aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArmin Kuster <akuster808@gmail.com>2019-06-24 16:58:20 -0700
committerArmin Kuster <akuster808@gmail.com>2019-08-16 07:48:40 -0700
commitc4d8b108b89b4e3698ded454478e51170e157e8e (patch)
treec8133a1e91e0bae49108b3080ddb0ab45641eb02
parent7e51fc0f1f9874d6ef8dc82c6a2021e7d7fc9a68 (diff)
downloadmeta-security-wip2.tar.gz
meta-security-wip2.tar.bz2
meta-security-wip2.zip
clamav: update to 0.100.3wip2
Signed-off-by: Armin Kuster <akuster808@gmail.com>
-rw-r--r--recipes-security/clamav/clamav_0.100.3.bb (renamed from recipes-security/clamav/clamav_0.99.4.bb)74
-rw-r--r--recipes-security/clamav/files/remove_host_contaim.patch87
-rw-r--r--recipes-security/clamav/files/remove_ldd_check.patch22
-rw-r--r--recipes-security/clamav/files/remove_unit_tests.patch42
4 files changed, 191 insertions, 34 deletions
diff --git a/recipes-security/clamav/clamav_0.99.4.bb b/recipes-security/clamav/clamav_0.100.3.bb
index 7f04337..7127466 100644
--- a/recipes-security/clamav/clamav_0.99.4.bb
+++ b/recipes-security/clamav/clamav_0.100.3.bb
@@ -4,89 +4,94 @@ HOMEPAGE = "http://www.clamav.net/index.html"
SECTION = "security"
LICENSE = "LGPL-2.1"
-DEPENDS = "libtool db libmspack openssl zlib llvm chrpath-replacement-native clamav-native"
+#DEPENDS = "libtool db libxml2 openssl zlib llvm chrpath-replacement-native clamav-native"
+DEPENDS = "libtool db libxml2 openssl zlib llvm clamav-native"
DEPENDS_class-native = "db-native openssl-native zlib-native"
LIC_FILES_CHKSUM = "file://COPYING.LGPL;beginline=2;endline=3;md5=4b89c05acc71195e9a06edfa2fa7d092"
-SRCREV = "b66e5e27b48c0a07494f9df9b809ed933cede047"
+SRCREV = "f271cd0443e195eb4875178c3d39c5ec518ff982"
-SRC_URI = "git://github.com/vrtadmin/clamav-devel;branch=rel/0.99 \
+SRC_URI = "git://github.com/vrtadmin/clamav-devel;branch=rel/0.100 \
file://clamd.conf \
file://freshclam.conf \
file://volatiles.03_clamav \
file://${BPN}.service \
file://freshclam-native.conf \
+ file://remove_unit_tests.patch \
"
S = "${WORKDIR}/git"
LEAD_SONAME = "libclamav.so"
-SO_VER = "7.1.1"
+SO_VER = "7.1.2"
-EXTRANATIVEPATH += "chrpath-native"
+#EXTRANATIVEPATH += "chrpath-native"
-inherit autotools-brokensep pkgconfig useradd systemd
+inherit autotools pkgconfig useradd systemd
-UID = "clamav"
-GID = "clamav"
+CLAMAV_UID ?= "clamav"
+CLAMAV_GID ?= "clamav"
INSTALL_CLAMAV_CVD ?= "1"
-# Clamav has a built llvm version 2 but does not build with gcc 6.x,
-# disable the internal one. This is a known issue
-# If you want LLVM support, use the one in core
-
CLAMAV_USR_DIR = "${STAGING_DIR_NATIVE}/usr"
CLAMAV_USR_DIR_class-target = "${STAGING_DIR_HOST}/usr"
-PACKAGECONFIG_class-target ?= "ncurses bz2"
+PACKAGECONFIG_class-target ?= "ncurses"
PACKAGECONFIG_class-target += " ${@bb.utils.contains("DISTRO_FEATURES", "ipv6", "ipv6", "", d)}"
PACKAGECONFIG_class-target += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', '', d)}"
PACKAGECONFIG[pcre] = "--with-pcre=${STAGING_LIBDIR}, --without-pcre, libpcre"
-PACKAGECONFIG[xml] = "--with-xml=${CLAMAV_USR_DIR}, --disable-xml, libxml2,"
+#PACKAGECONFIG[xml] = "--with-xml=${STAGING_LIBDIR}, --disable-xml, libxml2,"
PACKAGECONFIG[json] = "--with-libjson=${STAGING_LIBDIR}, --without-libjson, json,"
PACKAGECONFIG[curl] = "--with-libcurl=${STAGING_LIBDIR}, --without-libcurl, curl,"
PACKAGECONFIG[ipv6] = "--enable-ipv6, --disable-ipv6"
-PACKAGECONFIG[bz2] = "--with-libbz2-prefix=${CLAMAV_USR_DIR}, --without-libbz2-prefix, "
+PACKAGECONFIG[bz2] = "--with-libbz2-prefix=${CLAMAV_USR_DIR}, --disable-bzip2, bzip2"
PACKAGECONFIG[ncurses] = "--with-libncurses-prefix=${CLAMAV_USR_DIR}, --without-libncurses-prefix, ncurses, "
PACKAGECONFIG[systemd] = "--with-systemdsystemunitdir=${systemd_unitdir}/system/, --without-systemdsystemunitdir, "
-
+#sys_lib_dlsearch_path_spec
EXTRA_OECONF_CLAMAV = "--without-libcheck-prefix --disable-unrar \
- --with-system-llvm --with-llvm-linking=dynamic --disable-llvm \
--disable-mempool \
--program-prefix="" \
--disable-yara \
- --disable-xml \
+ --disable-zlib-vcheck \
+ --with-zlib=${CLAMAV_USR_DIR} \
+ --with-xml=${STAGING_LIBDIR} \
--with-openssl=${CLAMAV_USR_DIR} \
- --with-zlib=${CLAMAV_USR_DIR} --disable-zlib-vcheck \
+ --with-iconv=no \
+ --enable-check=no \
"
EXTRA_OECONF_class-native += "${EXTRA_OECONF_CLAMAV}"
-EXTRA_OECONF_class-target += "--with-user=${UID} --with-group=${GID} --disable-rpath ${EXTRA_OECONF_CLAMAV}"
+EXTRA_OECONF_class-target += "--with-user=${CLAMAV_UID} --with-group=${CLAMAV_GID} --disable-rpath ${EXTRA_OECONF_CLAMAV}"
+#EXTRA_OECONF_class-target += "--with-user=${CLAMAV_UID} --with-group=${CLAMAV_GID} ${EXTRA_OECONF_CLAMAV}"
do_configure () {
+# export LT_SYS_LIBRARY_PATH="${STAGING_LIBDIR}"
+# sed -i 's#DSEARCH_LIBDIR=\\"\$(libdir)\\"#DSEARCH_LIBDIR=\\"${STAGING_LIBDIR}\\"#' ${S}/libclamav/Makefile.in
+# sed -i 's#DSEARCH_LIBDIR=\\"\$(libdir)\\"#DSEARCH_LIBDIR=\\"${STAGING_LIBDIR}\\"#' ${S}/libclamav/Makefile.am
+
${S}/configure ${CONFIGUREOPTS} ${EXTRA_OECONF}
- install -d ${S}/clamav_db
}
do_configure_class-native () {
${S}/configure ${CONFIGUREOPTS} ${EXTRA_OECONF}
}
-
do_compile_append_class-target() {
# brute force removing RPATH
- chrpath -d ${B}/libclamav/.libs/libclamav.so.${SO_VER}
- chrpath -d ${B}/sigtool/.libs/sigtool
- chrpath -d ${B}/clambc/.libs/clambc
- chrpath -d ${B}/clamscan/.libs/clamscan
- chrpath -d ${B}/clamconf/.libs/clamconf
- chrpath -d ${B}/clamd/.libs/clamd
- chrpath -d ${B}/freshclam/.libs/freshclam
+# chrpath -d ${B}/libclamav/.libs/libclamav.so.${SO_VER}
+# chrpath -d ${B}/sigtool/.libs/sigtool
+# chrpath -d ${B}/clambc/.libs/clambc
+# chrpath -d ${B}/clamscan/.libs/clamscan
+# chrpath -d ${B}/clamconf/.libs/clamconf
+# chrpath -d ${B}/clamd/.libs/clamd
+# chrpath -d ${B}/freshclam/.libs/freshclam
+# chrpath -d ${B}/libclamav/libmspack-0.5alpha/.libs/libclammspack.so
if [ "${INSTALL_CLAMAV_CVD}" = "1" ]; then
bbnote "CLAMAV creating cvd"
+ install -d ${S}/clamav_db
${STAGING_BINDIR_NATIVE}/freshclam --datadir=${S}/clamav_db --config=${WORKDIR}/freshclam-native.conf
fi
}
@@ -101,6 +106,7 @@ do_install_append_class-target () {
install -m 0644 ${WORKDIR}/volatiles.03_clamav ${D}${sysconfdir}/default/volatiles/volatiles.03_clamav
sed -i -e 's#${STAGING_DIR_HOST}##g' ${D}${libdir}/pkgconfig/libclamav.pc
rm ${D}/${libdir}/libclamav.so
+ rm ${D}/${libdir}/libclammspack.so
install -m 666 ${S}/clamav_db/* ${D}/${localstatedir}/lib/clamav/.
if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)};then
install -D -m 0644 ${WORKDIR}/clamav.service ${D}${systemd_unitdir}/system/clamav.service
@@ -112,7 +118,7 @@ pkg_postinst_ontarget_${PN} () {
${sysconfdir}/init.d/populate-volatile.sh update
fi
mkdir -p ${localstatedir}/lib/clamav
- chown -R ${UID}:${GID} ${localstatedir}/lib/clamav
+ chown -R ${CLAMAV_UID}:${CLAMAV_GID} ${localstatedir}/lib/clamav
}
@@ -152,7 +158,7 @@ FILES_${PN}-dev = " ${bindir}/clamav-config ${libdir}/*.la \
FILES_${PN}-staticdev = "${libdir}/*.a"
-FILES_${PN}-libclamav = "${libdir}/libclamav.so* ${libdir}/libmspack.so*\
+FILES_${PN}-libclamav = "${libdir}/libclamav.so* ${libdir}/libclammspack.so*\
${docdir}/libclamav/* "
FILES_${PN}-doc = "${mandir}/man/* \
@@ -162,8 +168,8 @@ FILES_${PN}-doc = "${mandir}/man/* \
FILES_${PN}-cvd = "${localstatedir}/lib/clamav/*.cvd ${localstatedir}/lib/clamav/*.dat"
USERADD_PACKAGES = "${PN}"
-GROUPADD_PARAM_${PN} = "--system ${UID}"
-USERADD_PARAM_${PN} = "--system -g ${GID} --home-dir \
+GROUPADD_PARAM_${PN} = "--system ${CLAMAV_UID}"
+USERADD_PARAM_${PN} = "--system -g ${CLAMAV_GID} --home-dir \
${localstatedir}/spool/${BPN} \
--no-create-home --shell /bin/false ${BPN}"
@@ -172,7 +178,7 @@ RREPLACES_${PN} += "${PN}-systemd"
RCONFLICTS_${PN} += "${PN}-systemd"
SYSTEMD_SERVICE_${PN} = "${BPN}.service"
-RDEPENDS_${PN} = "openssl ncurses-libncurses libbz2 ncurses-libtinfo clamav-freshclam clamav-libclamav"
+RDEPENDS_${PN} = "openssl ncurses-libncurses libxml2 libbz2 ncurses-libtinfo clamav-freshclam clamav-libclamav"
RDEPENDS_${PN}_class-native = ""
BBCLASSEXTEND = "native"
diff --git a/recipes-security/clamav/files/remove_host_contaim.patch b/recipes-security/clamav/files/remove_host_contaim.patch
new file mode 100644
index 0000000..79063e9
--- /dev/null
+++ b/recipes-security/clamav/files/remove_host_contaim.patch
@@ -0,0 +1,87 @@
+Index: git/clamav-config.in
+===================================================================
+--- git.orig/clamav-config.in
++++ git/clamav-config.in
+@@ -55,11 +55,11 @@ while test $# -gt 0; do
+ ;;
+
+ --cflags)
+- echo -I@includedir@ @CFLAGS@
++ echo @CFLAGS@
+ ;;
+
+ --libs)
+- echo -L@libdir@ @LIBCLAMAV_LIBS@
++ echo @LIBCLAMAV_LIBS@
+ ;;
+
+ *)
+Index: git/configure
+===================================================================
+--- git.orig/configure
++++ git/configure
+@@ -21130,11 +21130,7 @@ fi
+ fi
+ fi
+ if test "X$found_dir" = "X"; then
+- compat_libdir=
+- if test "X$acl_libdirstem" != "Xlib"; then
+- compat_libdir=-L'${exec_prefix}'/lib
+- fi
+- for x in $LDFLAGS $LTLIBCHECK $compat_libdir $additional_compat_libdir; do
++ for x in $LDFLAGS $LTLIBCHECK $additional_compat_libdir; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+@@ -23039,11 +23035,7 @@ fi
+ fi
+ fi
+ if test "X$found_dir" = "X"; then
+- compat_libdir=
+- if test "X$acl_libdirstem" != "Xlib"; then
+- compat_libdir=-L'${exec_prefix}'/lib
+- fi
+- for x in $LDFLAGS $LTLIBBZ2 $compat_libdir $additional_compat_libdir; do
++ for x in $LDFLAGS $LTLIBBZ2 $additional_compat_libdir; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+@@ -26469,11 +26461,7 @@ fi
+ fi
+ fi
+ if test "X$found_dir" = "X"; then
+- compat_libdir=
+- if test "X$acl_libdirstem" != "Xlib"; then
+- compat_libdir=-L'${exec_prefix}'/lib
+- fi
+- for x in $LDFLAGS $LTLIBNCURSES $compat_libdir $additional_compat_libdir; do
++ for x in $LDFLAGS $LTLIBNCURSES $additional_compat_libdir; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+@@ -26994,11 +26982,7 @@ fi
+ fi
+ fi
+ if test "X$found_dir" = "X"; then
+- compat_libdir=
+- if test "X$acl_libdirstem" != "Xlib"; then
+- compat_libdir=-L'${exec_prefix}'/lib
+- fi
+- for x in $LDFLAGS $LTLIBNCURSES $compat_libdir $additional_compat_libdir; do
++ for x in $LDFLAGS $LTLIBNCURSES $additional_compat_libdir; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
+@@ -27519,11 +27503,7 @@ fi
+ fi
+ fi
+ if test "X$found_dir" = "X"; then
+- compat_libdir=
+- if test "X$acl_libdirstem" != "Xlib"; then
+- compat_libdir=-L'${exec_prefix}'/lib
+- fi
+- for x in $LDFLAGS $LTLIBPDCURSES $compat_libdir $additional_compat_libdir; do
++ for x in $LDFLAGS $LTLIBPDCURSES $additional_compat_libdir; do
+
+ acl_save_prefix="$prefix"
+ prefix="$acl_final_prefix"
diff --git a/recipes-security/clamav/files/remove_ldd_check.patch b/recipes-security/clamav/files/remove_ldd_check.patch
new file mode 100644
index 0000000..c98279a
--- /dev/null
+++ b/recipes-security/clamav/files/remove_ldd_check.patch
@@ -0,0 +1,22 @@
+Index: git/configure
+===================================================================
+--- git.orig/configure
++++ git/configure
+@@ -12369,17 +12369,6 @@ fi
+ # before this can be enabled.
+ hardcode_into_libs=yes
+
+- # Ideally, we could use ldconfig to report *all* directores which are
+- # searched for libraries, however this is still not possible. Aside from not
+- # being certain /sbin/ldconfig is available, command
+- # 'ldconfig -N -X -v | grep ^/' on 64bit Fedora does not report /usr/lib64,
+- # even though it is searched at run-time. Try to do the best guess by
+- # appending ld.so.conf contents (and includes) to the search path.
+- if test -f /etc/ld.so.conf; then
+- lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[ ]*hwcap[ ]/d;s/[:, ]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
+- sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
+- fi
+-
+ # We used to test for /lib/ld.so.1 and disable shared libraries on
+ # powerpc, because MkLinux only supported shared libraries with the
+ # GNU dynamic linker. Since this was broken with cross compilers,
diff --git a/recipes-security/clamav/files/remove_unit_tests.patch b/recipes-security/clamav/files/remove_unit_tests.patch
new file mode 100644
index 0000000..e3f7301
--- /dev/null
+++ b/recipes-security/clamav/files/remove_unit_tests.patch
@@ -0,0 +1,42 @@
+Index: git/Makefile.am
+===================================================================
+--- git.orig/Makefile.am
++++ git/Makefile.am
+@@ -20,8 +20,8 @@
+
+ ACLOCAL_AMFLAGS=-I m4
+
+-SUBDIRS = libltdl libclamav clamscan clamd clamdscan freshclam sigtool clamconf database docs etc clamav-milter test clamdtop clambc unit_tests
+-EXTRA_DIST = examples shared libclamav.pc.in libclamunrar_iface/Makefile.am libclamunrar_iface/Makefile.in COPYING.bzip2 COPYING.lzma COPYING.unrar COPYING.LGPL COPYING.llvm COPYING.file COPYING.zlib COPYING.getopt COPYING.regex COPYING.YARA COPYING.pcre platform.h.in clamdscan/clamdscan.map win32 libclamav/libmspack-0.5alpha/mspack/mspack.def ChangeLog.md INSTALL.md NEWS.md README.md
++SUBDIRS = libltdl libclamav clamscan clamd clamdscan freshclam sigtool clamconf database docs etc clamav-milter clamdtop clambc
++EXTRA_DIST = examples shared libclamav.pc.in libclamunrar_iface/Makefile.am libclamunrar_iface/Makefile.in COPYING.bzip2 COPYING.lzma COPYING.unrar COPYING.LGPL COPYING.llvm COPYING.file COPYING.zlib COPYING.getopt COPYING.regex COPYING.YARA COPYING.pcre platform.h.in clamdscan/clamdscan.map libclamav/libmspack-0.5alpha/mspack/mspack.def ChangeLog.md INSTALL.md NEWS.md README.md
+
+ bin_SCRIPTS=clamav-config
+
+Index: git/Makefile.in
+===================================================================
+--- git.orig/Makefile.in
++++ git/Makefile.in
+@@ -307,8 +307,8 @@ ETAGS = etags
+ CTAGS = ctags
+ CSCOPE = cscope
+ DIST_SUBDIRS = libltdl libclamav clamscan clamd clamdscan freshclam \
+- sigtool clamconf database docs etc clamav-milter test clamdtop \
+- clambc unit_tests clamsubmit libfreshclam fuzz
++ sigtool clamconf database docs etc clamav-milter clamdtop \
++ clambc clamsubmit libfreshclam
+ DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+ distdir = $(PACKAGE)-$(VERSION)
+ top_distdir = $(distdir)
+@@ -579,9 +579,8 @@ top_builddir = @top_builddir@
+ top_srcdir = @top_srcdir@
+ ACLOCAL_AMFLAGS = -I m4
+ SUBDIRS = libltdl libclamav clamscan clamd clamdscan freshclam sigtool \
+- clamconf database docs etc clamav-milter test clamdtop clambc \
+- unit_tests $(am__append_1) $(am__append_2) $(am__append_3)
+-EXTRA_DIST = examples shared libclamav.pc.in libclamunrar_iface/Makefile.am libclamunrar_iface/Makefile.in COPYING.bzip2 COPYING.lzma COPYING.unrar COPYING.LGPL COPYING.llvm COPYING.file COPYING.zlib COPYING.getopt COPYING.regex COPYING.YARA COPYING.pcre platform.h.in clamdscan/clamdscan.map win32 libclamav/libmspack-0.5alpha/mspack/mspack.def ChangeLog.md INSTALL.md NEWS.md README.md
++ clamconf database docs etc clamav-milter clamdtop clambc
++EXTRA_DIST = examples shared libclamav.pc.in libclamunrar_iface/Makefile.am libclamunrar_iface/Makefile.in COPYING.bzip2 COPYING.lzma COPYING.unrar COPYING.LGPL COPYING.llvm COPYING.file COPYING.zlib COPYING.getopt COPYING.regex COPYING.YARA COPYING.pcre platform.h.in clamdscan/clamdscan.map libclamav/libmspack-0.5alpha/mspack/mspack.def ChangeLog.md INSTALL.md NEWS.md README.md
+ bin_SCRIPTS = clamav-config
+ pkgconfigdir = $(libdir)/pkgconfig
+ pkgconfig_DATA = libclamav.pc