Red Hat Bugzilla – Bug 173221
Packaging Problems (RPM Dependency, Configuration Files)
Last modified: 2007-11-30 17:11:17 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc3 Firefox/1.0.7
Description of problem:
clamav-server needs to have the configuration files installed even if they are defaulted/disabled. I don't think a readme file telling people to manually copy files is a tenable solution. (besides clamav-update has it's configuration in /etc/freshclam.conf upon installation) Moreover, if I do what your readme file says to do, future package upgrades could cause a problem since rpm -e/-U won't remove/rename those files that I copied -- which might cause weird and hard to debug problems later on when yum tries to upgrade the package.
One package put its config file in /etc (clamav-update) while another put its config file in /etc/clamd.d (clamav-milter). Can't you just have one location? Where is the proper location for clamd.conf? Hand running clamd says it's expecting the config file to reside in /etc/clamd not /etc/clamd.d/clamd.conf -- which is, btw, different than what your readme file says.
clamav-milter's spec file needs to add a dependency for clamav-server, so yum picks it up correctly.
Clamdscan is in clamav, but has a dependency on clamd (clamav-server) and should really be put in that package.
clamav has the clamd.conf and freshclam.conf man pages. These need to be in the respective packages.
Those are the bugs I've found with the packaging. Everything below this point is opinion.
=========== Opinion Start ============
If you look how yum was packaged, there wasn't a yum-update package split off of it. Also, yum puts a file in /etc/cron.daily instead of /etc/cron.d. If I were doing it, I'd do it the way the yum package does it. The reason is that the user can turn it on and off without editing the /etc/sysconfig/freshclam file by hand.
clamav-lib, clamav-data, clamav, clamav-update should be merged into one package. It doesn't make much sense to split these out. Plus you don't have to worry about getting all the dependencies right. clamav-data will just be overwritten over time anyway, and only a small minority of people will not want to run freshclam to get updates, which starts out disabled anyway. So, make it simple for us, eh?
If you look at how sendmail server is packaged, it comes with a default config in /etc/mail, not in /usr/share/something/something.cf. FC3/4/5/etc are meant to be run on small systems. Why not just have everything work out of the box with a working configuration file? If you don't want it working out of the box, how about just saving the person who's installing the package some time by putting a commented out one instead?
========= Opinion End =========
Version-Release number of selected component (if applicable):
clamav-0.87.1-1.fc3 and related variants
Steps to Reproduce:
Well... try yum install clamav-milter. Note that after installation the package doesn't work. And it's not clear why it's not either.
Actual Results: clamav-milter didn't work. I couldn't run freshclam to get the latest updates since that was squirrelled away in a different package. It took a lot of debugging, and if yum updates it again, it's going to take an hour of extra steps just to get it right.
Expected Results: After installing, I should have just edited a few config files, started clamd and the milter, and been on my merry way.
Description of problem:
> One package put its config file in /etc (clamav-update) while another
> put its config file in /etc/clamd.d (clamav-milter). Can't you just
> have one location?
/etc/clamd.d is for a class of configuration files while
/etc/freshclam.conf is a single file. Creating a dirtree like
| `-- clamav
| |-- clamd.d/
| `-- freshclam.conf
would create more complication without giving a gain. So a WONTFIX for
> Where is the proper location for clamd.conf?
There can not be a common 'clamd.conf'. Therefore, there does not
exist such a proper location.
> Hand running clamd says it's expecting the config file to reside in
> /etc/clamd not /etc/clamd.d/clamd.conf -- which is, btw, different
> than what your readme file says.
I can not find the place where the README is telling this. Can you
point me to the exact place?
> clamav-milter's spec file needs to add a dependency for clamav-server,
> so yum picks it up correctly.
NOTABUG. clamav-milter does *NOT* need a clamd instance by default.
> Clamdscan is in clamav, but has a dependency on clamd (clamav-server)
> and should really be put in that package.
Why should clients put into the server package? Last time when I looked,
apache 'httpd' package does neither ship firefox nor konqueror ;)
Correct fix would be a separate '-client' subpackage for the client
program. But because this is some overkill and 'clamdscan' does not
introduce additional dependencies, I keep it in the base package.
> clamav has the clamd.conf and freshclam.conf man pages. These need
> to be in the respective packages.
Thx; freshclam.conf was moved into -update. 'clamd.conf' now is both
in base and in -server.
> If you look how yum was packaged, there wasn't a yum-update package
> split off of it. Also, yum puts a file in /etc/cron.daily instead
> of /etc/cron.d. If I were doing it, I'd do it the way the yum
> package does it. The reason is that the user can turn it on and
> off without editing the /etc/sysconfig/freshclam file by hand.
WONTFIX; only a daily update of the antivirus database would not be
> clamav-lib, clamav-data, clamav, clamav-update should be merged
> into one package. It doesn't make much sense to split these out.
> Plus you don't have to worry about getting all the dependencies
> right. clamav-data will just be overwritten over time anyway, and
> only a small minority of people will not want to run freshclam to
> get updates, which starts out disabled anyway. So, make it simple
> for us, eh?
WONTFIX; I hate it when a package contains lot of programs with
different functionality. Usually, this creates a huge dependency
Normal users will need only a
| # yum install clamav clamav-update
> Well... try yum install clamav-milter. Note that after installation
> the package doesn't work. And it's not clear why it's not either.
1. # yum install clamav-milter sendmail-cf make
2. # chkconfig clamav-milter on (I won't change that...)
2. ... put the
INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav-milter/clamav.sock, F=, T=S:4m;R:4m')dnl
line into /etc/mail/sendmail.mc
3. remove the 'Example' from /etc/clamd.d/milter.conf (I won't change that...)
4. add a '-l' to the options in /etc/sysconfig/clamav-milter (needed
for tests in local LAN and documentation discourages this flag; so
I won't change that)
5. reboot (or 'service clamav-milter restart && service sendmail restart')
6. $ telnet 192.168.46.243 25
220 kosh.bigo.ensc.de ESMTP Sendmail 8.13.4/8.13.4; Tue, 15 Nov 2005 14:02:59 -0500
250-kosh.bigo.ensc.de Hello londo.bigo.ensc.de [192.168.46.6], pleased to meet you
250-AUTH DIGEST-MD5 CRAM-MD5
MAIL FROM: ensc@XXX
250 2.1.0 ensc@XXX... Sender ok
RCPT TO: ensc@YYY
250 2.1.5 ensc@YYY... Recipient ok
354 Enter mail, end with "." on a line by itself
...<removed by me to avoid filtering>...$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
554 5.7.1 virus Eicar-Test-Signature detected by ClamAV - http://www.clamav.net
Thanks for responding to my bug report.
Once I realized that you've got things going on in /etc/clamd.d to replace the
lone /etc/clamd.conf ... things started making more sense. I was stuck on the
fact that freshclam couldn't parse /etc/clamd.conf. "Where the hell is
/etc/clamd.conf?" And then a lot of your responses started to make sense.
The other thing is that I was thinking that clamd provided a UNIX socket only,
and I guess I didn't realize/remember last night that it can be configured with
a TCP socket as well.
So most of what I thought were bugs were actually not, I withdraw my bug
complaint. I'll chalk that up to a late night, and misunderstandings on my part.
It's clear that we have different philosophies, on packaging. I want something
that works out of the box. You want to make sure there's flexibility for
administrators -- that's something I can appreciate. I just think that if I yum
install clamav-milter I should get freshclam as well. And when I run freshclam
it updates the db instead of spitting out:
[root@crow clamav-server-0.87.1]# freshclam
ERROR: Please edit the example config file /etc/freshclam.conf.
ERROR: Can't parse the config file /etc/clamd.conf
Note that it was the second message that I was spinning in circles about. I
didn't think that clamav-milter was useful unless freshclam is working anyway.
But apparently, yum install clamav-milter does work -- although is not very useful.
Again different package philosophies. I'll go see what other packagers are
doing, I think.
BTW, here's the readme file I was looking at:
You'll see things that look like this:
>> * set the correct value for the logfile
>> * place it into /etc/logrotate.d
>> * set the name of the config-file and the local socket
>> * copy it to /etc/sysconfig/clamd.<SERVICE>
>> * set the service-name
>> * place it into /etc/init.d/ with an unique name and activate it
>> (e.g. with /sbin/chkconfig clamd.<SERVICE> on)