search

edestecd / puppet-clamav

Puppet Module for managing ClamAV
GNU General Public License v3.0
6 stars 59 forks source link

Deprecated option DetectBrokenExecutables on clamav 0.101 #62

Open pirxthepilot opened 5 years ago

pirxthepilot commented 5 years ago

Hello, got this warning on CentOS 7 with clamd 0.101:

WARNING: Ignoring deprecated option DetectBrokenExecutables at /etc/clamd.d/scan.conf

Not a big deal but would be nice to fix in future releases :) Thanks!

pirxthepilot commented 5 years ago

It looks like there are a bunch of deprecated options (or rather, the options got renamed) in 0.101: https://blog.clamav.net/2018/12/clamav-01010-has-been-released.html

I'm only getting the warning for DetectBrokenExecutables, though. I'm planning to submit a PR with just that option removed from default, but I'm wondering if I should remove the other renamed options from default as well. Thoughts, @edestecd ?

edestecd commented 5 years ago

Sure if you check for the version of clamav and switch the options...

Or we can cut a new release and explicitly only support the newer version. Is this true in other supported OSs (ubuntu)

pirxthepilot commented 5 years ago

Don't have a test Ubuntu instance atm, but looks like it's still on 0.100 at the latest https://packages.ubuntu.com/search?keywords=clamav

I surveyed the default values in clamd itself vs puppet-clamav and all options that do exist in the latter sync up with the former:

Old name New name clamd default puppet-clamav default
AlgorithmicDetection HeuristicAlerts yes yes
DetectBrokenExecutables AlertBrokenExecutables no no
PhishingAlwaysBlockCloak AlertPhishingCloak no no
PhishingAlwaysBlockSSLMismatch AlertPhishingSSLMismatch no no
PartitionIntersection AlertPartitionIntersection no Not in default options
BlockMax AlertExceedsMax no Not in default options
OLE2BlockMacros AlertOLE2Macros no no
ArchiveBlockEncrypted AlertEncrypted no no
AlertEncryptedArchive no Not in default options
AlertEncryptedDoc no Not in default options

I think the cleanest and easiest way is to just remove these from $clamd_default_options.

edestecd commented 4 years ago

We can trim the defaults down if you like. Just as a reminder you can sent any of them to undef and they will be removed.

ZaxLofful commented 1 year ago

This is still active in the latest versions. It also still forcibly uses a PID file, which is not needed in most modern Linux kernels. Can we get rid of that?