Description of problem: The source and the binary RPM of sagator contain EICAR files. In particular they are in the UPSTREAM tarball in the test directory. EICAR provides a standardized test file for signature based virus detection software (http://www.eicar.org/anti_virus_test_file.htm). The presence of the EICAR files could prohibits the package installation if the yum repository access is not by a direct Internet connection but it is mediated by a antivirus/gateway proxy. For example this problem happen to me because the my Internet Access use the suite proxy/gateway Finjan (http://www.finjan.com/) Version-Release number of selected component (if applicable): 1.1.0-1.el5 How reproducible: Extract fron the source rpm the upstream tarball and execute clamscan(1) on it: #clamscan -v sagator-1.1.0.tar.bz2 LibClamAV Warning: *********************************************************** LibClamAV Warning: *** This version of the ClamAV engine is outdated. *** LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/support/faq *** LibClamAV Warning: *********************************************************** Scanning sagator-1.1.0.tar.bz2 sagator-1.1.0.tar.bz2: Eicar-Test-Signature FOUND ----------- SCAN SUMMARY ----------- Known viruses: 533398 Engine version: 0.94.2 Scanned directories: 0 Scanned files: 1 Infected files: 1 Data scanned: 0.68 MB Time: 1.680 sec (0 m 1 s) Thereafter open the tarball and execute clamscan(1) on the directory. #tar -jxvf sagator-1.1.0.tar.bz2 #clamscan -r -v sagator-1.1.0 | grep -i eicar LibClamAV Warning: *********************************************************** LibClamAV Warning: *** This version of the ClamAV engine is outdated. *** LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/support/faq *** LibClamAV Warning: *********************************************************** sagator-1.1.0/test/pack/rtest.zip: Eicar-Test-Signature FOUND sagator-1.1.0/test/pack/test.zip: Eicar-Test-Signature FOUND LibClamAV Warning: RAR code not compiled-in Scanning sagator-1.1.0/test/Eicar sagator-1.1.0/test/Eicar: Eicar-Test-Signature FOUND Steps to Reproduce: 1. Define the in epel.conf the proxy host 2. try yum installa sagator 3. Actual results: The install fail (e.g. the antivirus proxy block the download ). Expected results: The install succed. Additional info: The simple patch to the spec file below drop the EICAR files from being packaged in the docdir. IMHO, no problem to drop this files from the main package. --- sagator.spec 2008-07-14 12:06:54.000000000 +0200 +++ sagator.spec 2009-03-25 12:11:01.000000000 +0100 @@ -97,6 +97,10 @@ make DESTDIR=%{buildroot} PREFIX=%{_prefix} install rm -f %{buildroot}%{_datadir}/sagator/etc/sgconf.py* \ scripts/mkchroot.sh scripts/graphs/*.in +# Drop from builddir EICAR test files : don't want to package these in %%doc. +# They block the package install if yum repository is mediated by an antivirus proxy +rm -f test/pack/rtest.zip test/pack/test.zip test/Eicar + touch %{buildroot}%{_datadir}/%{name}/etc/sgconf.py_ ln -s ../../../..%{_sysconfdir}/sagator.conf \ %{buildroot}%{_datadir}/%{name}/etc/sgconf.py ************* If agree that this is a bug I can reopen the same as duplicated for the FC release.
Thank you for reporting this bug. I think you are right, this testing pattern should be removed from sagator package. There was considerations about removal of this file in past, but it was not removed. Do you think, remove upstream will be enough and this will be fixed after release of new version of sagator? Removing of this file is an feature downgrade, bacause users can't test their configuration. I can remove this for sagator-1.2, but I think it's not a good idea to remove this file for stable release. EPEL buildsystem is down some days ago, so I can't built sagator-1.1.1 or any other update for EPEL's. :-(
Sagator-1.2.0-beta changelog: - viruses removed from test/ directory and added download_viruses.sh shell script
(In reply to comment #2) > Sagator-1.2.0-beta changelog: > > - viruses removed from test/ directory and added download_viruses.sh > shell script Great. This is the perfect solution. Thanks very much.
(In reply to comment #2) > Sagator-1.2.0-beta changelog: > > - viruses removed from test/ directory and added download_viruses.sh > shell script Is it necessary for you that i open the bug - as a duplicate - also for FC release ?
Closing this bug, because it's fixed upstream. Will be fixed in future. If you need a solution soon, feel free to reopen it.
(In reply to comment #4) > (In reply to comment #2) > > Sagator-1.2.0-beta changelog: > > > > - viruses removed from test/ directory and added download_viruses.sh > > shell script > > Is it necessary for you that i open the bug - as a duplicate - also for FC > release ? If you think, it have to be fixed in current stable, just tell me. Otherwise it will be fixed automatically, when sagator-1.2 will go into Fedora/EPEL. If you want to test latest beta version, there are yum repositories upstrem: http://www.salstar.sk/sagator/download.php In 1.2.0-0.beta20 this problem has already been fixed.
If possible would be preferibile to have a backport fix in the actual release. We have every daily alarms from the software antivirus because I have realized a internal daily mirror of the EPEL repo. Thanks in advance. Elia
OK, done. Applied to EL-4 and EL-5. http://buildsys.fedoraproject.org/logs/fedora-5-epel/1852-sagator-1.1.1-4.el5 http://buildsys.fedoraproject.org/logs/fedora-4-epel/1855-sagator-1.1.1-4.el4
Thank a lot. Not matter when i will follow your project : good project, best mantainer :=)