Bug 456804

Summary: [RFE] dansguardian 2.8.x + dgav patch or >= 2.9 (includes dgav patch)
Product: [Fedora] Fedora Reporter: shrek-m <shrek-m>
Component: distributionAssignee: Bill Nottingham <notting>
Status: CLOSED DEFERRED QA Contact: Bill Nottingham <notting>
Severity: medium Docs Contact:
Priority: low    
Version: rawhideCC: dcantrell, katzj, rvokal
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
URL: http://dansguardian.org/downloads/2/
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-08-03 03:10:42 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description shrek-m 2008-07-27 14:14:01 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1

Description of problem:
please add dansguardian and dgav in future releases or epel

http://dansguardian.org/downloads/2/
http://sourceforge.net/projects/dgav/


i am really surprised that  dansguardian  and  dgav  are not in fedora or rhel.
iirc  i filed a RFE several years ago without luck, no problem.


but in the year 2008 i am really wondering.
the increasing numbers to spread viruses via links to compromised webservers is a problem and what i can see is that  squid + dg + dgav  are doing a really good job.


we (edu) will soon update our rhl 7.3, fc3, fc4 boxes (squid, dansguardian)  which had aboslutely no problems in all this years.


fedora or rhel (edu) without dansguardian 2.8.x + dgav patch  or  >= 2.9 (includes dgav patch) in the  *repos*  makes no longer sence in our environment.

Version-Release number of selected component (if applicable):


How reproducible:
Always


Steps to Reproduce:
1. yum list dansguardian dgav

Actual Results:
No Package Matching dansguardian dgav


Expected Results:
dansguardian.x86_64
dgav.x86_64

Additional info:
the  dansguardian-2.8.0.6-1.fc4.i386.rpm  seems to work under fc9.x86_64

the missing logrotate files from the dansguardian sources or rpms are created in a short period of time
Comment 1 Bill Nottingham 2008-07-28 16:32:05 UTC 
Are you willing to maintain it?
Comment 2 Bill Nottingham 2008-07-28 16:36:10 UTC 
Also, that has a rather... odd... license.
Comment 3 shrek-m 2008-08-01 22:36:35 UTC 
sorry, i have absolutely *no* time, this is the reason i RFE
= i am not willing and not able to maintain it


the DG2 license is GPLv2 and the restriction is only for the *download* from his
side, at least my understanding.


----
http://dansguardian.org/?page=copyright2
DansGuardian 2 - download from this site restrictions for commercial use
For all non-commercial[1] use you are free, without cost, allowed to download
DansGuardian from this site.
For all commercial[2] use permission to download DansGuardian from this website
is restricted.

The restrictions on the downloading for commercial use from this site are that
you may only download it once for free. This will enable you to try out the
software before making a decision to purchase a commercial licence to download
it. In order to download updates, bug fixes, etc, from this site you must
purchase a download licence. Once you have a copy of the software there are no
restrictions on use commercial or otherwise. It is purely GPL software. You can
download or obtain DansGuardian from many sources and I place no restriction on
those. It is only the downloading from this site that is restricted. 

Definitions
[1] Non-Commercial Use: Includes home users, installation and use by educational
establishment employees, and other non-profit making organisations such as
charities, social clubs, government establishments, etc. Also includes unix-like
general purpose distributions like Debian, Fedora, Ubuntu, FreeBSD, etc
[2] Commercial Use: Use (running, selling, installing for a charge, installing
as part of a service, developing further and selling, using as part of a
product) by any commercial or non-commercial organisation. Commercial use
specifically excludes use (running and installing) by educational establishments
and others listed under non-commercial use. Commercial use specifically excludes
the act of selling DansGuardian 2 as part of an unix-like OS distribution by
companies such as RedHat or Mandrake or their resellers. 
----



the dansguardian rpm for fc4 seems to be no problem under rhel 5.1
= i will test it for a while and i see if it is ok for us.

if it works for 6 months / 1 year without problems and it survives several
redhat updates i can live without dg in a redhat/fedora repo.



# cat /etc/redhat-release  ; rpm -Uvh dansguardian-2.8.0.6-1.fc4.i386.rpm 
Red Hat Enterprise Linux Server release 5.1 (Tikanga)
Vorbereiten...              ########################################### [100%]
   1:dansguardian           ########################################### [100%]

Be sure to change your /etc/dansguardian/dansguardian.conf to reflect your own
settings. Special attention must be given to the port that squid listens on,
the port that dansguardian will listen to and to the web url to the
dansguardian.pl cgi-script.

If you are not using dansguardian.pl (reportinglevel = 3, default) you may
customize /etc/dansguardian/languages/language_folder/template.html.

Built by: Fr. Visminlu Vicente L. Chua, S.J.
chuavv.hcc.edu.tw

# head -2 /usr/share/doc/dansguardian-2.8.0.6/LICENSE 
		    GNU GENERAL PUBLIC LICENSE
		       Version 2, June 1991

# service squid start
squid starten: .                                           [  OK  ]

# service dansguardian start
Starting dansguardian:                                     [ OK ]

# service dansguardian status
Parent DansGuardian pid:31598
[root@simba download]# chkconfig dansguardian --list
dansguardian   	0:Aus	1:Aus	2:Aus	3:Ein	4:Aus	5:Ein	6:Aus

# lsof -i :8080
COMMAND     PID   USER   FD   TYPE  DEVICE SIZE NODE NAME
dansguard 31598 nobody    4u  IPv4 4453531       TCP *:webcache (LISTEN)
dansguard 31601 nobody    4u  IPv4 4453531       TCP *:webcache (LISTEN)
dansguard 31602 nobody    4u  IPv4 4453531       TCP *:webcache (LISTEN)
dansguard 31604 nobody    4u  IPv4 4453531       TCP *:webcache (LISTEN)
dansguard 31605 nobody    4u  IPv4 4453531       TCP *:webcache (LISTEN)
dansguard 31606 nobody    4u  IPv4 4453531       TCP *:webcache (LISTEN)
dansguard 31607 nobody    4u  IPv4 4453531       TCP *:webcache (LISTEN)
dansguard 31608 nobody    4u  IPv4 4453531       TCP *:webcache (LISTEN)
dansguard 31609 nobody    4u  IPv4 4453531       TCP *:webcache (LISTEN)
Comment 4 shrek-m 2008-08-02 09:35:02 UTC 
oops, in the dg sources are logrotation scripts

/usr/local/dansguardian-2.9.9.5/data/scripts/dansguardian.in 
/usr/local/dansguardian-2.9.9.5/data/scripts/logrotation.in


--------
SPEC examples:

mandriva
2006
http://cvs.mandriva.com/cgi-bin/viewvc.cgi/SPECS/DansGuardian/DansGuardian.spec?view=markup


dag wieers has SPEC files for suse and his repos.
2004 http://dansguardian.org/downloads/2/Stable/SUSE/dansguardian.spec
2006 http://dag.wieers.com/rpm/packages/dansguardian/dansguardian.spec


i am not sure if the  conf.d/  file for apache is necessary because the
accessdeniedaddress is *not* used in the default "reportinglevel = 3" and the
default address is "cgi-bin"
#accessdeniedaddress = 'http://YOURSERVER.YOURDOMAIN/cgi-bin/dansguardian.pl'


my understanding in the 2004 dag wieers suse SPEC, he checks for squid.
dansguardian need a http-proxy but this must not be squid and it must not be on
the same machine.
Comment 5 Bill Nottingham 2008-08-03 03:10:42 UTC 
Closing for now - without a willing maintainer, it's not going to go in.

As an aside, I find the licensing terms, while legal, tacky. While we could include it in Fedora, some people who use Fedora would be unable to get any updates direct from upstream without an additional license fee, just depending on how they used it. Considering that one of the goals for Fedora is free redistribution for anyone for both commerical and non-commercial use, it runs against the spirit, if not the letter, of the guidelines.