Bug #669
closed
WARNING: Ignoring deprecated option DetectBrokenExecutables at /etc/clamav/clamd.conf:40
Added by Pierre-Louis Bonicoli over 4 years ago.
Updated over 4 years ago.
Branch:
allow_to_force_rendering_clamd
Description
This warning is received on dc-admins mailing list every hour:
[DC-Admins] Cron <clamav@Toushirou> [ -x /usr/sbin/clamav-unofficial-sigs ] && /usr/sbin/clamav-unofficial-sigs
WARNING: Ignoring deprecated option DetectBrokenExecutables at /etc/clamav/clamd.conf:40
- Branch set to allow_to_force_rendering_clamd
allow_to_force_rendering_clamd branch proposes a way to allow to force rendering of /etc/clamav/clamd.conf, using the following command:
ansible-playbook playbooks/tenants/duckcorp/security.yml -edc_antivirus_force_clamd_rendering=yes
This has been applied on Toushirou only, not the whole av_servers Ansible group.
Note that isn't the only updated DetectBrokenExecutables configuration directive:
diff -Naur clamd.conf /etc/clamav/clamd.conf
--- clamd.conf 2019-08-24 11:47:53.162937058 +0200
+++ /etc/clamav/clamd.conf 2019-08-24 11:48:07.875061000 +0200
@@ -22,6 +22,8 @@
LogFacility LOG_LOCAL6
LogClean false
LogVerbose false
+PreludeEnable no
+PreludeAnalyzerName ClamAV
DatabaseDirectory /var/lib/clamav
OfficialDatabaseOnly false
SelfCheck 3600
@@ -37,7 +39,6 @@
MaxScriptNormalize 5M
MaxZipTypeRcg 1M
ScanSWF true
-DetectBrokenExecutables false
ExitOnOOM true
LeaveTemporaryFiles false
AlgorithmicDetection true
@@ -53,7 +54,7 @@
ScanPartialMessages false
HeuristicScanPrecedence true
StructuredDataDetection false
-CommandReadTimeout 5
+CommandReadTimeout 30
SendBufTimeout 200
MaxQueue 100
ExtendedDetectionInfo true
lgtm
I just wondered why you use a listen directive instead of setting it in the name as the topic is clearly fully handled by this role only.
Marc Dequènes wrote:
I just wondered why you use a listen directive instead of setting it in the name as the topic is clearly fully handled by this role only.
Updated (listen directive removed) & merged & applied:
$ ANSIBLE_DISPLAY_OK_HOSTS=0 ANSIBLE_DISPLAY_SKIPPED_HOSTS=0 ansible-playbook playbooks/tenants/duckcorp/security.yml -u root -edc_antivirus_force_clamd_rendering=yes
PLAY [av_servers] *
TASK [Gathering Facts] *
fatal: [Elwing]: UNREACHABLE! => {"changed": false, "msg": "Data could not be sent to remote host \"Elwing\". Make sure this host can be reached over ssh: ssh: Could not resolve hostname elwing: Name or service not known\r\n", "unreachable": true}
TASK [dc-antivirus : debug] *
changed: [Orfeo] => {
"msg": "Force rendering of clamd.conf configuration file"
}
changed: [Toushirou] => {
"msg": "Force rendering of clamd.conf configuration file"
}
included: /srv/share/src/duckcorp/duckcorp-infra.git/ansible/roles/dc-antivirus/tasks/generate_clamd_conf.yml for Orfeo, Toushirou
RUNNING HANDLER [dc-antivirus : Delete clamd.conf file] *
changed: [Toushirou]
changed: [Orfeo]
RUNNING HANDLER [dc-antivirus : Run dpkg-reconfigure for clamav-daemon] *
changed: [Toushirou]
changed: [Orfeo]
RUNNING HANDLER [dc-antivirus : Enable ExitOnOOM] *
changed: [Orfeo]
changed: [Toushirou]
RUNNING HANDLER [dc-antivirus : Enable HeuristicScanPrecedence] *
changed: [Toushirou]
changed: [Orfeo]
RUNNING HANDLER [dc-antivirus : Restart ClamAV daemon] *
changed: [Toushirou]
changed: [Orfeo]
PLAY RECAP *
Elwing : ok=0 changed=0 unreachable=1 failed=0 skipped=0 rescued=0 ignored=0
Orfeo : ok=15 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Toushirou : ok=15 changed=6 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
- Status changed from New to Resolved
- % Done changed from 0 to 100
Also available in: Atom
PDF
Updated by 
Updated by