Package: clamav-freshclam Version: 0.91.1-1 Severity: normal Tags: patch In the script, you are using the $User variable. This variable is not defined in the conf, and $DatabaseOwner is used instead. In all cases, there is this an hardcoded thing: 'su clamav' on line 197
-- System Information: Debian Release: lenny/sid APT prefers testing APT policy: (990, 'testing'), (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.16.33-xenU (SMP w/8 CPU cores) Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15) (ignored: LC_ALL set to [EMAIL PROTECTED]) Shell: /bin/sh linked to /bin/bash Versions of packages clamav-freshclam depends on: ii clamav-base 0.91.1-1 base package for clamav, an anti-v ii debconf [debconf-2.0] 1.5.14 Debian configuration management sy ii debianutils 2.22.1 Miscellaneous utilities specific t ii libc6 2.6-2 GNU C Library: Shared libraries ii libclamav2 0.91.1-1 virus scanner library ii logrotate 3.7.1-3 Log rotation utility ii lsb-base 3.1-24 Linux Standard Base 3.1 init scrip ii ucf 3.001 Update Configuration File: preserv ii zlib1g 1:1.2.3.3.dfsg-5 compression library - runtime clamav-freshclam recommends no packages. -- debconf information: * clamav-freshclam/autoupdate_freshclam: daemon * clamav-freshclam/local_mirror: db.local.clamav.net clamav-freshclam/mirrors.txt-note: clamav-freshclam/internet_interface: clamav-freshclam/proxy_user: * clamav-freshclam/NotifyClamd: /etc/clamav/clamd.conf * clamav-freshclam/http_proxy: clamav-freshclam/update_interval: 24
--- /etc/init.d/clamav-freshclam 2007-07-17 00:51:47.000000000 +0200 +++ freshclam.conf 2007-08-06 10:28:45.000000000 +0200 @@ -1,262 +1,23 @@ -#!/bin/sh - -### BEGIN INIT INFO -# Provides: clamav-freshclam -# Required-Start: $syslog -# Should-Start: clamav-daemon -# Required-Stop: -# Should-Stop: -# Default-Start: 2 3 4 5 -# Default-Stop: 0 6 -# Short-Description: ClamAV virus database updater -# Description: Clam AntiVirus virus database updater -### END INIT INFO - -DAEMON=/usr/bin/freshclam -NAME=freshclam -DESC="ClamAV virus database updater" -[ -x $DAEMON ] || exit 0 - -CLAMAV_CONF_FILE=/etc/clamav/clamd.conf -FRESHCLAM_CONF_FILE=/etc/clamav/freshclam.conf -PIDFILE=/var/run/clamav/freshclam.pid -[ -f /var/lib/clamav/interface ] && INTERFACE=`cat /var/lib/clamav/interface` - -. /lib/lsb/init-functions - -check_ucf() -{ -if ucf -h 2>&1 | grep -q debconf-ok; then - echo ok -else - echo notok -fi -} - -ucf_cleanup() -{ - # This only does something if I've fucked up before - # Not entirely impossible :( - - configfile=$1 - - if [ `grep "$configfile" /var/lib/ucf/hashfile | wc -l` -gt 1 ]; then - grep -v "$configfile" /var/lib/ucf/hashfile > /var/lib/ucf/hashfile.tmp - grep "$configfile" /var/lib/ucf/hashfile | tail -n 1 >> /var/lib/ucf/hashfile.tmp - mv /var/lib/ucf/hashfile.tmp /var/lib/ucf/hashfile - fi -} - -add_to_ucf() -{ - configfile=$1 - ucffile=$2 - - if ! grep -q "$configfile" /var/lib/ucf/hashfile; then - md5sum $configfile >> /var/lib/ucf/hashfile - cp $configfile $ucffile - fi -} - -ucf_upgrade_check() -{ - configfile=$1 - sourcefile=$2 - ucffile=$3 - - if [ -f "$configfile" ]; then - add_to_ucf $configfile $ucffile - if [ "$UCFVER" = 'ok' ]; then - ucf --three-way --debconf-ok "$sourcefile" "$configfile" - else - ucf --three-way "$sourcefile" "$configfile" < /dev/tty - fi - else - [ -d /var/lib/ucf/cache ] || mkdir -p /var/lib/ucf/cache - cp $sourcefile $configfile - add_to_ucf $configfile $ucffile - fi -} - -slurp_config() -{ - CLAMAVCONF="$1" - - if [ -e "$CLAMAVCONF" ]; then - for variable in `egrep -v '^[[:space:]]*(#|$)' "$CLAMAVCONF" | awk '{print $1}'`; do - if [ "$variable" = 'DatabaseMirror' ]; then - if [ -z "$DatabaseMirror" ]; then - for i in `grep ^$variable $CLAMAVCONF | awk '{print $2}'`; do - value="$i $value" - done - else - continue - fi - elif [ "$variable" = 'VirusEvent' ] || [ "$variable" = 'OnUpdateExecute' ] || [ "$variable" = 'OnErrorExecute' ]; then - value=`grep ^$variable $CLAMAVCONF | head -n1 | sed -e s/$variable\ //` - else - value=`grep ^$variable $CLAMAVCONF | head -n1 | awk '{print $2}'` - fi - if [ -z "$value" ]; then - export "$variable"="true" - elif [ "$value" != "$variable" ]; then - export "$variable"="$value" - else - export "$variable"="true" - fi - unset value - done - fi -} - -make_dir() -{ - DIR=$1 - if [ -d "$DIR" ]; then - return 0; - fi - [ -n "$User" ] || User=clamav - mkdir -p -m 0755 "$DIR" - chown "$User:$User" "$DIR" -} - - - -slurp_config "$FRESHCLAM_CONF_FILE" - -[ -n "$PidFile" ] && PIDFILE="$PidFile" -[ -n "$DataBaseDirectory" ] || DataBaseDirectory=/var/run/clamav - -make_dir "$DataBaseDirectory" - -if [ -f "$PIDFILE" ]; then - PID=`pidofproc -p $PIDFILE $DAEMON` - RUNNING=$? -else - PID=`pidofproc $DAEMON` - RUNNING=$? -fi - -handle_iface() -{ - OPTIND=1 - if [ "$1" = "stop" ] && [ "$RUNNING" != 0 ]; then - return 1 - elif [ "$1" = "start" ] && [ "$RUNNING" = 0 ]; then - return 1 - else - return 0 - fi - - IS_UP=0 - MATCH=0 - for inet in $INTERFACE; do - route | grep -q "$inet" && IS_UP=`expr "$IS_UP" + 1` - [ "$inet" = "$IFACE" ] && MATCH=1 - done - - if [ -n "$INTERFACE" ]; then # Want if-up.d handling - if [ -n "$IFACE" ]; then # Called by if-up.d - for us - if [ "$MATCH" = '1' ]; then # IFACE is ours - if [ "$IS_UP" = '1' ]; then # and is only one up - return 0 - else # Either not up, or others are up - return 1 - fi - else # IFACE is not ours - return 1 - fi - else # Not called by if-up.d && $1='(stop|start)' - return 1 - fi - else # No if-up.d handling - just return - return 0 - fi -} - -handle_iface $1 || exit 0 - -[ -z "$UpdateLogFile" ] && UpdateLogFile=/var/log/clamav/freshclam.log -[ -z "$DatabaseDirectory" ] && DatabaseDirectory=/var/lib/clamav/ -[ -n "$User" ] || User=clamav - -case "$1" in - no-daemon) - su "$User" -p -s /bin/sh -c "freshclam -l $UpdateLogFile --datadir $DatabaseDirectory" - ;; - start) - OPTIND=1 - log_daemon_msg "Starting $DESC" "$NAME" - # If user wants it run from cron, we only accept no-daemon and stop - if [ -f /etc/cron.d/clamav-freshclam ]; then - log_warning_msg "Not starting $NAME - cron option selected" - log_warning_msg "Run the init script with the 'no-daemon' option" - log_end_msg 1 - exit 0 - fi - su clamav -p -s /bin/sh -c ". /lib/lsb/init-functions && start_daemon $DAEMON -d --quiet" - log_end_msg $? - ;; - stop) - OPTIND=1 - log_daemon_msg "Stopping $DESC" "$NAME" - if [ -n "$PID" ]; then - kill -15 -"$PID" - ret=$? - sleep 1 - if kill -0 "$PID" 2>/dev/null; then - ret=$? - log_progress_msg "Waiting . " - cnt=0 - while kill -0 "$PID" 2>/dev/null; do - ret=$? - cnt=`expr "$cnt" + 1` - if [ "$cnt" -gt 15 ]; then - kill -9 "$PID" - ret=$? - break - fi - sleep 2 - log_progress_msg ". " - done - fi - else - killproc -p $PIDFILE $DAEMON - ret=$? - fi - log_end_msg $ret - ;; - restart|force-reload) - $0 stop - $0 start - ;; - reload-log) - OPTIND=1 - log_daemon_msg "Reloading $DESC" "$NAME" - if [ "$RUNNING" = 0 ] && [ -n "$PID" ]; then - kill -HUP $PID - fi - log_end_msg $? - ;; - skip) - ;; - status) - case "$RUNNING" in - 0) log_success_msg "$NAME is running." - ;; - 1) log_warning_msg "$NAME is not running, but pidfile $PIDFILE exists." - ;; - 3) log_failure_msg "$NAME is not running." - ;; - *) log_failure_msg "$NAME is unknown." - ;; - esac - ;; - *) - log_failure_msg "Usage: $0 {no-daemon|start|stop|restart|force-reload|reload-log|skip|status}" >&2 - exit 1 - ;; -esac - -exit 0 +# Automatically created by the clamav-freshclam postinst +# Comments will get lost when you reconfigure the clamav-freshclam package +DatabaseOwner amavis +UpdateLogFile /var/log/mail/clamav/freshclam.log +LogVerbose false +LogSyslog false +LogFacility LOG_LOCAL6 +LogFileMaxSize 0 +Foreground false +Debug false +MaxAttempts 5 +DatabaseDirectory /var/lib/clamav/ +DNSDatabaseInfo current.cvd.clamav.net +AllowSupplementaryGroups false +PidFile /var/run/clamav/freshclam.pid +ConnectTimeout 30 +ReceiveTimeout 30 +ScriptedUpdates yes +# Check for new database 24 times a day +Checks 24 +DatabaseMirror db.local.clamav.net +DatabaseMirror database.clamav.net