Paul, You should be able to use `--with-systemdsystemunitdir=no` to make it so that `make install` won't try to register clamd as a systemd service
-Andrew On Sun, Apr 19, 2020 at 1:26 PM Paul Kosinski via clamav-users < clamav-users@lists.clamav.net> wrote: > I finally built 0.102.2 a few days ago and was rather shocked that it was > tightly integrated into systemd. In a point release, converting ClamAV into > a mandatory server strikes me as weird, especially since there is no > "--without-systemd" option. > > I am not philosophically opposed to systemd (its partial ordering of > dependencies is actually quite elegant), but I have never used ClamAV in > conjunction with systemd (although I might consider it in the future). > > Now for some details... > > The way I always have built ClamAV is to install each new version in /opt > under its version number. This allows me to try out the new version without > needing to shut down the running version. Then I switch to the new version > almost atomically by changing one symlink (e.g., /opt/clamav -> > /opt/clamav.0.102.2) and restarting clamd. So if the new version has some > problem, I can switch back (also almost atomically). > > Luckily, my procedure was not totally wiped out by the systemd issue due > to the fact that (for extra security) I never run "make install" as root. I > always create the new ClamAV version directory in /opt owned by the build > user and install as that user (followed by "chown -R 0.0" etc.). So the > install failed without adding weird stuff to my systemd environment. > > I then worked around the problem by studying the "configure" options and > found that there was an option "--with-systemdsystemunitdir". So I pointed > that to a harmless new directory (/opt/clamav.0.102.2/systemd) and reran > "configure", "make", "make check" and "make install", which then all > worked, and showed me what the new systemd files contained. > > Thus I would strongly recommend adding a "--without-systemd" option to the > new "configure". If I hadn't employed my workaround, "make install" (as > root) would have added those 3 files to the standard systemd environment. > This have totally broken the way I support multiple versions of ClamAV, as > those files have *absolute* paths to the new version of ClamAV no matter > where installed. > > P.S. I run freshclam via cron and my own "getfreshclam" wrapper. This > allows me to keep older signature files around in case a new version has a > serious problem. (It was also quite useful in investigating the multi-hour > out-of-date problem with Cloudflare's BOS mirror.) > > Finally, note that simply using systemd and thus freshclam's builtin > periodic update mechanism (instead of cron) wouldn't easily allow keeping > previous signature files around as backups. > > _______________________________________________ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml >
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml