From 671a068a0166a5474e51b4d151b64250f8feaec8 Mon Sep 17 00:00:00 2001 From: Renaud Date: Wed, 2 Mar 2022 20:51:47 +0100 Subject: [PATCH] Remove F-PROT package and service module (EoL) (#160372) --- .../from_md/release-notes/rl-2205.section.xml | 7 ++ .../manual/release-notes/rl-2205.section.md | 3 + nixos/modules/misc/ids.nix | 4 +- nixos/modules/module-list.nix | 1 - nixos/modules/rename.nix | 1 + nixos/modules/services/security/fprot.nix | 82 ------------------- pkgs/tools/security/fprot/default.nix | 42 ---------- pkgs/top-level/all-packages.nix | 2 - 8 files changed, 13 insertions(+), 129 deletions(-) delete mode 100644 nixos/modules/services/security/fprot.nix delete mode 100644 pkgs/tools/security/fprot/default.nix diff --git a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml index a6bd453b35d9..4acf8195a8dd 100644 --- a/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml +++ b/nixos/doc/manual/from_md/release-notes/rl-2205.section.xml @@ -553,6 +553,13 @@ tilp2 was removed together with its module + + + The F-PROT antivirus (fprot package) and + its service module were removed because it reached + end-of-life. + + bird1 and its modules diff --git a/nixos/doc/manual/release-notes/rl-2205.section.md b/nixos/doc/manual/release-notes/rl-2205.section.md index 8f5b4789a42c..366f0552589b 100644 --- a/nixos/doc/manual/release-notes/rl-2205.section.md +++ b/nixos/doc/manual/release-notes/rl-2205.section.md @@ -180,6 +180,9 @@ In addition to numerous new and upgraded packages, this release has the followin - `tilp2` was removed together with its module +- The F-PROT antivirus (`fprot` package) and its service module were removed because it + reached [end-of-life](https://kb.cyren.com/av-support/index.php?/Knowledgebase/Article/View/434/0/end-of-sale--end-of-life-for-f-prot-and-csam). + - `bird1` and its modules `services.bird` as well as `services.bird6` have been removed. Upgrade to `services.bird2`. - The options `networking.interfaces..ipv4.routes` and `networking.interfaces..ipv6.routes` are no longer ignored when using networkd instead of the default scripted network backend by setting `networking.useNetworkd` to `true`. diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 1b4105c676d9..7d1faa50f4bf 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -89,7 +89,7 @@ in prayer = 49; mpd = 50; clamav = 51; - fprot = 52; + #fprot = 52; # unused # bind = 53; #dynamically allocated as of 2021-09-03 wwwrun = 54; #adm = 55; # unused @@ -412,7 +412,7 @@ in prayer = 49; mpd = 50; clamav = 51; - fprot = 52; + #fprot = 52; # unused #bind = 53; # unused wwwrun = 54; adm = 55; diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index fd6bd087fb7d..c102f4c97ee3 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -951,7 +951,6 @@ ./services/security/clamav.nix ./services/security/fail2ban.nix ./services/security/fprintd.nix - ./services/security/fprot.nix ./services/security/haka.nix ./services/security/haveged.nix ./services/security/hockeypuck.nix diff --git a/nixos/modules/rename.nix b/nixos/modules/rename.nix index d72ff1c6f170..195cf87e6a85 100644 --- a/nixos/modules/rename.nix +++ b/nixos/modules/rename.nix @@ -50,6 +50,7 @@ with lib; (mkRemovedOptionModule [ "services" "flashpolicyd" ] "The flashpolicyd module has been removed. Adobe Flash Player is deprecated.") (mkRemovedOptionModule [ "services" "fourStore" ] "The fourStore module has been removed") (mkRemovedOptionModule [ "services" "fourStoreEndpoint" ] "The fourStoreEndpoint module has been removed") + (mkRemovedOptionModule [ "services" "fprot" ] "The corresponding package was removed from nixpkgs.") (mkRemovedOptionModule [ "services" "frab" ] "The frab module has been removed") (mkRemovedOptionModule [ "services" "kippo" ] "The corresponding package was removed from nixpkgs.") (mkRemovedOptionModule [ "services" "mailpile" ] "The corresponding package was removed from nixpkgs.") diff --git a/nixos/modules/services/security/fprot.nix b/nixos/modules/services/security/fprot.nix deleted file mode 100644 index df60d553e85b..000000000000 --- a/nixos/modules/services/security/fprot.nix +++ /dev/null @@ -1,82 +0,0 @@ -{ config, lib, pkgs, ... }: -with lib; -let - fprotUser = "fprot"; - stateDir = "/var/lib/fprot"; - fprotGroup = fprotUser; - cfg = config.services.fprot; -in { - options = { - - services.fprot = { - updater = { - enable = mkEnableOption "automatic F-Prot virus definitions database updates"; - - productData = mkOption { - description = '' - product.data file. Defaults to the one supplied with installation package. - ''; - type = types.path; - }; - - frequency = mkOption { - default = 30; - type = types.int; - description = '' - Update virus definitions every X minutes. - ''; - }; - - licenseKeyfile = mkOption { - type = types.path; - description = '' - License keyfile. Defaults to the one supplied with installation package. - ''; - }; - - }; - }; - }; - - ###### implementation - - config = mkIf cfg.updater.enable { - - services.fprot.updater.productData = mkDefault "${pkgs.fprot}/opt/f-prot/product.data"; - services.fprot.updater.licenseKeyfile = mkDefault "${pkgs.fprot}/opt/f-prot/license.key"; - - environment.systemPackages = [ pkgs.fprot ]; - environment.etc."f-prot.conf" = { - source = "${pkgs.fprot}/opt/f-prot/f-prot.conf"; - }; - - users.users.${fprotUser} = - { uid = config.ids.uids.fprot; - description = "F-Prot daemon user"; - home = stateDir; - }; - - users.groups.${fprotGroup} = - { gid = config.ids.gids.fprot; }; - - services.cron.systemCronJobs = [ "*/${toString cfg.updater.frequency} * * * * root start fprot-updater" ]; - - systemd.services.fprot-updater = { - serviceConfig = { - Type = "oneshot"; - RemainAfterExit = false; - }; - wantedBy = [ "multi-user.target" ]; - - # have to copy fpupdate executable because it insists on storing the virus database in the same dir - preStart = '' - mkdir -m 0755 -p ${stateDir} - chown ${fprotUser}:${fprotGroup} ${stateDir} - cp ${pkgs.fprot}/opt/f-prot/fpupdate ${stateDir} - ln -sf ${cfg.updater.productData} ${stateDir}/product.data - ''; - - script = "/var/lib/fprot/fpupdate --keyfile ${cfg.updater.licenseKeyfile}"; - }; - }; -} diff --git a/pkgs/tools/security/fprot/default.nix b/pkgs/tools/security/fprot/default.nix deleted file mode 100644 index 6b930adcc26b..000000000000 --- a/pkgs/tools/security/fprot/default.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ lib, stdenv, fetchurl }: - -stdenv.mkDerivation { - - pname = "f-prot"; - version = "6.2.1"; - - src = fetchurl { - url = "http://files.f-prot.com/files/unix-trial/fp-Linux.x86.32-ws.tar.gz"; - sha256 = "0qlsrkanf0inplwv1i6hqbimdg91syf5ggd1vahsm9lhivmnr0v5"; - }; - - installPhase = '' - mkdir -p $out/bin - cp fpscan $out/bin - - mkdir -p $out/opt/f-prot - cp fpupdate $out/opt/f-prot - cp product.data.default $out/opt/f-prot/product.data - cp license.key $out/opt/f-prot/ - cp f-prot.conf.default $out/opt/f-prot/f-prot.conf - ln -s $out/opt/f-prot/fpupdate $out/bin/fpupdate - - patchelf --interpreter "$(cat $NIX_CC/nix-support/dynamic-linker)" $out/opt/f-prot/fpupdate - - mkdir -p $out/share/man/ - mkdir -p $out/share/man/man1 - cp doc/man/fpscan.1 $out/share/man/man1 - mkdir -p $out/share/man/man5 - cp doc/man/f-prot.conf.5 $out/share/man/man5 - mkdir -p $out/share/man/man8 - cp doc/man/fpupdate.8 $out/share/man/man8 - ''; - - meta = with lib; { - homepage = "http://www.f-prot.com"; - description = "A popular proprietary antivirus program"; - license = licenses.unfree; - maintainers = [ ]; - platforms = platforms.linux; - }; -} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 1de42284b3e8..5359a2ef9816 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -5555,8 +5555,6 @@ with pkgs; fpm = callPackage ../tools/package-management/fpm { }; - fprot = callPackage ../tools/security/fprot { }; - fprintd = callPackage ../tools/security/fprintd { }; fprintd-tod = callPackage ../tools/security/fprintd/tod.nix { };