Bug 396171
| Summary: | Review Request: clamav - Anti-virus software (for EPEL) | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Kevin Fenzi <kevin> |
| Component: | Package Review | Assignee: | Nobody's working on this, feel free to take it <nobody> |
| Status: | CLOSED WONTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | rawhide | CC: | bjohnson, fedora-package-review, notting, redhat-bugzilla, rpm, steve, will |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2007-12-17 20:20:22 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Kevin Fenzi
2007-11-23 00:02:23 UTC
Updated the package. I realized a way around the problem with upgrades from the older version was to simply use a different user/group, so the old package wouldn't remove it on postun. With that change, the package now can successfully upgrade from the old ancient version. Testing and comments welcome. Spec URL: http://www.scrye.com/~kevin/fedora/clamav/clamav.spec SRPM URL: http://www.scrye.com/~kevin/fedora/clamav/clamav-0.91.2-3.el5.src.rpm I want to go on the record (again) that I think it is a *horrible* idea to have different versions of clamav in EPEL and Fedora proper. I honestly don't care all that much if we use the Fedora one in EPEL, use this one in Fedora proper, or start over at this point, but we need to pick one. Yeah, I just looked at the amavisd-new spec. ;( It's heavily tied to the wacky way the fedora clamav is setup... (understandably). I guess my plan to have a sane clamav package for epel is pretty doomed. :( Would you be willing to let someone else maintain a amavisd-new package working with this clamav version for epel? I guess if not, we should try (again) to find a group of people willing to maintain the fedora clamav for epel. ;( Just to mention it: At work, I'm using a rebuild of the Fedora Rawhide version from clamav and it works - on RHEL5 and RHEL4 (okay, on RHEL4 I had to do some small modifications to the spec). So, would anyone here be willing to step up and maintain the fedora clamav for epel? I could imagine to do that, if it's necessary, yes. But then the upgrade path has to be solved first, AFAIK the current clamav version in EPEL is not compatible with the latest one. And I've to mention again, that clamav upstream is IMHO very evil, means they're introducing updates which can break compatibility. And how to handle them within EPEL once more? At work this is so far no problem, because all machines are maintained at least a bit by me. Kevin, what is the reason, that you're maybe switching to Fedora clamav rather using the original package based on DAG you prepared for EPEL review? Well, the current amavisd-new package is very heavily tied to the way the fedora clamav package is setup, and the maintainer (justly) doesn't want to try and maintain two very different packages, one for fedora, one for epel. I guess if someone was willing to step up and maintain a amavisd-new spec that works with this clamav that might work. Would that be acceptable to you Steve? Otherwise, as much as I dislike the fedora clamav package, the easier course seems to be to try and find someone willing to maintain it for epel and close this version off. As for upgrades: - Anyone using the 0.88.4 version for epel already pretty much has a broken setup. It's vulnerable to a number of security issues, and it doesn't even catch many of the viruses anymore, since the functionality level is so old: WARNING: Current functionality level = 8, recommended = 21 I personally don't know anyone who uses this version. All the machines I maintain use the dag version. Other folks I have talked to also use other 3rd party repo versions. - There is a script available to convert old format conf files to new format. It could be run in a post. - Sadly, the way the fedora package works means upgrading will get you back to the same state as if you just installed the package, where it will not work until you edit some config files. I don't see that as worse than having a vulnerable/old/useless version however. Worst case, the package doesn't scan, which is only slightly worse than running the 0.88.x version. Yes, the package would need to be updated a lot as upstream changes things. Sadly, thats just the way it would need to be IMHO. The config file format only has changed once that I know of. (In reply to comment #5) > So, would anyone here be willing to step up and maintain the fedora clamav for > epel? I said before (on the mailing list) that I will. (I'm not at all pleased by it, but I'll do it. :-) ok. Perhaps you can get a few more people interested co-maintaining as well? In that case can you take over ownership in pkgdb https://admin.fedoraproject.org/pkgdb/packages/name/clamav and push 0.91.2 versions for both EL4 and EL5? |