diff options
author | Christoph Kluenter <ckluente@thoughtworks.com> | 2016-09-07 15:36:54 +0200 |
---|---|---|
committer | varac <varacanero@zeromail.org> | 2016-09-08 20:37:04 +0200 |
commit | a3af8acba8cd479f47d76784082d95100c0833ef (patch) | |
tree | c612dd789f43a2374c762c0ee0ee0fb320092378 /puppet | |
parent | f5db49cf6b3ca0a5830b849c0aac074e371b95d9 (diff) |
start clamav after definitions are downloaded
freshclam might not be able to start clamav via the socket because
the socket might not be there. This systemd unit watches for the
definitions and then starts clamav.
Resolves: #8431
Diffstat (limited to 'puppet')
-rw-r--r-- | puppet/modules/clamav/files/clamav-daemon.path | 12 | ||||
-rw-r--r-- | puppet/modules/clamav/manifests/daemon.pp | 1 | ||||
-rw-r--r-- | puppet/modules/clamav/manifests/daemon/activation.pp | 24 |
3 files changed, 37 insertions, 0 deletions
diff --git a/puppet/modules/clamav/files/clamav-daemon.path b/puppet/modules/clamav/files/clamav-daemon.path new file mode 100644 index 00000000..6e57d187 --- /dev/null +++ b/puppet/modules/clamav/files/clamav-daemon.path @@ -0,0 +1,12 @@ +[Unit] +Description=Path Activation for Clam AntiVirus userspace daemon +Documentation=man:clamd(8) man:clamd.conf(5) http://www.clamav.net/lang/en/doc/ + +[Path] +# Check and wait for database existence before starting up +PathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc} +PathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc} + +[Install] +WantedBy=sockets.target + diff --git a/puppet/modules/clamav/manifests/daemon.pp b/puppet/modules/clamav/manifests/daemon.pp index 2e13a8fb..b51a07e9 100644 --- a/puppet/modules/clamav/manifests/daemon.pp +++ b/puppet/modules/clamav/manifests/daemon.pp @@ -1,5 +1,6 @@ # deploy clamav daemon class clamav::daemon { + include clamav::daemon::activation $domain_hash = hiera('domain') $domain = $domain_hash['full_suffix'] diff --git a/puppet/modules/clamav/manifests/daemon/activation.pp b/puppet/modules/clamav/manifests/daemon/activation.pp new file mode 100644 index 00000000..09c1e55e --- /dev/null +++ b/puppet/modules/clamav/manifests/daemon/activation.pp @@ -0,0 +1,24 @@ +# ensure clamav starts after the definitions are downloaded +# needed because sometimes clamd cannot get started by freshclam, +# see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827909 +class clamav::daemon::activation { + + file { '/etc/systemd/system/clamav-daemon.path': + source => 'puppet:///modules/clamav/clamav-daemon.path', + mode => '0644', + owner => root, + group => root, + notify => [ Exec['systemctl-daemon-reload'], Systemd::Enable['clamav-daemon.path'] ] + } + + systemd::enable { 'clamav-daemon.path': + require => Exec['systemctl-daemon-reload'], + notify => Exec['start_clamd_path_monitor'] + } + + exec { 'start_clamd_path_monitor': + command => '/bin/systemctl start clamav-daemon.path', + refreshonly => true, + before => Service['freshclam'] + } +} |