BUG: clamav packages badly broken
Michael Schwendt
bugs.michael at gmx.net
Mon Dec 31 19:07:27 UTC 2007
On Mon, 31 Dec 2007 11:30:37 -0700, Kevin Fenzi wrote:
> On Sat, 29 Dec 2007 22:40:22 +0100
> bugs.michael at gmx.net (Michael Schwendt) wrote:
>
> > On Sat, 29 Dec 2007 14:06:13 -0700, Kevin Fenzi wrote:
> >
> > > - freshclam should work when the package is installed. Currently it
> > > requires you to comment a line in a script for no reason I can
> > > tell.
> >
> > Cannot find this in bugzilla. The /etc/sysconfig script disables the
> > automatic update on purpose (to prevent unauthorized network access)
> > and warns the user about that default. What is wrong with that?
>
> Where is there a requirement that network access should require
> configuration changes?
It's not mandatory, but it's nice to the user.
> Should we modify any other network accessing
> services to require a config change before using the network?
Installation of a package should not enable a network-using service
automatically. Accessing the network to download data may be seen as a
lesser problem than binding a service to a public port. But both are issues
where the user/admin ought to opt-in rather than opt-out.
> What good would clamav be on a machine thats not on a network and what
> good is it with no up 2 date virus definitions?
This question is biased. The update feature is not missing, it can be
enabled for automated downloads if the software is told to do that.
> > > - The package could not remove the clamav user on removal.
>
> This I guess is part of the fedora-usermanagement setup.
uid/gid removal IMO is a "must not" unless all files with that uid/gid are
removed as well.
> > > I'm sure I could look around for more issues.
> > >
> > > > Why can't a volunteer create and maintain a clamav configuration
> > > > add-on package, which offers a single system-wide clamav daemon if
> > > > that is requested by the clamav user base in Fedora/EPEL?
> > >
> > > I suppose someone could... thats not my issue however. My issues
> > > are in the clamav package itself, not just not having a system wide
> > > clamd.
> >
> > The list is interesting, but it adds more than what I thought has
> > been the primary (only?) issue with the Fedora clamav packages.
>
> Really? So the only real issue you see is that there is no system wide
> clamd setup?
Yes, based on older [similar threads] that was my impression. The typical
clamav-in-fedora critic complains that starting clamd takes more than
installing the package and running a service script. It is certainly not
the first time somebody tried to run the wrapper-script without even
skimming over the readme file.
More information about the epel-devel-list
mailing list