From f5db49cf6b3ca0a5830b849c0aac074e371b95d9 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 8 Sep 2016 14:27:39 +0200 Subject: Add systemd::enable define --- puppet/modules/systemd/manifests/enable.pp | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 puppet/modules/systemd/manifests/enable.pp diff --git a/puppet/modules/systemd/manifests/enable.pp b/puppet/modules/systemd/manifests/enable.pp new file mode 100644 index 00000000..e1bee18a --- /dev/null +++ b/puppet/modules/systemd/manifests/enable.pp @@ -0,0 +1,8 @@ +# enables a systemd resource +define systemd::enable () { + + exec { "enable_systemd_${name}": + refreshonly => true, + command => "/bin/systemctl enable ${name}" + } +} -- cgit v1.2.3 From a3af8acba8cd479f47d76784082d95100c0833ef Mon Sep 17 00:00:00 2001 From: Christoph Kluenter Date: Wed, 7 Sep 2016 15:36:54 +0200 Subject: start clamav after definitions are downloaded freshclam might not be able to start clamav via the socket because the socket might not be there. This systemd unit watches for the definitions and then starts clamav. Resolves: #8431 --- puppet/modules/clamav/files/clamav-daemon.path | 12 +++++++++++ puppet/modules/clamav/manifests/daemon.pp | 1 + .../modules/clamav/manifests/daemon/activation.pp | 24 ++++++++++++++++++++++ 3 files changed, 37 insertions(+) create mode 100644 puppet/modules/clamav/files/clamav-daemon.path create mode 100644 puppet/modules/clamav/manifests/daemon/activation.pp diff --git a/puppet/modules/clamav/files/clamav-daemon.path b/puppet/modules/clamav/files/clamav-daemon.path new file mode 100644 index 00000000..6e57d187 --- /dev/null +++ b/puppet/modules/clamav/files/clamav-daemon.path @@ -0,0 +1,12 @@ +[Unit] +Description=Path Activation for Clam AntiVirus userspace daemon +Documentation=man:clamd(8) man:clamd.conf(5) http://www.clamav.net/lang/en/doc/ + +[Path] +# Check and wait for database existence before starting up +PathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc} +PathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc} + +[Install] +WantedBy=sockets.target + diff --git a/puppet/modules/clamav/manifests/daemon.pp b/puppet/modules/clamav/manifests/daemon.pp index 2e13a8fb..b51a07e9 100644 --- a/puppet/modules/clamav/manifests/daemon.pp +++ b/puppet/modules/clamav/manifests/daemon.pp @@ -1,5 +1,6 @@ # deploy clamav daemon class clamav::daemon { + include clamav::daemon::activation $domain_hash = hiera('domain') $domain = $domain_hash['full_suffix'] diff --git a/puppet/modules/clamav/manifests/daemon/activation.pp b/puppet/modules/clamav/manifests/daemon/activation.pp new file mode 100644 index 00000000..09c1e55e --- /dev/null +++ b/puppet/modules/clamav/manifests/daemon/activation.pp @@ -0,0 +1,24 @@ +# ensure clamav starts after the definitions are downloaded +# needed because sometimes clamd cannot get started by freshclam, +# see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827909 +class clamav::daemon::activation { + + file { '/etc/systemd/system/clamav-daemon.path': + source => 'puppet:///modules/clamav/clamav-daemon.path', + mode => '0644', + owner => root, + group => root, + notify => [ Exec['systemctl-daemon-reload'], Systemd::Enable['clamav-daemon.path'] ] + } + + systemd::enable { 'clamav-daemon.path': + require => Exec['systemctl-daemon-reload'], + notify => Exec['start_clamd_path_monitor'] + } + + exec { 'start_clamd_path_monitor': + command => '/bin/systemctl start clamav-daemon.path', + refreshonly => true, + before => Service['freshclam'] + } +} -- cgit v1.2.3