReq: /usr/bin/awk /bin/sed /bin/tar
PreReq: %insserv_prereq
Source0: %{name}-%{version}.tar.gz
Source1: clamav-rcclamd
Source2: clamav-rcfreshclam
Source3: clamav-updateclamconf
Source4: clamav-rpmlintrc
Source5: clamav-rcmilter
# http://db.local.clamav.net/main.cvd
%define main_cvd_version 54
Source6: main-%{main_cvd_version}.cvd
# http://db.local.clamav.net/daily.cvd
%define daily_cvd_version 16364
Source7: daily-%{daily_cvd_version}.cvd
Patch1: clamav-conf.patch
Patch2: clamav-sles9.patch
Patch3: clamav-gcc47.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
ClamAV is an open source (GPL) antivirus engine designed for detecting
Trojans, viruses, malware and other malicious threats. It is the de
facto standard for mail gateway scanning. It provides a high
performance mutli-threaded scanning daemon, command line utilities for
on demand file scanning, and an intelligent tool for automatic
signature updates. The core ClamAV library provides numerous file
format detection mechanisms, file unpacking support, archive support,
and multiple signature languages for detecting threats.
%package db
Summary: Virus Database for ClamAV
License: BSD-3-Clause and GPL-2.0+ and LGPL-2.1+ and SUSE-Public-Domain and MIT
Group: Productivity/Security
PreReq: clamav sed /bin/cp /usr/bin/awk /bin/rm
%if 0%{?suse_version} > 1120
BuildArch: noarch
%endif
Version: %{version}
Release: %{main_cvd_version}.%{daily_cvd_version}.<CI_CNT>.<B_CNT>
%description db
This package contains a snapshot of the virus description database for
ClamAV. It is not needed if you use freshclam to keep your virus
database up to date.
Authors:
--------
Tomasz Kojm
Nigel Horne
%prep
%setup -q
%patch1
%if 0%{?suse_version} == 0910
# SLES9's libmilter doesn't have smfi_insheader()
%patch2
%endif
%patch3 -p1
%build
%if 0%{?suse_version} >= 1010
CFLAGS="-fstack-protector"
CXXFLAGS="-fstack-protector"
%endif
export CFLAGS="%optflags $CFLAGS"
export CXXFLAGS="%optflags $CXXFLAGS"
%if 0%{?suse_version} == 0910
# SLES9 needs this macro to enable the quarantine feature in libmilter
CFLAGS="$CFLAGS -D_FFR_QUARANTINE -D_FFR_SMFI_OPENSOCKET"
%endif
./configure \
--prefix=%_prefix \
--libdir=%_libdir \
--mandir=%_mandir \
--sysconfdir=%_sysconfdir \
--disable-clamav \
--disable-static \
--with-dbdir=/var/lib/clamav \
--with-user=vscan \
--with-group=vscan \
--enable-milter \
%clamav_check \
%llvm \
--disable-zlib-vcheck \
--enable-clamdtop \
--disable-timestamps
make %{?jobs:-j%jobs}
%install
%makeinstall
ln -sf docs/html/{clamdoc,index}.html
mkdir -p %buildroot/etc/init.d
install -m755 %SOURCE1 %buildroot/etc/init.d/clamd
ln -s /etc/init.d/clamd %buildroot%_sbindir/rcclamd
install -m755 %SOURCE2 %buildroot/etc/init.d/freshclam
ln -s /etc/init.d/freshclam %buildroot%_sbindir/rcfreshclam
install -m755 %SOURCE5 %buildroot/etc/init.d/clamav-milter
ln -s /etc/init.d/clamav-milter %buildroot%_sbindir/rcclamav-milter
install -m755 %SOURCE3 %buildroot%_sbindir/updateclamconf
install -d -m755 %buildroot/var/lib/clamav
touch %buildroot/var/lib/clamav/{clamd,freshclam}.pid
install -m755 %SOURCE6 %buildroot/var/lib/clamav/main.cvd
install -m755 %SOURCE7 %buildroot/var/lib/clamav/daily.cvd
for f in %buildroot/var/lib/clamav/*.cvd; do
mv $f $f.dist
touch $f
done
touch %buildroot/var/lib/clamav/{main,daily}.cld
mkdir -p %buildroot/var/spool/amavis
%if 0%{?suse_version} > 1020
rm %buildroot/%_libdir/*.la
%endif
# Remove bogus dependencies from libclamav.pc
sed -i 's/^Libs: .*/Libs: -lclamav/' %buildroot%_libdir/pkgconfig/libclamav.pc
%check
# signature check using installed clamav sigtool
LD_LIBRARY_PATH="%buildroot%{_libdir}" "%buildroot%{_bindir}/sigtool" --info %buildroot/var/lib/clamav/main.cvd.dist
LD_LIBRARY_PATH="%buildroot%{_libdir}" "%buildroot%{_bindir}/sigtool" --info %buildroot/var/lib/clamav/daily.cvd.dist
# Check that cvd version matches versions declared in package
test "$(head -c512 %SOURCE6 | cut -d: -f3)" = "%{main_cvd_version}"
test "$(head -c512 %SOURCE7 | cut -d: -f3)" = "%{daily_cvd_version}"
# regressoin tests
%if !0%{?qemu_user_space_build:1}
VALGRIND_GENSUP=1 make check
%endif
%files
%defattr(-,root,root,-)
%config(noreplace) %_sysconfdir/*.conf
%config %attr(744,root,root)/etc/init.d/*
%doc AUTHORS BUGS ChangeLog COPYING FAQ NEWS README UPGRADE
%doc docs/*.pdf docs/html
%doc %_mandir/*/*
%_bindir/*
%_sbindir/*
%_includedir/*
%_libdir/lib*
%_libdir/pkgconfig/libclamav.pc
%defattr(-,vscan,vscan)
%dir %attr(700,vscan,root) /var/spool/amavis
%dir /var/lib/clamav
%ghost /var/lib/clamav/*.pid
%ghost /var/lib/clamav/*.cld
%ghost /var/lib/clamav/*.cvd
%files db
%defattr(-,vscan,vscan)
%dir /var/lib/clamav
/var/lib/clamav/*.cvd.dist
%pre
%_sbindir/groupadd -r vscan 2> /dev/null || :
%_sbindir/useradd -r -o -g vscan -u 65 -s /bin/false -c "Vscan account" -d /var/spool/amavis vscan 2> /dev/null || :
%_sbindir/usermod vscan -g vscan 2> /dev/null || :
%post
/sbin/ldconfig
# merge config files on update
test "0$1" -lt 2 && exit 0
umask 022
for f in /etc/clamd.conf /etc/freshclam.conf /etc/clamav-milter.conf; do
if test -e $f.rpmnew; then
echo "Merging $f and $f.rpmnew"
%_sbindir/updateclamconf -v override="$OVERRIDE" $f $f.rpmnew > $f.tmp
if test $? == 0; then
mv $f $f.old
mv $f.tmp $f
else
echo "Merging $f with $f.rpmnew failed"
fi
fi
done
# convert virus database file format when updating from < 0.93
DBDIR=$(awk '/^[[:space:]]*DatabaseDirectory/{print $NF}' /etc/clamd.conf)
cd ${DBDIR:=/var/lib/clamav}
umask 022
TMPFILE=$PWD/tmp.$$
for type in main daily; do
rm -f $TMPFILE
if test ! -f $type.cvd -a ! -f $type.cld -a -d $type.inc; then
cd $type.inc
test -f COPYING -a -f $type.info -a -f $type.db \
-a -f $type.hdb -a -f $type.mdb -a -f $type.ndb \
-a -f $type.zmd -a -f $type.fp || continue
awk 'NR==1{printf $0; for (i=length($0); i<512; i++) printf " "}' \
$type.info > $TMPFILE || continue
tar -c -f- COPYING $type.info $type.db $type.hdb $type.mdb \
$type.ndb $type.zmd $type.fp >> $TMPFILE || continue
cd ..
if test -f $TMPFILE; then
chown --reference $type.inc $TMPFILE 2>/dev/null
mv $TMPFILE $type.cld
fi
fi
done
rm -f $TMPFILE
%triggerpostun -- %name < 0.88.3
# Move clamav.conf to clamd.conf when updating from an old version
# and inform the admin about the rename.
cd /etc
if test -e clamav.conf.rpmsave -a ! -e clamd.conf.rpmnew; then
mv clamd.conf clamd.conf.rpmnew
mv clamav.conf.rpmsave clamd.conf
cat > clamav.conf <<-EOF
# clamd.conf has been renamed to clamav.conf.
# This file can be removed.
EOF
%restart_on_update clamd
fi
%preun
%stop_on_removal clamd freshclam
%postun
/sbin/ldconfig
%restart_on_update clamd freshclam
%insserv_cleanup
%post db
# determine the version number of a given database file
getversion() {
if test -f "$1"; then
/usr/bin/sigtool -i "$1" | sed -n '/^Version: /s///gp'
else
# a non-existing file is assumed to have version 0
echo 0
fi
}
DBDIR=$(awk '/^[[:space:]]*DatabaseDirectory/{print $NF}' /etc/clamd.conf)
cd ${DBDIR:=/var/lib/clamav}
for f in main daily; do
vdist=$(getversion $f.cvd.dist)
vcvd=$(getversion $f.cvd)
vcld=$(getversion $f.cld)
v=$((vcld > vcvd ? vcld : vcvd))
if test $vdist -gt $v; then
cp -a $f.cvd.dist $f.cvd
rm -f $f.cld
fi
done
%changelog