Ubuntu
clamav package

Incorrect generated logrotate file

Bug #799623 reported by Javier Amor Garcia
28
This bug affects 5 people
Affects Status Importance Assigned to Milestone
ALT Linux
Invalid
Unknown
clamav (Ubuntu)
Fix Released
Low
Louis Bouchard
Precise
Fix Released
Low
Louis Bouchard
Quantal
Fix Released
Low
Louis Bouchard
Raring
Won't Fix
Low
Louis Bouchard
Saucy
Fix Released
Low
Louis Bouchard

Bug Description

SRU justification :

Without this fix, installation scripts can generate invalid configuration files
(i.e. logrotate.d/clamav-damemon)

Impact :

Invalid configuration files

Fix :

Make the parsing algorithm a bit more discriminative

Test Case :

1) install clamav & clamav-daemon
 $ sudo apt-get -y install clamav clamav-daemon

2) Add the following line before the first LogFile statement
LogFileMaxSize 0

3) Deinstall without purging the config file
  apt-get -y remove clamav clamav-daemon clamav-base clamav-freshclam libclamav6

4) Re-install clamav & clamav-daemon & keep the existing config file
  apt-get -y install clamav clamav-daemon clamav-base clamav-freshclam libclamav6

The clamav-daemon file should look like this (which is wrong) :
0 {
     rotate 12
     weekly
     compress
     delaycompress
     create 640 clamav adm
     postrotate
     /etc/init.d/clamav-daemon reload-log > /dev/null
     endscript
     }

The correct format of the file should be :
/var/log/clamav/clamav.log {
     rotate 12
     weekly
     compress
     delaycompress
     create 640 clamav adm
     postrotate
     /etc/init.d/clamav-daemon reload-log > /dev/null
     endscript
     }

Regression :

None expected, the values returned are still valid.

Original description of the problem :
Binary package hint: clamav-daemon

Version: 0.96.5+dfsg-1ubuntu1.10.04.2

Sometimes the logrotate conf file (/etc/logrotate.d/clamav-daemon) is incorrectly generated, with a '0' instead of '/var/log/clamav/clamav.log'. See the attached file for a example of bad configuration.

I suspect the root cause is in the clamav-daemon.postinst script. In the 'configure' case the logrotate conf file could be generated and I feel the variable 'LogFile' is with a bad value thus printing like "0" in the conf file.

Cheers,
Javier

See original description
Revision history for this message
Javier Amor Garcia (javier-amor-garcia) wrote :
Revision history for this message
Chuck Short (zulcss) wrote :

Thanks for the bug report, Ill see if I can get this fixed.

Regards
chuck

Changed in clamav (Ubuntu):
importance: Undecided → Low
status: New → Confirmed
Revision history for this message
Imre Gergely (cemc) wrote :

I've looked a little bit at the .postinst script but I can't see how this could happen, except when there is something wrong in the config file itself. Like 'LogFile 0' in it or something :)

@Javier, do you by any chance have the clamd.conf file ? Or can you reproduce this problem in any consistent way?

Bug Watch Updater (bug-watch-updater)
Changed in altlinux:
status: Unknown → Invalid
Revision history for this message
fatbob (cronmonkey) wrote :

Hi there

Javier is a developer on a linux control system / distribution called zentyal. It was myself and another user who spotted this on our installations.

I've attatched my clamd.conf. If you need any further info please ask

Details on the zentyal forum here.
http://forum.zentyal.org/index.php/topic,14558.0.html

Revision history for this message
Jorge Salamero Sanz (bencer) wrote :

This bug appears because of the way we get conf parameters values, for LogFile:

grep '^LogFile' /etc/clamav/clamd.conf
LogFileMaxSize 0
LogFile /var/log/clamav/clamav.log
LogFileUnlock false
LogFileMaxSize 0

The fix:

diff clamav-daemon.postinst /var/lib/dpkg/info/clamav-daemon.postinst
175c175
< value=`grep "^$variable[[:space:]]" $CLAMAVCONF | head -n1 | awk '{print $2}'`
---
> value=`grep ^$variable $CLAMAVCONF | head -n1 | awk '{print $2}'`

Test:
< + grep ^LogFile /etc/clamav/clamd.conf
< + value=0
< + [ -z 0 ]
< + [ 0 != LogFile ]
< + export LogFile=0
---
> + awk {print $2}
> + grep ^LogFile[[:space:]] /etc/clamav/clamd.conf
> + value=/var/log/clamav/clamav.log
> + [ -z /var/log/clamav/clamav.log ]
> + [ /var/log/clamav/clamav.log != LogFile ]
> + export LogFile=/var/log/clamav/clamav.log

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in clamav (Ubuntu Precise):
status: New → Confirmed
Changed in clamav (Ubuntu Quantal):
status: New → Confirmed
Changed in clamav (Ubuntu Raring):
status: New → Confirmed
Louis Bouchard (louis)
Changed in clamav (Ubuntu):
assignee: nobody → Louis Bouchard (louis-bouchard)
Changed in clamav (Ubuntu Precise):
assignee: nobody → Louis Bouchard (louis-bouchard)
Changed in clamav (Ubuntu Raring):
assignee: nobody → Louis Bouchard (louis-bouchard)
Changed in clamav (Ubuntu Quantal):
assignee: nobody → Louis Bouchard (louis-bouchard)
Changed in clamav (Ubuntu Precise):
importance: Undecided → Low
Changed in clamav (Ubuntu Quantal):
importance: Undecided → Low
Changed in clamav (Ubuntu Raring):
importance: Undecided → Low
Changed in clamav (Ubuntu):
status: Confirmed → In Progress
Changed in clamav (Ubuntu Precise):
status: Confirmed → In Progress
Changed in clamav (Ubuntu Quantal):
status: Confirmed → In Progress
Changed in clamav (Ubuntu Raring):
status: Confirmed → In Progress
Revision history for this message
Louis Bouchard (louis) wrote :

debdiff for Precise

description: updated
Revision history for this message
Louis Bouchard (louis) wrote :

debdiff for saucy

Revision history for this message
Martin Pitt (pitti) wrote :

Raring is EOL, and it's probably not worth any more SRUing this to quantal either.

Changed in clamav (Ubuntu Raring):
status: In Progress → Won't Fix
Revision history for this message
Martin Pitt (pitti) wrote :

Trusty branch uploaded.

Changed in clamav (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Martin Pitt (pitti) wrote :

I uploaded the precise branch with the same change that I did to the trusty one:

- value=`grep ^$variable $CLAMAVCONF | head -n1 | awk '{print $2}'`
+ value=`grep "^$variable[[:space:]]" $CLAMAVCONF | head -n1 | awk '{print $2}'`

Unsubscribing sponsors now.

Changed in clamav (Ubuntu Quantal):
status: In Progress → Won't Fix
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package clamav - 0.98.1+dfsg-1ubuntu5

---------------
clamav (0.98.1+dfsg-1ubuntu5) trusty; urgency=low

  * debian/common_functions
    - Fix slurp_config() that is sometimes not discriminative
    enough which leads to invalid configuration files (LP: #799623)
 -- Louis Bouchard <email address hidden> Mon, 10 Feb 2014 17:56:52 +0100

Changed in clamav (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Brian Murray (brian-murray) wrote : Please test proposed package

Hello Javier, or anyone else affected,

Accepted clamav into precise-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/clamav/0.97.8+dfsg-1ubuntu1.12.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in clamav (Ubuntu Precise):
status: In Progress → Fix Committed
tags: added: verification-needed
Chris J Arges (arges)
Changed in clamav (Ubuntu Saucy):
assignee: nobody → Louis Bouchard (louis-bouchard)
importance: Undecided → Low
status: New → In Progress
Revision history for this message
Brian Murray (brian-murray) wrote :

Hello Javier, or anyone else affected,

Accepted clamav into saucy-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/clamav/0.97.8+dfsg-1ubuntu4.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in clamav (Ubuntu Saucy):
status: In Progress → Fix Committed
Revision history for this message
Scott Kitterman (kitterman) wrote :

I've also fixed this in Debian Unstable as well.

Revision history for this message
Louis Bouchard (louis) wrote :

@Bryan : thanks I'll do my best to get it tested this week, I was off sick all of last week.

@scott: thanks, I meant to do it but it somewhat dropped of

Revision history for this message
Louis Bouchard (louis) wrote :

Verified for both Saucy & Precise. Work as expected.

tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package clamav - 0.97.8+dfsg-1ubuntu1.12.04.2

---------------
clamav (0.97.8+dfsg-1ubuntu1.12.04.2) precise-proposed; urgency=low

  * debian/common_functions
    - Fix slurp_config() that is sometimes not discriminative
    enough which leads to invalid configuration files (LP: #799623)
 -- Louis Bouchard <email address hidden> Mon, 10 Feb 2014 17:54:42 +0100

Changed in clamav (Ubuntu Precise):
status: Fix Committed → Fix Released
Revision history for this message
Brian Murray (brian-murray) wrote : Update Released

The verification of the Stable Release Update for clamav has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package clamav - 0.97.8+dfsg-1ubuntu4.1

---------------
clamav (0.97.8+dfsg-1ubuntu4.1) saucy; urgency=low

  * debian/common_functions
    - Fix slurp_config() that is sometimes not discriminative
    enough which leads to invalid configuration files (LP: #799623)
 -- Louis Bouchard <email address hidden> Thu, 27 Feb 2014 17:05:17 -0600

Changed in clamav (Ubuntu Saucy):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package clamav - 0.98.1+dfsg-4ubuntu1~ubuntu12.10.2

---------------
clamav (0.98.1+dfsg-4ubuntu1~ubuntu12.10.2) quantal-security; urgency=medium

  * Rebuild as a security update (LP: #1296856)
 -- Marc Deslauriers <email address hidden> Thu, 27 Mar 2014 08:54:58 -0400

Changed in clamav (Ubuntu Quantal):
status: Won't Fix → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.