[Pkg-clamav-devel] [mt at debian.org: [bubulle at debian.org: Bug#523573: clamav: [debconf_rewrite] Debconf templates and debian/control review]]
Michael Tautschnig
mt at debian.org
Wed Apr 15 21:09:51 UTC 2009
Hi Christian,
Sorry for the (hopefully not too) late reply. Below please find a few comments
on the latest patch for our clamav-milter debconf templates.
When requesting updated translations please also consider the other binary
packages from clamav carrying templates (clamav-base, clamav-freshclam).
Thanks a lot,
Michael
[...]
> --- clamav.old/debian/clamav-milter.templates 2009-03-26 19:12:49.816449140 +0100
> +++ clamav/debian/clamav-milter.templates 2009-04-11 09:03:18.482051647 +0200
> @@ -1,26 +1,33 @@
> +# These templates have been reviewed by the debian-l10n-english
> +# team
> +#
> +# If modifications/additions/rewording are needed, please ask
> +# debian-l10n-english at lists.debian.org for advice.
> +#
> +# Even minor modifications require translation updates and such
> +# changes should be coordinated with translators and reviewers.
> +
> Template: clamav-milter/debconf
> Type: boolean
> Default: true
> _Description: Handle the configuration file automatically?
> Some options must be configured for clamav-milter.
> .
> - The ClamAV suite won't work if it isn't configured. If you do not
> + It won't work if it isn't configured. If you do not
> configure it automatically, you'll have to configure
> - /etc/clamav/clamav-milter.conf manually or run 'dpkg-reconfigure clamav-milter'
> + /etc/clamav/clamav-milter.conf manually or run "dpkg-reconfigure clamav-milter"
> later. In any case, manual changes in /etc/clamav/clamav-milter.conf will
> be respected.
>
> Template: clamav-milter/MilterSocket
> Type: string
> Default: /var/run/clamav/milter.ctl
> -_Description: Define the interface through to communicate with sendmail:
> - Possible formats are:
> - .
> - Unix domain socket: [[unix|local]:]/path/to/file
> - .
> - IPv4 socket: inet:port@[hostname|ip-address]
> - .
> - IPv6 socket: inet6:port@[hostname|ip-address]
> +_Description: Communication interface with Sendmail:
> + Please choose the method that should be used by clamav-milter to
> + communicate with Sendmail. The following formats can be used:
> + - Unix domain socket: [[unix|local]:]/path/to/file
> + - IPv4 socket : inet:port@[hostname|ip-address]
> + - IPv6 socket : inet6:port@[hostname|ip-address]
>
> Template: clamav-milter/FixStaleSocket
> Type: boolean
> @@ -32,142 +39,168 @@
> Default: clamav
> _Description: User to run clamav-milter as:
> It is recommended to run the ClamAV programs as a non-privileged user.
> - This will work with most MTAs with a little tweaking, but if you want to
> - use clamd for filesystem scans, running as root is probably unavoidable.
> + This will work with most MTAs with a little tweaking.
> + .
> Please see README.Debian in the clamav-base package for details.
>
> Template: clamav-milter/AddGroups
> Type: string
> _Description: Groups for clamav-milter (space-separated):
> By default, clamav-milter runs as a non-privileged user. If you need
> - clamav-milter to be able to access files owned by another user (e.g., in
> - combination with an MTA), then you will need to add clamav to the group for
> - that piece of software. Please see README.Debian in the clamav-base package for
> + clamav-milter to be able to access files owned by another user (for
> + instance when it is used in combination with an MTA), this user
> + need to be added to the relevant group(s).
> + .
> + Please see README.Debian in the clamav-base package for
> details.
>
IMHO in "this user need to be added ..." it is not clear what "this" is
referring to. Should probably be rephrased to "the user running clamav-milter
need to be added ..."
> Template: clamav-milter/ReadTimeout
> Type: string
> Default: 120
> -_Description: Waiting for data from clamd will timeout after this time (seconds):
> - Set to a value of '0' to disable the timeout.
> +_Description: Wait timeout for data coming from clamd:
> + Please enter the delay (in seconds) before clamav-milter times out when it is
> + waiting for incoming data from clamd.
> + .
> + Choosing "0" will disable this timeout.
>
> Template: clamav-milter/Foreground
> Type: boolean
> Default: false
> -_Description: Stay in foreground (don't fork)?
> +_Description: Should clamav-milter stay in foreground (not forking)?
>
> Template: clamav-milter/Chroot
> Type: string
> _Description: Chroot to directory:
> - Chrooting is performed just after reading the config file and before dropping
> - privileges. An empty value means don't chroot.
> + Clamav-milter can run in a chroot jail. It will enter it after reading
> + the configuration file and before dropping root privileges.
> + .
> + If this field is left empty, no chrooting will occur.
>
> Template: clamav-milter/PidFile
> Type: string
> Default: /var/run/clamav/clamav-milter.pid
> _Description: PID file:
> - This option allows you to save a process identifier of the listening daemon
> - (main thread).
> + Please specify the process identifier file location for clamav-milter's
> + listening daemon (main thread).
>
> Template: clamav-milter/TemporaryDirectory
> Type: string
> Default: /tmp
> -_Description: Optional path to the global temporary directory:
> - If unset, $TMPDIR and $TEMP will be honored.
> +_Description: Global temporary directory path:
> + Please specify the directory for clamav-milter's temporary files.
> + If unset, $TMPDIR and $TEMP will be honored.
>
I think "Global" should just be dropped.
> Template: clamav-milter/ClamdSocket
> Type: string
> Default: unix:/var/run/clamav/clamd.ctl
> -_Description: Define the clamd socket to connect to for scanning:
> - To refer to a local unix socket using a absolute path, use unix:path (e.g.,
> - unix:/var/run/clamd/clamd.socket). A local or remote TCP socket is specified
> - using the tcp:host:port syntax. The host can be a hostname or an ip address;
> - the ":port" field is only required for IPv6 addresses, otherwise it defaults to
> - 3310 (e.g., tcp:192.168.0.1).
> - .
> - This option can be repeated several times (separated by whitespace) with
> - different sockets or even with the same socket: clamd servers will be selected
> - in a round-robin fashion.
> +_Description: Clamd socket to connect to for scanning:
> + Please specify the socket to use to connect to the ClamAV daemon for
> + scanning purposes. Possible choices are:
> + - a local unix socket using an absolute path, in "unix:path" format
> + (for example: unix:/var/run/clamd/clamd.socket);
> + - a local or remote TCP socket in "tcp:host:port" format (for example:
> + tcp:192.168.0.1). The "host" value can be either a hostname or an IP
> + address, and the "port" is only required for IPv6 addresses,
> + defaulting to 3310 otherwise.
> + .
> + You may specify multiple choices, separated by spaces. In such cases, the
> + clamd servers will be selected in a round-robin fashion.
>
"In such cases" -- does one need to use plural here?
> Template: clamav-milter/LocalNet
> Type: string
> -_Description: Exclusions - IP ranges:
> - Messages originating from these hosts/networks will not be scanned. This
> - option takes a host(name)/mask pair in CIRD notation and can be repeated
> - several times (separated by whitespace). If "/mask" is omitted, a host is
> - assumed. To specify a locally originated, non-smtp, email use the keyword
> - "local".
> +_Description: Hosts excluded from scanning:
> + Please specify, in CIDR notation (host(name)/mask), the hosts for
> + which no scanning should be performed on incoming mail. Multiple entries
> + should be separated by spaces. The "local" shortcut can be used to
> + specify locally-originated (non-SMTP) email.
> .
> - If unset, everything regardless of the origin is scanned.
> + If this field is left empty, all incoming mail will be scanned.
>
> Template: clamav-milter/Whitelist
> Type: string
> -_Description: Exclusions - Regular expressions:
> - This option specifies a file which contains a list of POSIX regular
> - expressions. Addresses (sent to or from) matching these regexes will not be
> - scanned. Optionally each line can start with the string "From:" or "To:"
> - (note: no whitespace after the colon) indicating if it is, respectively, the
> - sender or recipient that is to be whitelisted. If the field is missing, "To:"
> - is assumed.
> - .
> - Lines in this file starting with #, : or ! are ignored.
> +_Description: Mail addresses whitelist:
> + Please specify the path to a whitelist file, listing email addresses
> + that should cause scanning to be bypassed.
> + .
> + Each line in this file should be a POSIX regular expression; lines
> + starting with "#", ":" or "!" will be ignored as comments.
> + .
> + Lines may start with "From:" (with no space after the colon) to make
> + the whitelisting apply to matching sender addresses; otherwise, or
> + with a "To:" prefix, it affects recipient addresses.
>
> Template: clamav-milter/OnClean
> Type: select
> -Choices: Accept, Reject, Defer, Blackhole, Quarantine
> +__Choices: Accept, Reject, Defer, Blackhole, Quarantine
> Default: Accept
> -_Description: Action to be performed on clean messages (mostly useful for testing):
> - The following actions are available:
> - .
> - - Accept: The message is accepted for delievery
> - .
> - - Reject: Immediately refuse delievery (a 5xx error is returned to the peer)
> +_Description: Action to perform on clean messages:
> + Please choose the action to perform on "clean" messages:
> .
> - - Defer: Return a temporary failure message (4xx) to the peer
> + - Accept : accept the message for delivery;
> + - Reject : immediately refuse delivery (with a 5xx error);
> + - Defer : return a temporary failure message (4xx);
> + - Blackhole : accept the message then drop it;
> + - Quarantine: accept the message then quarantine it. With
> + Sendmail, the quarantine queue can be examined
> + with "mailq -qQ". With Postfix, such mails are placed
> + on hold.
> .
> - - Blackhole (not available for OnFail): Like accept but the message is sent to
> - oblivion
> - .
> - - Quarantine (not available for OnFail): Like accept but message is quarantined
> - instead of being delivered In sendmail the quarantine queue can be examined
> - via mailq -qQ For Postfix this causes the message to be accepted but placed
> - on hold
> + This setting is meant for testing purposes only.
>
I think Stephen already suggested it earlier on: we should drop this option.
> Template: clamav-milter/OnInfected
> Type: select
> -Choices: Accept, Reject, Defer, Blackhole, Quarantine
> +__Choices: Accept, Reject, Defer, Blackhole, Quarantine
> Default: Quarantine
> -_Description: Action to be performed on infected messages:
> +_Description: Action to perform on infected messages:
> + Please choose the action to perform on "infected" messages:
> + .
> + - Accept : accept the message for delivery;
> + - Reject : immediately refuse delivery (with a 5xx error);
> + - Defer : return a temporary failure message (4xx);
> + - Blackhole : accept the message then drop it;
> + - Quarantine: accept the message then quarantine it. With
> + Sendmail, the quarantine queue can be examined
> + with "mailq -qQ". With Postfix, such mails are placed
> + on hold.
>
> Template: clamav-milter/OnFail
> Type: select
> -Choices: Accept, Reject, Defer, Blackhole, Quarantine
> +__Choices: Accept, Reject, Defer
> Default: Defer
> -_Description: Action to be performed on error conditions:
> - This includes failure to allocate data structures, no scanners available,
> - network timeouts, unknown scanner replies and the like)
> +_Description: Action to perform on error conditions:
> + Please choose the action to perform on errors such as failure to
> + allocate data structures, no scanners available,
> + network timeouts, unknown scanner replies...:
> + .
> + - Accept: accept the message for delivery;
> + - Reject: immediately refuse delivery (with a 5xx error);
> + - Defer : return a temporary failure message (4xx).
>
> Template: clamav-milter/RejectMsg
> Type: string
> _Description: Specific rejection reason for infected messages:
> - It is only useful together with "OnInfected Reject". The string "%v", if
> - present, will be replaced with the virus name.
> + Please specify the rejection reason that will be included in reject mails.
> + .
> + This option is only useful together with "OnInfected Reject".
> + .
> + The "%v" string may be used to include the virus name.
>
> Template: clamav-milter/AddHeader
> Type: boolean
> Default: false
> _Description: Add headers to processed messages?
> - If adding headers is enabled, "X-Virus-Scanned" and "X-Virus-Status" headers
> + If you choose this option, "X-Virus-Scanned" and "X-Virus-Status" headers
> will be attached to each processed message, possibly replacing existing
> - headers.
> + similar headers.
>
> Template: clamav-milter/LogFile
> Type: string
> Default: none
> -_Description: Log to file:
> - LogFile must be writable for the user running daemon. A full path is required.
> +_Description: Log file for clamav-milter:
> + Specify the full path to the clamav-milter log file, which must be
> + writable for the clamav daemon.
> .
> - Logging via syslog is configured independently of this entry.
> + Logging via syslog is configured independently of this setting.
>
> Template: clamav-milter/LogFileUnlock
> Type: boolean
> @@ -179,8 +212,9 @@
> Template: clamav-milter/LogFileMaxSize
> Type: string
> Default: 1M
> -_Description: Maximum size of the log file (unit Mb):
> - Set to a value of '0' to disable the timeout.
> +_Description: Maximum size of the log file (MB):
> + Please specify the maximum size for the log file. Using "0" will
> + allow that file to grow indefinitely.
>
> Template: clamav-milter/LogTime
> Type: boolean
> @@ -190,13 +224,16 @@
> Template: clamav-milter/LogSyslog
> Type: boolean
> Default: false
> -_Description: Use system logger (can work together with LogFile)?
> +_Description: Use system logger?
> + Please choose whether you want to use the system logger (syslog). This
> + option can be used along with logging in a dedicated file.
>
> Template: clamav-milter/LogFacility
> Type: string
> Default: LOG_LOCAL6
> -_Description: Specify the type of syslog messages:
> - Please refer to 'man syslog' for facility names.
> +_Description: Type of syslog messages:
> + Please choose the type of syslog messages as detailed in the system
> + logger's documentation.
>
> Template: clamav-milter/LogVerbose
> Type: boolean
> @@ -205,15 +242,21 @@
>
> Template: clamav-milter/LogInfected
> Type: select
> -Choices: Off, Basic, Full
> +__Choices: Off, Basic, Full
> Default: Off
> -_Description: What should be logged when a message is infected:
> - Possible values are Off (the default - nothing is logged), Basic (minimal info
> - logged), Full (verbose info logged)
> +_Description: Information to log on infected messages:
> + Please choose the level of information that will be logged when infected
> + messages are found:
> + - Off : no logging;
> + - Basic: minimal information;
> + - Full : verbose information.
>
> Template: clamav-milter/MaxFileSize
> Type: string
> Default: 25M
> -_Description: Messages larger than this value won't be scanned (unit Mb):
> - Make sure this value is lower than StreamMaxLength in clamd.conf
> -
> +_Description: Size limit for scanned messages (MB):
> + Please specify the maximum size for scanned messages. Messages bigger than
> + this limit will not be scanned.
> + .
> + You should check that this value is lower than the value of "StreamMaxLength"
> + in the clamd.conf file.
> --- clamav.old/debian/control 2009-03-26 19:12:49.816449140 +0100
> +++ clamav/debian/control 1970-01-01 01:00:00.000000000 +0100
> @@ -1,90 +0,0 @@
> -Source: clamav
> -Section: misc
> -Priority: optional
> -Maintainer: Bernd Zeimetz <bzed at debian.org>
> -Build-Depends: debhelper (>= 5.0.61), po-debconf, dpkg-dev (>= 1.14.8),
> - quilt, autotools-dev,
> - python-all-dev, python-support (>= 0.4),
> - xsltproc, docbook-xsl, docbook-xml,
> - libxt-dev, lesstif2-dev, libxaw7-dev, libncurses-dev,
> - libdbus-1-dev, libglib2.0-dev, libdbus-glib-1-dev, makedev
> -Standards-Version: 3.8.0
> -Homepage: http://gpsd.berlios.de/
> -XS-Python-Version: all
> -
> -Package: clamav
> -Architecture: any
> -Depends: python, netbase, lsb-base (>= 3.0-6), ${shlibs:Depends}, ${misc:Depends}
> -Recommends: gpsd-clients
> -Suggests: udev
> -Description: GPS (Global Positioning System) daemon
> - gpsd is a service daemon that monitors one or more GPSes attached to a host
> - computer through serial or USB ports, making all data on the location/course/
> - velocity of the sensors available to be queried on TCP port 2947 of the host
> - computer.
> - .
> - With gpsd, multiple GPS client applications can share access to GPSes without
> - contention or loss of data. Also, gpsd responds to queries with a format that
> - is substantially easier to parse than the NMEA 0183 emitted by most GPSes.
> -
> -Package: gpsd-clients
> -Architecture: any
> -Depends: ${shlibs:Depends}, ${misc:Depends}
> -Suggests: python-gps, gpsd
> -Description: Clients for the GPS daemon
> - gpsd is a service daemon that monitors one or more GPSes attached to a host
> - computer through serial or USB ports, making all data on the location/course/
> - velocity of the sensors available to be queried on TCP port 2947 of the host
> - computer.
> - .
> - This package contains auxiliary tools and example clients for monitoring and
> - testing gpsd.
> -
> -Package: python-gps
> -Architecture: any
> -Section: python
> -Replaces: gpsd-clients (<< 2.34.dfsg-1)
> -Depends: ${shlibs:Depends}, ${misc:Depends}, ${python:Depends}
> -Recommends: gpsd
> -Provides: ${python:Provides}
> -Description: Python interface to gpsd and testing environment
> - gpsd is a service daemon that monitors one or more GPSes attached to a host
> - computer through serial or USB ports, making all data on the location/course/
> - velocity of the sensors available to be queried on TCP port 2947 of the host
> - computer.
> - .
> - This package contains a Python interface to conntect to gpsd, together with
> - a module providing a controlled testing environment. It also ships two tools
> - which utilize the interface: gpsprof for latency-profiling and gpsfake to
> - simulate a GPS by playing back a logfile.
> -
> -Package: libgps17
> -Architecture: any
> -Section: libs
> -Depends: ${shlibs:Depends}, ${misc:Depends}
> -Description: C library for communicating with GPS devices
> - libgps is a service library for querying GPS devices. There are two
> - interfaces supported by it:
> - * A high-level interface that goes through gpsd, a service daemon that
> - monitors one or more GPS devices. It is intended for concurrent use by
> - several applications.
> - * A low-level interface that speaks directly with the serial or USB
> - device to which the GPS is attached.
> -
> -Package: libgps-dev
> -Architecture: any
> -Section: libdevel
> -Depends: libgps17 (= ${binary:Version}), ${misc:Depends}
> -Conflicts: gpsd (<< 2.34.dfsg-1)
> -Description: C library for communicating with GPS devices (development files)
> - libgps is a service library for querying GPS devices. There are two
> - interfaces supported by it:
> - * A high-level interface that goes through gpsd, a service daemon that
> - monitors one or more GPS devices. It is intended for concurrent use by
> - several applications.
> - * A low-level interface that speaks directly with the serial or USB
> - device to which the GPS is attached.
> - .
> - This package contains the header and development files needed to build
> - programs and packages using libgps.
> -
There's something wrong with the patch - why does it include a dropped (and
strange) control file?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20090415/cd39f8b5/attachment.pgp>
More information about the Pkg-clamav-devel
mailing list