Open pirxthepilot opened 5 years ago
It looks like there are a bunch of deprecated options (or rather, the options got renamed) in 0.101: https://blog.clamav.net/2018/12/clamav-01010-has-been-released.html
I'm only getting the warning for DetectBrokenExecutables
, though. I'm planning to submit a PR with just that option removed from default, but I'm wondering if I should remove the other renamed options from default as well. Thoughts, @edestecd ?
Sure if you check for the version of clamav and switch the options...
Or we can cut a new release and explicitly only support the newer version. Is this true in other supported OSs (ubuntu)
Don't have a test Ubuntu instance atm, but looks like it's still on 0.100
at the latest https://packages.ubuntu.com/search?keywords=clamav
I surveyed the default values in clamd itself vs puppet-clamav and all options that do exist in the latter sync up with the former:
Old name | New name | clamd default | puppet-clamav default |
---|---|---|---|
AlgorithmicDetection |
HeuristicAlerts |
yes | yes |
DetectBrokenExecutables |
AlertBrokenExecutables |
no | no |
PhishingAlwaysBlockCloak |
AlertPhishingCloak |
no | no |
PhishingAlwaysBlockSSLMismatch |
AlertPhishingSSLMismatch |
no | no |
PartitionIntersection |
AlertPartitionIntersection |
no | Not in default options |
BlockMax |
AlertExceedsMax |
no | Not in default options |
OLE2BlockMacros |
AlertOLE2Macros |
no | no |
ArchiveBlockEncrypted |
AlertEncrypted |
no | no |
AlertEncryptedArchive |
no | Not in default options | |
AlertEncryptedDoc |
no | Not in default options |
I think the cleanest and easiest way is to just remove these from $clamd_default_options
.
We can trim the defaults down if you like. Just as a reminder you can sent any of them to undef
and they will be removed.
This is still active in the latest versions. It also still forcibly uses a PID file, which is not needed in most modern Linux kernels. Can we get rid of that?
Hello, got this warning on CentOS 7 with clamd 0.101:
Not a big deal but would be nice to fix in future releases :) Thanks!