Re: [Clamav-users] Handling the daily.cvd to daily.inc transition in a packaging context
On Sat, Mar 10, 2007 at 11:38:47AM +0100, Jan-Pieter Cornet wrote: On Sat, Mar 10, 2007 at 11:26:10AM +0100, Marc Haber wrote: On Sat, Mar 10, 2007 at 11:11:39AM +0100, Jan-Pieter Cornet wrote: Just put this in your freshclam.conf: ScriptedUpdates no It will make sure only .cvd files are downloaded. This is the quick fix I have taken, but is this the right way in the long term? Scripted updates were implemented for a reason, and I don't think that it is the right way to turn them off again to fix the issues that came up with them. Ah, I assumed for a moment you would only build the .cvd package centrally for the entire debian distribution, so it wouldn't make much of a difference. I see now what you mean... We are using the same script to build a central .cvd, and I have understood in the mean time that if we want our packages to be compatible with the outdated engines in Debian stable, we _need_ to disable Scripted Updates. And so be it ;) Thanks for helping me realize this. I guess packing up the entire contents of the database directory would work just as well. Verification can be done by pointing clamscan to the downloaded directory and trying to scan a test-file. (That's not signature verification, but you'd assume that freshclam already did that). The test file signatures, though, are in the main.cvd, and thus a botched daily.cvd won't be noticed here. Signature Verification is much better. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Handling the daily.cvd to daily.inc transition in a packaging context
On Sat, Mar 10, 2007 at 10:56:24AM +0100, Marc Haber wrote: in Debian, we have a package called clamav-getfiles which uses freshclam to download new virus patterns and in turn packages up main.cvd and daily.cvd into a .deb package which can then be installed on systems that cannot run their own freshclam, for example for policy reasons. We also use clamav-getfiles to have current .deb packages of the clamav virus database in our unstable and volatile archive. This process of course broke horribly when freshclam suddenly began to produce daily.inc instead of daily.cvd. I am now wondering how to handle this in the future. Just put this in your freshclam.conf: ScriptedUpdates no It will make sure only .cvd files are downloaded. You will probably also want to exclude the mirrors.dat file from the distribution that freshclam 0.90 now puts in the virus database directory. -- Jan-Pieter Cornet [EMAIL PROTECTED] !! Disclamer: The addressee of this email is not the intended recipient. !! !! This is only a test of the echelon and data retention systems. Please !! !! archive this message indefinitely to allow verification of the logs. !! ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Handling the daily.cvd to daily.inc transition in a packaging context
On 3/10/07, Marc Haber [EMAIL PROTECTED] wrote: Hi, Is there any possibility to pack up a daily.inc into a local daily.cvd file which can be verified with sigtool? No. Or are we better off with just distributing main.cvd in conjunction with the entire daily.inc directory? There can be a main.inc on next main.cvd update. Watch out for that too. What do we do if both daily.cvd and daily.inc are present after the freshclam run? Should any one take precedence, or is this an error which requires manual intervention? It is best to avoid such situations. --Edwin ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Handling the daily.cvd to daily.inc transition in a packaging context
On Sat, Mar 10, 2007 at 11:11:39AM +0100, Jan-Pieter Cornet wrote: Just put this in your freshclam.conf: ScriptedUpdates no It will make sure only .cvd files are downloaded. This is the quick fix I have taken, but is this the right way in the long term? Scripted updates were implemented for a reason, and I don't think that it is the right way to turn them off again to fix the issues that came up with them. You will probably also want to exclude the mirrors.dat file from the distribution that freshclam 0.90 now puts in the virus database directory. That one is already excluded. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 621 72739835 ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Handling the daily.cvd to daily.inc transition in a packaging context
On Sat, Mar 10, 2007 at 11:26:10AM +0100, Marc Haber wrote: On Sat, Mar 10, 2007 at 11:11:39AM +0100, Jan-Pieter Cornet wrote: Just put this in your freshclam.conf: ScriptedUpdates no It will make sure only .cvd files are downloaded. This is the quick fix I have taken, but is this the right way in the long term? Scripted updates were implemented for a reason, and I don't think that it is the right way to turn them off again to fix the issues that came up with them. Ah, I assumed for a moment you would only build the .cvd package centrally for the entire debian distribution, so it wouldn't make much of a difference. I see now what you mean... I guess packing up the entire contents of the database directory would work just as well. Verification can be done by pointing clamscan to the downloaded directory and trying to scan a test-file. (That's not signature verification, but you'd assume that freshclam already did that). -- Jan-Pieter Cornet [EMAIL PROTECTED] !! Disclamer: The addressee of this email is not the intended recipient. !! !! This is only a test of the echelon and data retention systems. Please !! !! archive this message indefinitely to allow verification of the logs. !! ___ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html