[Spacewalk-list] Fwd: Virus Scanning during patching of systems
Glen Collins
glenc2004 at comcast.net
Tue Nov 18 21:46:10 UTC 2014
Hi Avi, thanks for the info. I got it working like I pretty much want. For
everyone else that might be interested in this here is what I came up
with....
In: /usr/lib/yum-plugins/mcafee.py
----------------------------------------------
from yum.plugins import PluginYumExit, TYPE_CORE, TYPE_INTERACTIVE
import subprocess, os
requires_api_version = '2.3'
plugin_type = (TYPE_CORE, TYPE_INTERACTIVE)
def predownload_hook(conduit):
if os.path.isfile("/etc/init.d/nails"):
conduit.info(2, '\nStopping McAfee Virus Scanner\n')
subprocess.call(["/sbin/service", "nails", "stop"],
stdout=open(os.devnull, "w"), stderr=subprocess.STDOUT)
def posttrans_hook(conduit):
if os.path.isfile("/etc/init.d/nails"):
conduit.info(2, '\nStarting McAfee Virus Scanner\n')
subprocess.call(["/sbin/service", "nails", "start"],
stdout=open(os.devnull, "w"), stderr=subprocess.STDOUT)
----------------------------------------------
In: /etc/yum/pluginconf.d/mcafee.conf
----------------------------------------------
[main]
enabled=1
----------------------------------------------
So when I either install or remove a package, the nails process is stopped
and restarted.
----------------------------------------------
Downloading Packages:
*Stopping McAfee Virus Scanner*
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Erasing : augeas-1.0.0-7.el6.x86_64
1/2
Erasing : augeas-libs-1.0.0-7.el6.x86_64
2/2
*Starting McAfee Virus Scanner*
Verifying : augeas-libs-1.0.0-7.el6.x86_64
1/2
Verifying : augeas-1.0.0-7.el6.x86_64
2/2
Removed:
augeas.x86_64 0:1.0.0-7.el6
augeas-libs.x86_64 0:1.0.0-7.el6
Really wanted the process to restart after the "Removed" is printed, but if
I did that, everything done in yum would try and start the nails process.
Not good!
Just thought I'd share with you all!
Regards,
Glen Collins
On Mon, Nov 17, 2014 at 8:20 PM, Avi Miller <avi.miller at oracle.com> wrote:
> Hey,
>
> > On 18 Nov 2014, at 3:00 pm, Glen Collins <glenc2004 at comcast.net> wrote:
> >
> > Hello all. I'm wondering what the best approach is to turn off virus
> scanning during patching of a system. Having it turned on while spacewalk
> patches a system can take a lot longer to complete if it's turned on. I'm
> wondering what the best approach to automate this and turn it off and back
> on again after patching.
>
> Take a look at the yum-plugin-post-transaction-actions package which
> enables yum to run specific actions after a transaction that updates
> packages is completed. You could probably use it as a starting point to
> creating a plugin to run actions prior to the transaction as well.
>
> Cheers,
> Avi
>
> --
> Oracle <http://www.oracle.com>
> Avi Miller | Product Management Director | +61 (3) 8616 3496
> Oracle Linux and Virtualization
> 417 St Kilda Road, Melbourne, Victoria 3004 Australia
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20141118/b830481d/attachment.htm>
More information about the Spacewalk-list
mailing list