dpkg-reconfigure clamav-daemon in infinite loop
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
clamav (Ubuntu) |
Fix Released
|
High
|
Eric Desrochers | ||
Xenial |
Fix Released
|
Medium
|
Eric Desrochers | ||
Bionic |
Fix Released
|
Medium
|
Eric Desrochers | ||
Eoan |
Fix Released
|
Medium
|
Eric Desrochers | ||
Focal |
Fix Released
|
High
|
Eric Desrochers |
Bug Description
[Impact]
There appears to be another issue with
> dpkg-reconfigure clamav-daemon
Like in #1792051, the command ends up in an infinite loop, just that this time it happens between 'Log file for clamav-daemon' and 'Do you want to enable log rotation?', with one more step between also included in the loop.
Purged and reinstalled the package with no effect.
Effected package: clamav-daemon 0.102.1+
EDIT: I was able to reproduce the error on a different system (also 0.102.1+
[Test Case]
(1)
Here's how to reproduce:
* Deploy Bionic
* Install clamav clamav-daemon
(As a debug exercise and confirmation of the infinite loop in action, with the use of "export DEBCONF_DEBUG='.*'" one can confirm it.)
* Perform:
DEBIAN_
Make sure it completes fine and doesn't enter an infinite loop.
---
(2)
Run "dpkg-reconfigure clamav-daemon", make sure all of the debconf prompts that are supposed to be there are actually reachable, including the one modified by this SRU "LogTime"[0] and "LogRotate"[1].
[0]- Do you want to log time information with each message?
[1]- Do you want to enable log rotation?
Here's a test where I intentionally reconfigure the package and set both LogTime and LogRotate from 'yes' (true) to 'No' (False).
# egrep "LogRotate|LogTime" /etc/clamav/
LogRotate true
LogTime true
# dpkg-reconfigure clamav-daemon
Replacing config file /etc/clamav/
Disabling old logrotate script for clamav-daemon
# egrep "LogRotate|LogTime" /etc/clamav/
LogRotate false
LogTime false
[Regression Potential]
Right now, the impact is limited to the reconfiguration of the package. This is a consequence of the removal of ScanOnAcces (701f0e8e Remove ScanOnAccess).
It's been proven to be working well pre-SRU.
If a regression is found, it will likely remain limited to the package
reconfiguration.
I added another verification to address vorlon's concern found in comment #16. See section (2) in [Test Case].
[Other infos]
* Debian upstream bug:
https:/
* Debian upstream (salsa):
https:/
CVE References
description: | updated |
description: | updated |
description: | updated |
description: | updated |
description: | updated |
Changed in clamav (Ubuntu Eoan): | |
importance: | Undecided → Medium |
Changed in clamav (Ubuntu Bionic): | |
importance: | Undecided → Critical |
importance: | Critical → Medium |
Changed in clamav (Ubuntu Xenial): | |
importance: | Undecided → Medium |
description: | updated |
description: | updated |
description: | updated |
Status changed to 'Confirmed' because the bug affects multiple users.