Hi there,
On Sun, 1 Sep 2019, Thomas Barth via clamav-users wrote:
Am 2019-08-31 20:35, schrieb G.W. Haywood via clamav-users:
That's exactly what the patch in #10979 does. ...
And where can I find this patch?
If you navigate to
https://bugzilla.clamav.net/show_bug.cgi?id=10979
and then down to "Comment 2" (dated 2016-11-28 12:16:52 EST) you will
see a link "attachment 7196". This is a modification to the original
#10979 patch. If you navigate to that link you will see a page which
gives a representation of the patch 'diff'. Near the top of that page
there is a link "Raw Unified", which takes you to the raw unified diff
text which is here:
https://bugzilla.clamav.net/attachment.cgi?id=7196&action=diff&context=patch&collapsed=&headers=1&format=raw
You might be able to use this as input to 'patch' but I didn't try it,
I did not expect it to work well on code which is years younger than
that on which the patch is based. Instead, I applied the patch by
hand with an editor. It was tedious but not difficult. Even if you
do not believe that you can trust my patched files (which I think is a
perfectly reasonable belief:) I should be happy to mail the patched
files to you so that you can compare the results of patching to give
you some confidence that it will work.
... what happens if I update my system (# aptitude update &&
aptitude safe-upgrade) and a new verson of clamav is being
installed. Do I always have to repatch clamav?
If you want to use this patch you must compile and install ClamAV from
the sources distributed on the clamav.net Website. You cannot use the
package management system of any Operating System (OS) distribution to
install any version of the ClamAV package(s) from the OS distribution.
Of course you could create your own package from the patched sources,
and then use the package management system to install your own package.
Many administrators do that when they have large numbers of machines
to be installed but they have some reason to avoid using the packages
produced by the OS publisher. If 'upstream' produces a new version of
the package which (still) does not contain the patch then yes, you do
have to re-apply the patch.
Your package manager will probably set up ClamAV in a way which is
very different from the way it is set up after building from source,
e.g. using directory paths like /usr/bin and /usr/sbin instead of
/usr/local/bin, /usr/local/sbin etc. - here are some samples from a
machine with both kinds of package installed:
mail6:~$ >>> l /usr/sbin/clam*
-rwxr-xr-x 1 root root 223296 Apr 15 22:12 /usr/sbin/clamd
-rwxr-xr-x 1 root root 233424 Apr 15 22:12 /usr/sbin/clamav-milter
mail6:~$ >>> l /usr/local/sbin/clam*
-rwxr-xr-x 1 root staff 581080 Aug 21 18:43 /usr/local/sbin/clamd
-rwxr-xr-x 1 root staff 581368 Aug 22 14:33 /usr/local/sbin/clamd_patched
mail6:~$ >>> l /usr/bin/freshclam
-rwxr-xr-x 1 root root 202816 Apr 15 22:12 /usr/bin/freshclam
mail6:~$ >>> l /usr/local/bin/freshclam
-rwxr-xr-x 1 root staff 442616 Aug 22 14:33 /usr/local/bin/freshclam
Note that there are THREE versions of clamd on this machine - the OS
distribution version and two versions built from source. The versions
built from source are the two which are currently running on the machine:
mail6:~$ >>> top -n1 -b -u clamav
top - 18:04:21 up 9 days, 1:49, 9 users, load average: 0.11, 0.33, 0.29
Tasks: 152 total, 1 running, 151 sleeping, 0 stopped, 0 zombie
%Cpu(s): 2.1 us, 0.5 sy, 0.1 ni, 92.5 id, 0.3 wa, 0.0 hi, 4.4 si, 0.0 st
KiB Mem: 16469180 total, 15243004 used, 1226176 free, 232408 buffers
KiB Swap: 3212284 total, 0 used, 3212284 free. 11851656 cached Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
3846 clamav 20 0 61220 5644 4568 S 0.0 0.0 4:07.37 freshclam
5479 clamav 20 0 1430760 1.058g 4604 S 0.0 6.7 115:21.15 clamd
7689 clamav 20 0 1490600 1.061g 4656 S 0.0 6.8 123:10.10
clamd_patched
There will be other path differences too, for configuration and data
file stores. If you do something like this then you need to make sure
that you're running the right binaries, and that the binaries will use
the right configurations and libraries. If you aren't sure you can do
that then it would be best to uninstall and *purge* the OS versions of
the packages before you install the package from source. This applies
not just to ClamAV, but to any package where there may be conflicts of
this kind.
HTH
--
73,
Ged.
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
