diff options
author | Micah Anderson <micah@riseup.net> | 2016-11-04 10:54:28 -0400 |
---|---|---|
committer | Micah Anderson <micah@riseup.net> | 2016-11-04 10:54:28 -0400 |
commit | 34a381efa8f6295080c843f86bfa07d4e41056af (patch) | |
tree | 9282cf5d4c876688602705a7fa0002bc4a810bde /puppet/modules/clamav | |
parent | 0a72bc6fd292bf9367b314fcb0347c4d35042f16 (diff) | |
parent | 5821964ff7e16ca7aa9141bd09a77d355db492a9 (diff) |
Merge branch 'develop'
Diffstat (limited to 'puppet/modules/clamav')
-rw-r--r-- | puppet/modules/clamav/files/clamav-daemon.path | 12 | ||||
-rw-r--r-- | puppet/modules/clamav/manifests/daemon.pp | 21 | ||||
-rw-r--r-- | puppet/modules/clamav/manifests/daemon/activation.pp | 24 |
3 files changed, 49 insertions, 8 deletions
diff --git a/puppet/modules/clamav/files/clamav-daemon.path b/puppet/modules/clamav/files/clamav-daemon.path new file mode 100644 index 00000000..6e57d187 --- /dev/null +++ b/puppet/modules/clamav/files/clamav-daemon.path @@ -0,0 +1,12 @@ +[Unit] +Description=Path Activation for Clam AntiVirus userspace daemon +Documentation=man:clamd(8) man:clamd.conf(5) http://www.clamav.net/lang/en/doc/ + +[Path] +# Check and wait for database existence before starting up +PathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc} +PathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc} + +[Install] +WantedBy=sockets.target + diff --git a/puppet/modules/clamav/manifests/daemon.pp b/puppet/modules/clamav/manifests/daemon.pp index 2e13a8fb..322cb892 100644 --- a/puppet/modules/clamav/manifests/daemon.pp +++ b/puppet/modules/clamav/manifests/daemon.pp @@ -1,5 +1,6 @@ # deploy clamav daemon class clamav::daemon { + include clamav::daemon::activation $domain_hash = hiera('domain') $domain = $domain_hash['full_suffix'] @@ -15,7 +16,6 @@ class clamav::daemon { pattern => '/usr/sbin/clamd', enable => true, hasrestart => true, - subscribe => File['/etc/default/clamav-daemon'], require => Package['clamav-daemon']; } @@ -25,19 +25,23 @@ class clamav::daemon { mode => '0750', owner => clamav, group => postfix, - require => [Package['postfix'], Package['clamav-daemon']]; + require => [Package['postfix'], Package['clamav-daemon']], + notify => Service['clamav-daemon']; '/var/lib/clamav': mode => '0755', owner => clamav, group => clamav, - require => Package['clamav-daemon']; + require => Package['clamav-daemon'], + notify => Service['clamav-daemon']; '/etc/default/clamav-daemon': - source => 'puppet:///modules/clamav/clamav-daemon_default', - mode => '0644', - owner => root, - group => root; + source => 'puppet:///modules/clamav/clamav-daemon_default', + mode => '0644', + owner => root, + group => root, + require => Package['clamav-daemon'], + notify => Service['clamav-daemon']; # this file contains additional domains that we want the clamav # phishing process to look for (our domain) @@ -46,7 +50,8 @@ class clamav::daemon { mode => '0644', owner => clamav, group => clamav, - require => Package['clamav-daemon']; + require => Package['clamav-daemon'], + notify => Service['clamav-daemon']; } file_line { diff --git a/puppet/modules/clamav/manifests/daemon/activation.pp b/puppet/modules/clamav/manifests/daemon/activation.pp new file mode 100644 index 00000000..09c1e55e --- /dev/null +++ b/puppet/modules/clamav/manifests/daemon/activation.pp @@ -0,0 +1,24 @@ +# ensure clamav starts after the definitions are downloaded +# needed because sometimes clamd cannot get started by freshclam, +# see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827909 +class clamav::daemon::activation { + + file { '/etc/systemd/system/clamav-daemon.path': + source => 'puppet:///modules/clamav/clamav-daemon.path', + mode => '0644', + owner => root, + group => root, + notify => [ Exec['systemctl-daemon-reload'], Systemd::Enable['clamav-daemon.path'] ] + } + + systemd::enable { 'clamav-daemon.path': + require => Exec['systemctl-daemon-reload'], + notify => Exec['start_clamd_path_monitor'] + } + + exec { 'start_clamd_path_monitor': + command => '/bin/systemctl start clamav-daemon.path', + refreshonly => true, + before => Service['freshclam'] + } +} |