Andrew, Yeah, per your posting, I tried running 'configure' specifying `--with-systemdsystemunitdir=no` and it seemed to be suppress the systemd tie-in. (I didn't actually run 'make'.)
It would be nice if this were documented somewhere. The "--help" info from 'configure' only lists 'DIR' as an argument. The latest reference to 'systemd' in NEWS.md is for version 0.99.2 (and the other ".md" files have nothing), and I couldn't find anything about this new approach in the documentation or faqs on GitHub. (Google doesn't turn up anything definitive either.) In any case, the systemd tie-in is a *major* change: it turns ClamAV from a mere package into a run-at-startup *service*, and needs to be presented as such. -Paul On Sun, 19 Apr 2020 15:17:51 -0400 Andrew Williams <awill...@sourcefire.com> wrote: > Paul, > > You should be able to use `--with-systemdsystemunitdir=no` to make it > so that `make install` won't try to register clamd as a systemd > service > > -Andrew > > On Sun, Apr 19, 2020 at 1:26 PM Paul Kosinski via clamav-users < > clamav-users@lists.clamav.net> wrote: > > > I finally built 0.102.2 a few days ago and was rather shocked that > > it was tightly integrated into systemd. In a point release, > > converting ClamAV into a mandatory server strikes me as weird, > > especially since there is no "--without-systemd" option. > > > > I am not philosophically opposed to systemd (its partial ordering of > > dependencies is actually quite elegant), but I have never used > > ClamAV in conjunction with systemd (although I might consider it in > > the future). > > > > Now for some details... > > > > The way I always have built ClamAV is to install each new version > > in /opt under its version number. This allows me to try out the new > > version without needing to shut down the running version. Then I > > switch to the new version almost atomically by changing one symlink > > (e.g., /opt/clamav -> /opt/clamav.0.102.2) and restarting clamd. So > > if the new version has some problem, I can switch back (also almost > > atomically). > > > > Luckily, my procedure was not totally wiped out by the systemd > > issue due to the fact that (for extra security) I never run "make > > install" as root. I always create the new ClamAV version directory > > in /opt owned by the build user and install as that user (followed > > by "chown -R 0.0" etc.). So the install failed without adding weird > > stuff to my systemd environment. > > > > I then worked around the problem by studying the "configure" > > options and found that there was an option > > "--with-systemdsystemunitdir". So I pointed that to a harmless new > > directory (/opt/clamav.0.102.2/systemd) and reran "configure", > > "make", "make check" and "make install", which then all worked, and > > showed me what the new systemd files contained. > > > > Thus I would strongly recommend adding a "--without-systemd" option > > to the new "configure". If I hadn't employed my workaround, "make > > install" (as root) would have added those 3 files to the standard > > systemd environment. This have totally broken the way I support > > multiple versions of ClamAV, as those files have *absolute* paths > > to the new version of ClamAV no matter where installed. > > > > P.S. I run freshclam via cron and my own "getfreshclam" wrapper. > > This allows me to keep older signature files around in case a new > > version has a serious problem. (It was also quite useful in > > investigating the multi-hour out-of-date problem with Cloudflare's > > BOS mirror.) > > > > Finally, note that simply using systemd and thus freshclam's builtin > > periodic update mechanism (instead of cron) wouldn't easily allow > > keeping previous signature files around as backups. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml