Is there a way to comment out an option in clamd.conf? - Githubissues

edestecd / puppet-clamav

Puppet Module for managing ClamAV

GNU General Public License v3.0

6 stars 59 forks source link

Is there a way to comment out an option in clamd.conf? #18

Closed ubellavance closed 8 years ago

ubellavance commented 8 years ago

I'd like to comment out the LogFile option in clamd config file. I looked at the template file, but I don't know what the .delete means or how it can be called.

Thanks,

edestecd commented 8 years ago

Can you just set it to the default instead, which would be the equivalent of commenting it out...

edestecd commented 8 years ago

Another option is to check for explicit undef and not set those options. I think that may be one of the next features I add along with making both RedHat and Ubuntu use the same hash loop for the config file.

ubellavance commented 8 years ago

The default of this setting is "disabled". I don't think I can set that.

edestecd commented 8 years ago

I should be able to fix this in the next version. I will be adding RedHat 7 support as well as refactoring how the template is rendered as mentioned above. The mysql module checks the options hash for explicit undef and removes those options. I will prob do it that way.

edestecd commented 8 years ago

Example code that would work for you after I make the change:

class { 'clamav':
  manage_clamd      => true,
  manage_freshclam  => true,
  clamd_options     => {
    'LogFile' => undef,
  },
}

edestecd commented 8 years ago

@ubellavance this should work for you now. Are you able to check out master and give it a try?

ubellavance commented 8 years ago

I tried running with all the defaults and it need to have either a LocalSocket or a TCPSocket. I think the best would be to set a LocalSocket /var/run/clamd.scan/clamd.sock. If I define it manually, clamd starts and seems to work OK. Looks good so far! I see that by moving to the use of hashes we loose all the description of the config options in the config file but I guess it's the price to pay to have a simpler method of file generation. I should be doing more extensive testing next week (I haven't checked freshclam much).

edestecd commented 8 years ago

I agree about the LocalSocket. I originally pulled the defaults from the default config file, but I may do some tweaking to make it work out of the box. RedHat 7 is even worse. There are literally no options set in that default config file.

Yes, using only a hash cans all the comments... That is the way the stock ubuntu config comes, so we were doing that for ubuntu before... Most other official modules from the forge take this approach. You always have the online doc and shouldn't be logging into servers anyway...

ubellavance commented 8 years ago

Agreed. I would simply make sure that the clamd service runs out of the box.