[pve-devel] [PATCH dab-pve-appliances v2] pmg: optionally verify cvd files with sigtool

Stoiko Ivanov s.ivanov at proxmox.com
Thu Jan 9 18:32:43 CET 2020


sigtool (1)  is clamav's utility to manipulate and verify cvd files.
It is shipped in the clamav package, which is not installed inside
pmg (pmg uses the daemonized version - clamav-daemon).

This patch verifies the downloaded cvd-files if sigtool is installed on the
build host and skips the verification if not (in order to not depend on an
installed clamav package).

Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
---
v1 -> v2
* changed the check for sigtool's existence to the posix compatible
  `command -v $cmd` instead of relying on hardcoded paths (and not using them
  during the actual invocation) - Thanks @Thomas for spotting and suggesting
  this!

 debian-10.0-pmg-64/Makefile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/debian-10.0-pmg-64/Makefile b/debian-10.0-pmg-64/Makefile
index 0e6efff..d12b4f4 100644
--- a/debian-10.0-pmg-64/Makefile
+++ b/debian-10.0-pmg-64/Makefile
@@ -33,3 +33,4 @@ dist-clean:
 ${CVD_FILES}:
 	curl -L --silent --show-error --fail --time-cond $@ -o $@.tmp http://database.clamav.net/$@
 	[ -f $@.tmp ] && mv $@.tmp $@ || true
+	if command -v sigtool > /dev/null ; then sigtool -i $@; else echo "skipping verification of $@"; fi
-- 
2.20.1





More information about the pve-devel mailing list