diff --git a/main/antivirus/ChangeLog b/main/antivirus/ChangeLog index 34fdd1f560d..4e93eb36ec9 100644 --- a/main/antivirus/ChangeLog +++ b/main/antivirus/ChangeLog @@ -1,6 +1,7 @@ HEAD + Do not try to validate path if not changed + Do not enable ScanOnAccess option if no paths are defined + + Remove obsolete code 5.1 + On-Access Scanning for Commercial editions + Remove deprecated purge-module script diff --git a/main/antivirus/debian/zentyal-antivirus.logrotate b/main/antivirus/debian/zentyal-antivirus.logrotate deleted file mode 100644 index 9b6528640b6..00000000000 --- a/main/antivirus/debian/zentyal-antivirus.logrotate +++ /dev/null @@ -1,8 +0,0 @@ -/var/log/clamav/freshclam.state { - rotate 12 - weekly - compress - delaycompress - missingok - create 640 clamav adm - } diff --git a/main/antivirus/src/EBox/AntiVirus.pm b/main/antivirus/src/EBox/AntiVirus.pm index 4911ba0168a..598d7b20c42 100644 --- a/main/antivirus/src/EBox/AntiVirus.pm +++ b/main/antivirus/src/EBox/AntiVirus.pm @@ -19,15 +19,13 @@ use warnings; package EBox::AntiVirus; use base qw(EBox::Module::Service - EBox::FirewallObserver - EBox::LogObserver); + EBox::FirewallObserver); use Perl6::Junction qw(any); use File::Slurp qw(read_file write_file); use File::ReadBackwards; use EBox::AntiVirus::FirewallHelper; -use EBox::AntiVirus::LogHelper; use EBox::Config; use EBox::Gettext; use EBox::Global; @@ -39,7 +37,6 @@ use constant { CLAMD_SOCKET => '/var/run/clamav/clamd.ctl', FRESHCLAM_CONF_FILE => '/etc/clamav/freshclam.conf', - FRESHCLAM_OBSERVER_SCRIPT => 'freshclam-observer', FRESHCLAM_CRON_FILE => '/etc/cron.d/clamav-freshclam', FRESHCLAM_DIR => '/var/lib/clamav/', FRESHCLAM_LOG_FILE => '/var/log/clamav/freshclam.log', @@ -138,16 +135,11 @@ sub appArmorProfiles { my ($self) = @_; - my $observerScript = EBox::Config::share() . 'zentyal-antivirus/' . FRESHCLAM_OBSERVER_SCRIPT; - - my @params = ( 'observerScript' => $observerScript); - - return [ - { 'binary' => 'usr.bin.freshclam', - 'local' => 1, - 'file' => 'antivirus/freshclam.profile.mas', - 'params' => \@params }, - ]; + return [{ + 'binary' => 'usr.bin.freshclam', + 'local' => 1, + 'file' => 'antivirus/freshclam.profile.mas', + }]; } sub usedFiles @@ -224,13 +216,10 @@ sub _setConf $self->disableApparmorProfile('usr.sbin.clamd'); - my $observerScript = EBox::Config::share() . 'zentyal-antivirus/' . FRESHCLAM_OBSERVER_SCRIPT; - my $network = EBox::Global->modInstance('network'); my $proxy = $network->model('Proxy'); my @freshclamParams = ( clamdConfFile => CLAMD_CONF_FILE, - observerScript => $observerScript, proxyServer => $proxy->serverValue(), proxyPort => $proxy->portValue(), proxyUser => $proxy->usernameValue(), @@ -246,110 +235,6 @@ sub _setConf [ enabled => $self->isEnabled() ]); } -# Method: freshclamState -# -# get the last freshclam event -# -# Returns: -# hash ref with the following fields -# update - true if the last event was a succesful update -# error - true if the last event was a error -# outdated - contains a version number if the last event was an update -# that recommends an updated version of engine. (in this case -# update field is not set to true) -# date - date of the last event -# -# If there is not last recorded event it returns a empty hash. -# -sub freshclamState -{ - my ($self) = @_; - - my @stateAttrs = qw(update error outdated date); - - my $emptyRes = { map { ( $_ => undef ) } @stateAttrs }; - my $freshclamStateFile = $self->freshclamStateFile(); - if (not -e $freshclamStateFile) { - return $emptyRes; # freshclam has never updated before - } - - my $file = new File::ReadBackwards($freshclamStateFile); - my $lastLine = $file->readline(); - if ($lastLine eq "") { - # Empty file - return $emptyRes; - } - my %state = split(',', $lastLine, (@stateAttrs * 2)); - - # checking state file coherence - foreach my $attr (@stateAttrs) { - exists $state{$attr} or throw EBox::Exceptions::Internal("Invalid freshclam state file. Missing attribute: $attr"); - } - if ( scalar @stateAttrs != scalar keys %state) { - throw EBox::Exceptions::Internal("Invalid fresclam state file: invalid attributes found. (valid attributes are @stateAttrs)"); - } - - return \%state; -} - -sub freshclamEBoxDir -{ - return FRESHCLAM_DIR; -} - -# Class method: freshclamStateFile -# -# Returns: -# -# String - the path to freshclam state file path -# -sub freshclamStateFile -{ - return EBox::AntiVirus::LogHelper::FRESHCLAM_STATE_FILE; -} - -# Class Method: notifyFreshclamEvent -# -# Got notified from a freshclam event and store the state in -# /var/lib/clamav/freshclam.state file. This is called by -# freshclam-observer script which is called by freshclam after an -# attempt of updating the AV Data Base -# -# Parameters: -# -# event - String the freshclam event. Valid ones are: update, error, outdated -# -# extraParam - String extra parameters (only expected last version -# for outdated event) -# -sub notifyFreshclamEvent -{ - my ($class, $event, $extraParam) = @_; - - my @validEvents = qw(update error outdated); - if (not ($event eq any( @validEvents))) { - $extraParam = defined $extraParam ? "with parameter $extraParam" : ""; - die ("Invalid freshclam event: $event $extraParam"); - } - - my $date = time(); - my $update = 0; - my $outdated = 0; - my $error = 0; - - if ($event eq 'update') { - $update = 1; - } elsif ($event eq 'error') { - $error = 1; - } elsif ($event eq 'outdated') { - $outdated = $extraParam; # $extraParam = last version - } - - my $statePairs = "date,$date,update,$update,error,$error,outdated,$outdated\n"; - my $stateFile = $class->freshclamStateFile(); - write_file($stateFile, { append => 1 }, $statePairs); -} - sub firewallHelper { my ($self) = @_; @@ -361,64 +246,6 @@ sub firewallHelper return undef; } -sub summary -{ - my ($self, $summary) = @_; - - my $section = new EBox::Dashboard::Section(__("Antivirus")); - $summary->add($section); - - my $antivirus = new EBox::Dashboard::ModuleStatus( - module => 'antivirus', - printableName => __('Antivirus'), - enabled => $self->isEnabled(), - running => $self->isRunning(), - nobutton => 0); - $section->add($antivirus); -} - -# Implement LogObserver interface - -# Method: logHelper -# -# Overrides: -# -# -# -sub logHelper -{ - return (new EBox::AntiVirus::LogHelper()); -} - -# Method: tableInfo -# -# Overrides: -# -# -# -sub tableInfo -{ - my $titles = { - 'timestamp' => __('Date'), - 'source' => __('Source'), - 'event' => __('Event') - }; - my @order = ('timestamp', 'source', 'event' ); - my @filter = ('source'); - my $events = { 'success' => __('Success'), 'failure' => __('Failure') }; - - return [{ - 'name' => __('Antivirus DB updates'), - 'tablename' => 'av_db_updates', - 'titles' => $titles, - 'order' => \@order, - 'timecol' => 'timestamp', - 'filter' => \@filter, - 'events' => $events, - 'eventcol' => 'event', - }]; -} - # Method: menu # # Overrides EBox::Module method. diff --git a/main/antivirus/src/EBox/AntiVirus/LogHelper.pm b/main/antivirus/src/EBox/AntiVirus/LogHelper.pm deleted file mode 100644 index e53de39c775..00000000000 --- a/main/antivirus/src/EBox/AntiVirus/LogHelper.pm +++ /dev/null @@ -1,80 +0,0 @@ -# Copyright (C) 2013 Zentyal S.L. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License, version 2, as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -use strict; -use warnings; - -package EBox::AntiVirus::LogHelper; - -use base 'EBox::LogHelper'; - -use EBox; -use Time::Piece; - -use constant FRESHCLAM_STATE_FILE => '/var/log/clamav/freshclam.state'; - -# Method: logFiles -# -# Overrides: -# -# -# -# Returns: -# -# array ref - containing the whole paths -# -sub logFiles -{ - return [FRESHCLAM_STATE_FILE]; -} - -# Method: processLine -# -# Overrides: -# -# -# -# Parameters: -# -# file - file name -# line - string containing the log line -# dbengine- An instance of class implemeting AbstractDBEngineinterface -# -sub processLine # (file, line, logger) -{ - my ($self, $file, $line, $dbengine) = @_; - - # The file format is written by strftime('%Y-%m-%d %H:%M:%S'); - my $data = { - 'timestamp' => $timestamp, - 'source' => 'freshclam', - 'event' => $event, - }; - $dbengine->insert('av_db_updates', $data); -} - -1; diff --git a/main/antivirus/src/EBox/AntiVirus/t/LogHelper.t b/main/antivirus/src/EBox/AntiVirus/t/LogHelper.t deleted file mode 100644 index fb290d9982b..00000000000 --- a/main/antivirus/src/EBox/AntiVirus/t/LogHelper.t +++ /dev/null @@ -1,101 +0,0 @@ -# Copyright (C) 2013 Zentyal S.L. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License, version 2, as -# published by the Free Software Foundation. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -use strict; -use warnings; -use Test::More tests => 9; -use Test::MockObject; -use Test::Exception; -use Test::Differences; - -BEGIN { - diag('A unit test for EBox::AntiVirus::LogHelper'); - use_ok('EBox::AntiVirus::LogHelper') - or die; -} - -my $dbEngine = Test::MockObject->new(); -$dbEngine->{lastInsert} = undef; -$dbEngine->mock('insert' => sub { my ($self, $table, $data) = @_; - $self->{table} = $table; - $self->{lastInsert} = $data; - }); -$dbEngine->mock('_tmLastInsert' => sub { my ($self) = @_; - return $self->{lastInsert}; - }); -$dbEngine->mock('_tmLastInsertTable' => sub { my ($self) = @_; - return $self->{table}; - }); - -$dbEngine->mock('_tmClearLastInsert' => sub { my ($self) = @_; - $self->{lastInsert} = undef; - $self->{table} = undef; - }); - -my @cases = ( - { - name => 'Valid AV update', - lines => - [ - "date,1366472429,update,1,error,0,outdated,0", - ], - expected => { - timestamp => '2013-04-20 17:40:29', - event => 'success', - source => 'freshclam', - } - }, - { - name => 'Error AV update', - lines => - [ - "date,1366472430,update,0,error,1,outdated,0", - ], - expected => { - timestamp => '2013-04-20 17:40:30', - event => 'failure', - source => 'freshclam', - } - }, - { - name => 'No AV update outdated version', - lines => - [ - "date,1366473002,update,0,error,0,outdated,0.97.7", - ], - expected => undef, - }, - ); - -my $logHelper = new EBox::AntiVirus::LogHelper(); -my $file = '/var/lib/clamav/freshclam.state'; - -foreach my $case (@cases) { - $dbEngine->_tmClearLastInsert(); - - lives_ok { - local $SIG{__WARN__} = sub { die @_ }; # die on warnings we don't want - # bad interpolation when parsing lines - foreach my $line (@{$case->{lines}}) { - $logHelper->processLine($file, $line, $dbEngine); - } - } $case->{name}; - if (defined($case->{expected})) { - is($dbEngine->_tmLastInsertTable(), 'av_db_updates', 'Check last insert table'); - } - eq_or_diff($dbEngine->_tmLastInsert(), $case->{expected}, 'Check inserted data is the expected one'); -} - -1; diff --git a/main/antivirus/src/scripts/freshclam-observer b/main/antivirus/src/scripts/freshclam-observer deleted file mode 100755 index c3700fd320c..00000000000 --- a/main/antivirus/src/scripts/freshclam-observer +++ /dev/null @@ -1,71 +0,0 @@ -#!/usr/bin/perl - -use strict; -use warnings; - -use EBox::AntiVirus; -use English qw(-no_match_vars); - -use constant { - ALLOWED_USER => 'clamav' -}; - -my @VALID_EVENTS = qw(update error outdated); - -_checkUser(); -my ($event, $extraParam) = _getParams(); -_writeEventFile($event, $extraParam); - - -sub _writeEventFile -{ - my ($event, $extraParam) = @_; - - EBox::AntiVirus->notifyFreshclamEvent($event, $extraParam); -} - -sub _getParams -{ - my $event = _event(); - - my $extraParam = undef; - if ($event eq 'outdated') { - $extraParam = _newVersion(); - } - - return ($event, $extraParam); -} - -sub _event -{ - my $cliEvent = shift @ARGV; - - my $isValidEvent = grep { $_ eq $cliEvent} @VALID_EVENTS; - if ($isValidEvent) { - return $cliEvent; - } - - die ("Not a valid freshclam event: $cliEvent"); -} - - -sub _newVersion -{ - my $cliNewVersion = shift @ARGV; - if ($cliNewVersion =~ m/^[\.\d\w]+$/) { - return $cliNewVersion; - } - else { - die ("Version from outdated event not valid: $cliNewVersion"); - } -} - - -sub _checkUser -{ - if (not ($EUID == getpwnam(ALLOWED_USER))) { - die "Only " . ALLOWED_USER . " is allowed to run this script"; - } -} - -1; diff --git a/main/antivirus/stubs/freshclam.conf.mas b/main/antivirus/stubs/freshclam.conf.mas index dc7fefb30be..3483c06fa8c 100644 --- a/main/antivirus/stubs/freshclam.conf.mas +++ b/main/antivirus/stubs/freshclam.conf.mas @@ -1,6 +1,5 @@ <%args> $clamdConfFile -$observerScript $databaseMirrorLocalCode => 'local' $proxyServer $proxyPort @@ -35,10 +34,6 @@ DatabaseMirror <% "db.$databaseMirrorLocalCode.clamav.net" %> DatabaseMirror database.clamav.net NotifyClamd <% $clamdConfFile %> -OnUpdateExecute <% "$observerScript update" %> -OnErrorExecute <% "$observerScript error" %> -<%doc>OnOutdatedExecute <% "$observerScript outdated %v" %> - % if ($proxyServer and $proxyPort) { HTTPProxyServer <% $proxyServer %> HTTPProxyPort <% $proxyPort %> diff --git a/main/antivirus/stubs/freshclam.profile.mas b/main/antivirus/stubs/freshclam.profile.mas index 6e82d6e34d3..0c6a88d442c 100644 --- a/main/antivirus/stubs/freshclam.profile.mas +++ b/main/antivirus/stubs/freshclam.profile.mas @@ -1,8 +1,2 @@ -<%args> - $observerScript - /run/clamav/clamd.ctl rw, /proc/*/status r, -# Run observer script -/bin/dash ix, -<% $observerScript %> rUx,