[PR PATCH] clamav: update to 1.2.0.

[PR PATCH] clamav: update to 1.2.0.

[nsudsgaard]

[-- Attachment #1: Type: text/plain, Size: 1546 bytes --]

There is a new pull request by nsudsgaard against master on the void-packages repository

https://github.com/nsudsgaard/void-packages clamav-1.2.0
https://github.com/void-linux/void-packages/pull/46196

clamav: update to 1.2.0.
I understand that opening another PR is not the best thing to do. However, my previous PR had a bit of an accident and the other PR for clamav (#41188) is not very active (maybe I am just inpatient).

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **YES**

<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->

#### Local build testing
- I built this PR locally for my native architecture, (x86_64, x86_64-musl, i686)
- I built this PR locally for these architectures:
  - aarch64 _crossbuild_
  - aarch64-musl _crossbuild_
  - armv7l _crossbuild_
  - armv7l-musl _crossbuild_
  - armv6l _crossbuild_
  - armv6l-musl _crossbuild_



A patch file from https://github.com/void-linux/void-packages/pull/46196.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-clamav-1.2.0-46196.patch --]
[-- Type: text/x-diff, Size: 14309 bytes --]

From 7670abe3540d980be394ef40eaacc5e18244123b Mon Sep 17 00:00:00 2001
From: Nicholas Sudsgaard <devel@nsudsgaard.com>
Date: Sat, 23 Sep 2023 22:21:32 +0900
Subject: [PATCH] clamav: update to 1.2.0.

---
 common/shlibs                              |  9 ++-
 srcpkgs/clamav/INSTALL                     | 88 ++++++++++++++++++---
 srcpkgs/clamav/INSTALL.msg                 | 12 +++
 srcpkgs/clamav/REMOVE                      | 10 ++-
 srcpkgs/clamav/files/clamd/run             |  9 +++
 srcpkgs/clamav/files/clamonacc/run         |  4 +
 srcpkgs/clamav/files/freshclam/run         |  4 +
 srcpkgs/clamav/patches/10-void-linux.patch | 71 +++++++++++++++++
 srcpkgs/clamav/template                    | 92 +++++++++++-----------
 9 files changed, 235 insertions(+), 64 deletions(-)
 create mode 100644 srcpkgs/clamav/INSTALL.msg
 create mode 100755 srcpkgs/clamav/files/clamd/run
 create mode 100755 srcpkgs/clamav/files/clamonacc/run
 create mode 100755 srcpkgs/clamav/files/freshclam/run
 create mode 100644 srcpkgs/clamav/patches/10-void-linux.patch

diff --git a/common/shlibs b/common/shlibs
index 2d7f32eee393b..8b33fe5ee29b3 100644
--- a/common/shlibs
+++ b/common/shlibs
@@ -2257,10 +2257,11 @@ libsfml-system.so.2.5 SFML-2.5.0_1
 libsfml-window.so.2.5 SFML-2.5.0_1
 libsfml-audio.so.2.5 SFML-2.5.0_1
 libsfml-graphics.so.2.5 SFML-2.5.0_1
-libclamav.so.9 clamav-0.103.1_2
-libclamunrar.so.9 clamav-0.103.1_2
-libclamunrar_iface.so.9 clamav-0.103.1_2
-libfreshclam.so.2 clamav-0.103.1_2
+libclamav.so.12 clamav-1.2.0_1
+libclamunrar.so.12 clamav-1.2.0_1
+libclamunrar_iface.so.12 clamav-1.2.0_1
+libfreshclam.so.3 clamav-1.2.0_1
+libclammspack.so.0 clamav-1.2.0_1
 libqca-qt5.so.2 qca-qt5-2.1.3_1
 libqt5keychain.so.1 qtkeychain-qt5-0.7.0_1
 libphonon4qt5.so.4 phonon-qt5-4.8.3_1
diff --git a/srcpkgs/clamav/INSTALL b/srcpkgs/clamav/INSTALL
index 4b8adfa4a360a..7ea5300a7a8f9 100644
--- a/srcpkgs/clamav/INSTALL
+++ b/srcpkgs/clamav/INSTALL
@@ -1,20 +1,84 @@
 # INSTALL
+
+readonly old_configdir=/etc
+readonly configdir=/etc/clamav
+readonly old_config_files="
+    ${old_configdir}/clamd.conf
+    ${old_configdir}/freshclam.conf"
+readonly config_files="
+    ${configdir}/clamav-milter.conf
+    ${configdir}/clamd.conf
+    ${configdir}/freshclam.conf"
+readonly old_databasedir=/var/lib/_clamav
+readonly databasedir=/var/lib/clamav
+
+version="$(xbps-query clamav | grep pkgver)"
+version=${version#pkgver: clamav-}
+
+check_mv() {
+	[ -f "${1}" ] && mv "${1}" "${2}"
+}
+
+# The following functions are to used automatically to migrate the config files
+# from /etc (0.x versions) to /etc/clamav (1.x versions) safely.
+save_conflicting_config_files() {
+	[ ! -d ${configdir} ] && mkdir -p ${configdir}
+	for file in ${config_files}; do
+		check_mv "${file}" "${file}".custom
+	done
+	# Saves the previous version to use in the post action.
+	printf '%s' "${version}" > ${configdir}/.migrate
+}
+
+# This is done as moving the old config files into /etc/clamav in the preinstall
+# phase would end in xbps overwriting them with the new config files (not making
+# xxx.new-${VERSION}).
+# An alternative to this would be by renaming the new config files into the
+# xxx.new-${VERSION} format before moving the old config files into /etc/clamav
+# in the postinstall phase. However, it is usually not a good idea to emulate
+# program behavior as it may cause issues in the future (in this case if the
+# format changes).
+bootstrap_pkg() {
+	printf '%s\n' "${PKGNAME}-${VERSION}: bootstrapping ..."
+	xbps-remove -y clamav > /dev/null 2>&1
+	xbps-install -y clamav > /dev/null 2>&1
+}
+
+migrate_config_files() {
+	for file in ${old_config_files}; do
+		for match in "${file}"*; do
+			name=${match#"${old_configdir}"/}
+			check_mv "${match}" ${configdir}/"${name}"
+		done
+	done
+	bootstrap_pkg
+	rm ${configdir}/.migrate
+}
+
 case "$ACTION" in
+pre)
+	if [ "$UPDATE" = "yes" ]; then
+		case "${version}" in
+		0.*) save_conflicting_config_files ;;
+		esac
+	fi
+	;;
 post)
-	# Only if not updating
 	if [ "$UPDATE" != "yes" ]; then
-		# Create the database directory
-		mkdir -p var/lib/_clamav
-		# The clamav user owns it
-		chown -R _clamav:_clamav var/lib/_clamav
-		# Let group members write to it
-		chmod g+w var/lib/_clamav
+		mkdir -p ${databasedir}
 	else
-		if [ -d "var/lib/clamav" ]; then
-			mv var/lib/clamav var/lib/_clamav
-			chown -R _clamav:_clamav var/lib/_clamav
-		fi
+		prev_version="$(cat ${configdir}/.migrate 2> /dev/null)"
+
+		case "${prev_version}" in
+		0.*)
+			# This should come first or else the old database
+			# directory will be moved to /var/lib/clamav/_clamav.
+			[ -d ${old_databasedir} ] && mv ${old_databasedir} ${databasedir}
+			migrate_config_files
+			;;
+		esac
 	fi
+	chown -R _clamav:_clamav ${databasedir}
+	chmod g+w ${databasedir}
 	;;
 esac
-
diff --git a/srcpkgs/clamav/INSTALL.msg b/srcpkgs/clamav/INSTALL.msg
new file mode 100644
index 0000000000000..325ec6002c668
--- /dev/null
+++ b/srcpkgs/clamav/INSTALL.msg
@@ -0,0 +1,12 @@
+The directories used by clamav have changed in versions >=1.2.0_1. This change
+was made to keep the system clean and consistent with other packages.
+
+Changes:
+ - All the configuration files are now located in /etc/clamav
+ - The database directory is now /lib/var/clamav
+
+This change should be done automatically for most users and should require no
+user interference.
+
+For users already using the /etc/clamav directory for custom clamav installs,
+a '.custom' extension was added to those configuration files.
diff --git a/srcpkgs/clamav/REMOVE b/srcpkgs/clamav/REMOVE
index 1edffaba785c3..bc2171087b722 100644
--- a/srcpkgs/clamav/REMOVE
+++ b/srcpkgs/clamav/REMOVE
@@ -1,10 +1,14 @@
 # REMOVE
+
+readonly configdir=/etc/clamav
+readonly databasedir=/var/lib/clamav
+
 case "$ACTION" in
 pre)
-	# Only if not updating
 	if [ "$UPDATE" != "yes" ]; then
-		# Remove the clamav database directory and contents
-		rm -rf var/lib/_clamav
+		# Do not delete while bootstrapping.
+		[ -f ${configdir}/.migrate ] && exit 0
+		rm -rf ${databasedir}
 	fi
 	;;
 esac
diff --git a/srcpkgs/clamav/files/clamd/run b/srcpkgs/clamav/files/clamd/run
new file mode 100755
index 0000000000000..1eab01d0d077c
--- /dev/null
+++ b/srcpkgs/clamav/files/clamd/run
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+exec 2>&1
+
+localsocket="$(grep '^[[:space:]]*LocalSocket[[:space:]]' /etc/clamav/clamd.conf | cut -d' ' -f2)"
+runtimedir="$(dirname "$localsocket")"
+
+[ ! -d "${runtimedir}" ] && install -m 755 -o _clamav -g _clamav -d "${runtimedir}"
+exec clamd --foreground 2>&1
diff --git a/srcpkgs/clamav/files/clamonacc/run b/srcpkgs/clamav/files/clamonacc/run
new file mode 100755
index 0000000000000..622467adf2e98
--- /dev/null
+++ b/srcpkgs/clamav/files/clamonacc/run
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+exec 2>&1
+exec clamonacc --foreground --fdpass 2>&1
diff --git a/srcpkgs/clamav/files/freshclam/run b/srcpkgs/clamav/files/freshclam/run
new file mode 100755
index 0000000000000..8372eab14e4cb
--- /dev/null
+++ b/srcpkgs/clamav/files/freshclam/run
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+exec 2>&1
+exec freshclam --daemon --foreground 2>&1
diff --git a/srcpkgs/clamav/patches/10-void-linux.patch b/srcpkgs/clamav/patches/10-void-linux.patch
new file mode 100644
index 0000000000000..16cb8eb32d4ea
--- /dev/null
+++ b/srcpkgs/clamav/patches/10-void-linux.patch
@@ -0,0 +1,71 @@
+--- a/etc/clamav-milter.conf.sample	2023-09-23 21:48:44.563130754 +0900
++++ b/etc/clamav-milter.conf.sample	2023-09-23 21:52:44.693134403 +0900
+@@ -38,7 +38,7 @@
+ # to work)
+ #
+ # Default: unset (don't drop privileges)
+-#User clamav
++#User _clamav
+ 
+ # Waiting for data from clamd will timeout after this time (seconds).
+ # Value of 0 disables the timeout.
+--- a/etc/clamd.conf.sample	2023-09-23 21:20:27.717104965 +0900
++++ b/etc/clamd.conf.sample	2023-09-23 21:57:28.716138720 +0900
+@@ -81,7 +81,7 @@
+ #TemporaryDirectory /var/tmp
+ 
+ # Path to the database directory.
+-# Default: hardcoded (depends on installation options)
++# Default: /var/lib/clamav
+ #DatabaseDirectory /var/lib/clamav
+ 
+ # Only load the official signatures published by the ClamAV project.
+@@ -224,7 +224,7 @@
+ 
+ # Run as another user (clamd must be started by root for this option to work)
+ # Default: don't drop privileges
+-#User clamav
++#User _clamav
+ 
+ # Stop daemon when libclamav reports out of memory condition.
+ #ExitOnOOM yes
+@@ -706,7 +706,7 @@
+ # Modifies fanotify blocking behaviour when handling permission events.
+ # If off, fanotify will only notify if the file scanned is a virus,
+ # and not perform any blocking.
+-# Default: no
++# Default: no (Void Linux does not support this option; setting this to 'yes' will do nothing)
+ #OnAccessPrevention yes
+ 
+ # When using prevention, if this option is turned on, any errors that occur
+@@ -766,7 +766,7 @@
+ # It has the same potential race condition limitations of the
+ # OnAccessExcludeUID option.
+ # Default: disabled
+-#OnAccessExcludeUname clamav
++#OnAccessExcludeUname _clamav
+ 
+ # Number of times the OnAccess client will retry a failed scan due to
+ # connection problems (or other issues).
+--- a/etc/freshclam.conf.sample	2023-09-23 21:52:51.220134502 +0900
++++ b/etc/freshclam.conf.sample	2023-09-23 21:57:12.082138467 +0900
+@@ -9,7 +9,7 @@
+ 
+ # Path to the database directory.
+ # WARNING: It must match clamd.conf's directive!
+-# Default: hardcoded (depends on installation options)
++# Default: /var/lib/clamav
+ #DatabaseDirectory /var/lib/clamav
+ 
+ # Path to the log file (make sure it has proper permissions)
+@@ -56,8 +56,8 @@
+ 
+ # By default when started freshclam drops privileges and switches to the
+ # "clamav" user. This directive allows you to change the database owner.
+-# Default: clamav (may depend on installation options)
+-#DatabaseOwner clamav
++# Default: _clamav
++#DatabaseOwner _clamav
+ 
+ # Use DNS to verify virus database version. FreshClam uses DNS TXT records
+ # to verify database and software versions. With this directive you can change
diff --git a/srcpkgs/clamav/template b/srcpkgs/clamav/template
index 3574b7baeed09..eacaba9302dfa 100644
--- a/srcpkgs/clamav/template
+++ b/srcpkgs/clamav/template
@@ -1,66 +1,68 @@
 # Template file for 'clamav'
 pkgname=clamav
-version=0.103.8
-revision=4
-build_style=gnu-configure
-# XXX: system llvm is too new (< 3.7 required)
-# Shipped llvm does not build with gcc>=6
-configure_args="--sbindir=/usr/bin --libdir=/usr/lib
- --with-openssl=${XBPS_CROSS_BASE}/usr --with-pcre=${XBPS_CROSS_BASE}/usr
- --with-zlib=${XBPS_CROSS_BASE}/usr --with-libbz2-prefix=${XBPS_CROSS_BASE}/usr
- --with-system-libmspack=${XBPS_CROSS_BASE}/usr --with-libcurl=${XBPS_CROSS_BASE}/usr
- --enable-ipv6 --with-user=_clamav --with-group=_clamav"
-conf_files="/etc/clamd.conf /etc/freshclam.conf"
-hostmakedepends="flex pkg-config zip"
-makedepends="json-c-devel libcurl-devel libmspack-devel libxml2-devel
- ncurses-devel pcre-devel tcl-devel"
+version=1.2.0
+revision=1
+
+_configdir=/etc/clamav
+_databasedir=/var/lib/clamav
+
+build_style=cmake
+cmake_builddir=build
+# Setting ENABLE_JSON_SHARED=OFF is preferred, as libclamav.so may crash if you
+# use a different JSON library.
+configure_args="
+ -D CMAKE_BUILD_TYPE=Release
+ -D CMAKE_INSTALL_PREFIX=/usr
+ -D APP_CONFIG_DIRECTORY=${_configdir}
+ -D DATABASE_DIRECTORY=${_databasedir}
+ -D CLAMAV_USER=_clamav
+ -D CLAMAV_GROUP=_clamav
+ -D ENABLE_JSON_SHARED=OFF"
+hostmakedepends="rust cargo python3"
+makedepends="bzip2-devel check-devel libcurl-devel json-c-devel libmilter-devel
+ libxml2-devel ncurses-devel openssl-devel pcre2-devel zlib-devel"
 short_desc="Clam Anti-Virus scanner"
 maintainer="Orphaned <orphan@voidlinux.org>"
 license="GPL-2.0-only"
 homepage="https://www.clamav.net/"
+changelog="https://raw.githubusercontent.com/Cisco-Talos/clamav/main/NEWS.md"
 distfiles="https://www.clamav.net/downloads/production/clamav-${version}.tar.gz"
-checksum=6f49da6ee927936de13d359e559d3944248e3a257d40b80b6c99ebe6fe8c8c3f
-_clamav_homedir="/var/lib/_${pkgname}"
-_clamav_descr="ClamAV user"
+checksum=97a192dffe141480b56cabf1063d79a9fc55cd59203241fa41bfc7a98a548020
 system_accounts="_clamav"
-make_check=ci-skip
+_clamav_homedir=${_databasedir}
+conf_files="
+ ${_configdir}/clamav-milter.conf
+ ${_configdir}/clamd.conf
+ ${_configdir}/freshclam.conf"
+_sv_files="clamd clamonacc freshclam"
 
-CPPFLAGS="-Wno-unused-local-typedefs"
 if [ "$CROSS_BUILD" ]; then
-	configure_args+=" --disable-mempool"
+	build_helper="qemu"
+	makedepends+=" rust-std"
+	configure_args+="
+	 -D RUST_COMPILER_TARGET:STRING=${XBPS_CROSS_RUST_TARGET}
+	 -D RUSTFLAGS=${XBPS_CROSS_RUSTFLAGS}"
 fi
+
 if [ "$XBPS_TARGET_LIBC" = "musl" ]; then
 	makedepends+=" musl-fts-devel"
-	LDFLAGS="-lfts"
+	configure_args+=" -D CMAKE_EXE_LINKER_FLAGS=-lfts"
 fi
 
-do_configure() {
-	# Disable detection of sys/cdefs.h (it's obsolete)
-	sed -i configure -e 's; sys/cdefs\.h$;;'
-	sed -i configure -e 's;3\.7;3.9;'
-	# Enable IPv6 for cross builds
-	if [ "$CROSS_BUILD" ]; then
-		configure_args+=" have_cv_ipv6=yes"
-	fi
-	# Need to set PCRE_HOME to make --with-pcre=/usr work
-	PCRE_HOME=/usr ./configure ${configure_args}
-}
 post_install() {
-	# Enable and patch clamd configuration
-	mv -v ${PKGDESTDIR}/etc/clamd.conf.sample ${PKGDESTDIR}/etc/clamd.conf
-	vsconf etc/clamd.conf.sample
-	sed -i ${PKGDESTDIR}/etc/clamd.conf \
-		-e "s;^Example$;# Example;" \
-		-e "s;#DatabaseDirectory.*;DatabaseDirectory /var/lib/_${pkgname};"
+	vmkdir ${_configdir}
+	for sv in ${_sv_files}; do vsv "${sv}"; done
+	for path in ${conf_files}; do
+		name=${path#"${_configdir}"/}
+
+		mv -v "${PKGDESTDIR}"/"${path}".sample "${PKGDESTDIR}"/"${path}"
+		vsconf "${PKGDESTDIR}"/"${path}" "${name}".sample
+		sed -i "${PKGDESTDIR}"/"${path}" -e "s;^Example$;# Example;"
+	done
+	vdoc "${FILESDIR}"/README.voidlinux
 
-	# Enable and patch freshclam configuration
-	mv -v ${PKGDESTDIR}/etc/freshclam.conf.sample ${PKGDESTDIR}/etc/freshclam.conf
-	vsconf etc/freshclam.conf.sample
-	sed -i ${PKGDESTDIR}/etc/freshclam.conf \
-		-e "s;^Example$;# Example;" \
-		-e "s;#DatabaseDirectory.*;DatabaseDirectory /var/lib/_${pkgname};"
-	vdoc "${FILESDIR}/README.voidlinux"
 }
+
 clamav-devel_package() {
 	depends="${sourcepkg}>=${version}_${revision}"
 	short_desc+=" - development files"

Re: clamav: update to 1.2.0.

[nsudsgaard]

[-- Attachment #1: Type: text/plain, Size: 378 bytes --]

New comment by nsudsgaard on void-packages repository

https://github.com/void-linux/void-packages/pull/46196#issuecomment-1732332452

Comment:
Quickly build it locally for x86_64 and everything seems fine.
Reading the error messages it seems like a network issue (Fails to connect to the server to download). However, I am not sure why this happened only for x86_64 and i686.

Re: clamav: update to 1.2.0.

[jcgruenhage]

[-- Attachment #1: Type: text/plain, Size: 400 bytes --]

New comment by jcgruenhage on void-packages repository

https://github.com/void-linux/void-packages/pull/46196#issuecomment-1850920933

Comment:
@nsudsgaard thanks for continuing here! Honestly, if someone else wants to take over clamav, I'm more than happy. I was absent from void for a while, but starting to get back atm and I've used your PR to deploy clamav on my machine. Seems to work fine :)

Re: [PR PATCH] [Updated] clamav: update to 1.2.0.

[nsudsgaard]

[-- Attachment #1: Type: text/plain, Size: 1551 bytes --]

There is an updated pull request by nsudsgaard against master on the void-packages repository

https://github.com/nsudsgaard/void-packages clamav-1.2.0
https://github.com/void-linux/void-packages/pull/46196

clamav: update to 1.2.0.
I understand that opening another PR is not the best thing to do. However, my previous PR had a bit of an accident and the other PR for clamav (#41188) is not very active (maybe I am just inpatient).

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes
- I tested the changes in this PR: **YES**

<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->

#### Local build testing
- I built this PR locally for my native architecture, (x86_64, x86_64-musl, i686)
- I built this PR locally for these architectures:
  - aarch64 _crossbuild_
  - aarch64-musl _crossbuild_
  - armv7l _crossbuild_
  - armv7l-musl _crossbuild_
  - armv6l _crossbuild_
  - armv6l-musl _crossbuild_



A patch file from https://github.com/void-linux/void-packages/pull/46196.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-clamav-1.2.0-46196.patch --]
[-- Type: text/x-diff, Size: 14309 bytes --]

From 7670abe3540d980be394ef40eaacc5e18244123b Mon Sep 17 00:00:00 2001
From: Nicholas Sudsgaard <devel@nsudsgaard.com>
Date: Sat, 23 Sep 2023 22:21:32 +0900
Subject: [PATCH] clamav: update to 1.2.0.

---
 common/shlibs                              |  9 ++-
 srcpkgs/clamav/INSTALL                     | 88 ++++++++++++++++++---
 srcpkgs/clamav/INSTALL.msg                 | 12 +++
 srcpkgs/clamav/REMOVE                      | 10 ++-
 srcpkgs/clamav/files/clamd/run             |  9 +++
 srcpkgs/clamav/files/clamonacc/run         |  4 +
 srcpkgs/clamav/files/freshclam/run         |  4 +
 srcpkgs/clamav/patches/10-void-linux.patch | 71 +++++++++++++++++
 srcpkgs/clamav/template                    | 92 +++++++++++-----------
 9 files changed, 235 insertions(+), 64 deletions(-)
 create mode 100644 srcpkgs/clamav/INSTALL.msg
 create mode 100755 srcpkgs/clamav/files/clamd/run
 create mode 100755 srcpkgs/clamav/files/clamonacc/run
 create mode 100755 srcpkgs/clamav/files/freshclam/run
 create mode 100644 srcpkgs/clamav/patches/10-void-linux.patch

diff --git a/common/shlibs b/common/shlibs
index 2d7f32eee393b..8b33fe5ee29b3 100644
--- a/common/shlibs
+++ b/common/shlibs
@@ -2257,10 +2257,11 @@ libsfml-system.so.2.5 SFML-2.5.0_1
 libsfml-window.so.2.5 SFML-2.5.0_1
 libsfml-audio.so.2.5 SFML-2.5.0_1
 libsfml-graphics.so.2.5 SFML-2.5.0_1
-libclamav.so.9 clamav-0.103.1_2
-libclamunrar.so.9 clamav-0.103.1_2
-libclamunrar_iface.so.9 clamav-0.103.1_2
-libfreshclam.so.2 clamav-0.103.1_2
+libclamav.so.12 clamav-1.2.0_1
+libclamunrar.so.12 clamav-1.2.0_1
+libclamunrar_iface.so.12 clamav-1.2.0_1
+libfreshclam.so.3 clamav-1.2.0_1
+libclammspack.so.0 clamav-1.2.0_1
 libqca-qt5.so.2 qca-qt5-2.1.3_1
 libqt5keychain.so.1 qtkeychain-qt5-0.7.0_1
 libphonon4qt5.so.4 phonon-qt5-4.8.3_1
diff --git a/srcpkgs/clamav/INSTALL b/srcpkgs/clamav/INSTALL
index 4b8adfa4a360a..7ea5300a7a8f9 100644
--- a/srcpkgs/clamav/INSTALL
+++ b/srcpkgs/clamav/INSTALL
@@ -1,20 +1,84 @@
 # INSTALL
+
+readonly old_configdir=/etc
+readonly configdir=/etc/clamav
+readonly old_config_files="
+    ${old_configdir}/clamd.conf
+    ${old_configdir}/freshclam.conf"
+readonly config_files="
+    ${configdir}/clamav-milter.conf
+    ${configdir}/clamd.conf
+    ${configdir}/freshclam.conf"
+readonly old_databasedir=/var/lib/_clamav
+readonly databasedir=/var/lib/clamav
+
+version="$(xbps-query clamav | grep pkgver)"
+version=${version#pkgver: clamav-}
+
+check_mv() {
+	[ -f "${1}" ] && mv "${1}" "${2}"
+}
+
+# The following functions are to used automatically to migrate the config files
+# from /etc (0.x versions) to /etc/clamav (1.x versions) safely.
+save_conflicting_config_files() {
+	[ ! -d ${configdir} ] && mkdir -p ${configdir}
+	for file in ${config_files}; do
+		check_mv "${file}" "${file}".custom
+	done
+	# Saves the previous version to use in the post action.
+	printf '%s' "${version}" > ${configdir}/.migrate
+}
+
+# This is done as moving the old config files into /etc/clamav in the preinstall
+# phase would end in xbps overwriting them with the new config files (not making
+# xxx.new-${VERSION}).
+# An alternative to this would be by renaming the new config files into the
+# xxx.new-${VERSION} format before moving the old config files into /etc/clamav
+# in the postinstall phase. However, it is usually not a good idea to emulate
+# program behavior as it may cause issues in the future (in this case if the
+# format changes).
+bootstrap_pkg() {
+	printf '%s\n' "${PKGNAME}-${VERSION}: bootstrapping ..."
+	xbps-remove -y clamav > /dev/null 2>&1
+	xbps-install -y clamav > /dev/null 2>&1
+}
+
+migrate_config_files() {
+	for file in ${old_config_files}; do
+		for match in "${file}"*; do
+			name=${match#"${old_configdir}"/}
+			check_mv "${match}" ${configdir}/"${name}"
+		done
+	done
+	bootstrap_pkg
+	rm ${configdir}/.migrate
+}
+
 case "$ACTION" in
+pre)
+	if [ "$UPDATE" = "yes" ]; then
+		case "${version}" in
+		0.*) save_conflicting_config_files ;;
+		esac
+	fi
+	;;
 post)
-	# Only if not updating
 	if [ "$UPDATE" != "yes" ]; then
-		# Create the database directory
-		mkdir -p var/lib/_clamav
-		# The clamav user owns it
-		chown -R _clamav:_clamav var/lib/_clamav
-		# Let group members write to it
-		chmod g+w var/lib/_clamav
+		mkdir -p ${databasedir}
 	else
-		if [ -d "var/lib/clamav" ]; then
-			mv var/lib/clamav var/lib/_clamav
-			chown -R _clamav:_clamav var/lib/_clamav
-		fi
+		prev_version="$(cat ${configdir}/.migrate 2> /dev/null)"
+
+		case "${prev_version}" in
+		0.*)
+			# This should come first or else the old database
+			# directory will be moved to /var/lib/clamav/_clamav.
+			[ -d ${old_databasedir} ] && mv ${old_databasedir} ${databasedir}
+			migrate_config_files
+			;;
+		esac
 	fi
+	chown -R _clamav:_clamav ${databasedir}
+	chmod g+w ${databasedir}
 	;;
 esac
-
diff --git a/srcpkgs/clamav/INSTALL.msg b/srcpkgs/clamav/INSTALL.msg
new file mode 100644
index 0000000000000..325ec6002c668
--- /dev/null
+++ b/srcpkgs/clamav/INSTALL.msg
@@ -0,0 +1,12 @@
+The directories used by clamav have changed in versions >=1.2.0_1. This change
+was made to keep the system clean and consistent with other packages.
+
+Changes:
+ - All the configuration files are now located in /etc/clamav
+ - The database directory is now /lib/var/clamav
+
+This change should be done automatically for most users and should require no
+user interference.
+
+For users already using the /etc/clamav directory for custom clamav installs,
+a '.custom' extension was added to those configuration files.
diff --git a/srcpkgs/clamav/REMOVE b/srcpkgs/clamav/REMOVE
index 1edffaba785c3..bc2171087b722 100644
--- a/srcpkgs/clamav/REMOVE
+++ b/srcpkgs/clamav/REMOVE
@@ -1,10 +1,14 @@
 # REMOVE
+
+readonly configdir=/etc/clamav
+readonly databasedir=/var/lib/clamav
+
 case "$ACTION" in
 pre)
-	# Only if not updating
 	if [ "$UPDATE" != "yes" ]; then
-		# Remove the clamav database directory and contents
-		rm -rf var/lib/_clamav
+		# Do not delete while bootstrapping.
+		[ -f ${configdir}/.migrate ] && exit 0
+		rm -rf ${databasedir}
 	fi
 	;;
 esac
diff --git a/srcpkgs/clamav/files/clamd/run b/srcpkgs/clamav/files/clamd/run
new file mode 100755
index 0000000000000..1eab01d0d077c
--- /dev/null
+++ b/srcpkgs/clamav/files/clamd/run
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+exec 2>&1
+
+localsocket="$(grep '^[[:space:]]*LocalSocket[[:space:]]' /etc/clamav/clamd.conf | cut -d' ' -f2)"
+runtimedir="$(dirname "$localsocket")"
+
+[ ! -d "${runtimedir}" ] && install -m 755 -o _clamav -g _clamav -d "${runtimedir}"
+exec clamd --foreground 2>&1
diff --git a/srcpkgs/clamav/files/clamonacc/run b/srcpkgs/clamav/files/clamonacc/run
new file mode 100755
index 0000000000000..622467adf2e98
--- /dev/null
+++ b/srcpkgs/clamav/files/clamonacc/run
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+exec 2>&1
+exec clamonacc --foreground --fdpass 2>&1
diff --git a/srcpkgs/clamav/files/freshclam/run b/srcpkgs/clamav/files/freshclam/run
new file mode 100755
index 0000000000000..8372eab14e4cb
--- /dev/null
+++ b/srcpkgs/clamav/files/freshclam/run
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+exec 2>&1
+exec freshclam --daemon --foreground 2>&1
diff --git a/srcpkgs/clamav/patches/10-void-linux.patch b/srcpkgs/clamav/patches/10-void-linux.patch
new file mode 100644
index 0000000000000..16cb8eb32d4ea
--- /dev/null
+++ b/srcpkgs/clamav/patches/10-void-linux.patch
@@ -0,0 +1,71 @@
+--- a/etc/clamav-milter.conf.sample	2023-09-23 21:48:44.563130754 +0900
++++ b/etc/clamav-milter.conf.sample	2023-09-23 21:52:44.693134403 +0900
+@@ -38,7 +38,7 @@
+ # to work)
+ #
+ # Default: unset (don't drop privileges)
+-#User clamav
++#User _clamav
+ 
+ # Waiting for data from clamd will timeout after this time (seconds).
+ # Value of 0 disables the timeout.
+--- a/etc/clamd.conf.sample	2023-09-23 21:20:27.717104965 +0900
++++ b/etc/clamd.conf.sample	2023-09-23 21:57:28.716138720 +0900
+@@ -81,7 +81,7 @@
+ #TemporaryDirectory /var/tmp
+ 
+ # Path to the database directory.
+-# Default: hardcoded (depends on installation options)
++# Default: /var/lib/clamav
+ #DatabaseDirectory /var/lib/clamav
+ 
+ # Only load the official signatures published by the ClamAV project.
+@@ -224,7 +224,7 @@
+ 
+ # Run as another user (clamd must be started by root for this option to work)
+ # Default: don't drop privileges
+-#User clamav
++#User _clamav
+ 
+ # Stop daemon when libclamav reports out of memory condition.
+ #ExitOnOOM yes
+@@ -706,7 +706,7 @@
+ # Modifies fanotify blocking behaviour when handling permission events.
+ # If off, fanotify will only notify if the file scanned is a virus,
+ # and not perform any blocking.
+-# Default: no
++# Default: no (Void Linux does not support this option; setting this to 'yes' will do nothing)
+ #OnAccessPrevention yes
+ 
+ # When using prevention, if this option is turned on, any errors that occur
+@@ -766,7 +766,7 @@
+ # It has the same potential race condition limitations of the
+ # OnAccessExcludeUID option.
+ # Default: disabled
+-#OnAccessExcludeUname clamav
++#OnAccessExcludeUname _clamav
+ 
+ # Number of times the OnAccess client will retry a failed scan due to
+ # connection problems (or other issues).
+--- a/etc/freshclam.conf.sample	2023-09-23 21:52:51.220134502 +0900
++++ b/etc/freshclam.conf.sample	2023-09-23 21:57:12.082138467 +0900
+@@ -9,7 +9,7 @@
+ 
+ # Path to the database directory.
+ # WARNING: It must match clamd.conf's directive!
+-# Default: hardcoded (depends on installation options)
++# Default: /var/lib/clamav
+ #DatabaseDirectory /var/lib/clamav
+ 
+ # Path to the log file (make sure it has proper permissions)
+@@ -56,8 +56,8 @@
+ 
+ # By default when started freshclam drops privileges and switches to the
+ # "clamav" user. This directive allows you to change the database owner.
+-# Default: clamav (may depend on installation options)
+-#DatabaseOwner clamav
++# Default: _clamav
++#DatabaseOwner _clamav
+ 
+ # Use DNS to verify virus database version. FreshClam uses DNS TXT records
+ # to verify database and software versions. With this directive you can change
diff --git a/srcpkgs/clamav/template b/srcpkgs/clamav/template
index 3574b7baeed09..eacaba9302dfa 100644
--- a/srcpkgs/clamav/template
+++ b/srcpkgs/clamav/template
@@ -1,66 +1,68 @@
 # Template file for 'clamav'
 pkgname=clamav
-version=0.103.8
-revision=4
-build_style=gnu-configure
-# XXX: system llvm is too new (< 3.7 required)
-# Shipped llvm does not build with gcc>=6
-configure_args="--sbindir=/usr/bin --libdir=/usr/lib
- --with-openssl=${XBPS_CROSS_BASE}/usr --with-pcre=${XBPS_CROSS_BASE}/usr
- --with-zlib=${XBPS_CROSS_BASE}/usr --with-libbz2-prefix=${XBPS_CROSS_BASE}/usr
- --with-system-libmspack=${XBPS_CROSS_BASE}/usr --with-libcurl=${XBPS_CROSS_BASE}/usr
- --enable-ipv6 --with-user=_clamav --with-group=_clamav"
-conf_files="/etc/clamd.conf /etc/freshclam.conf"
-hostmakedepends="flex pkg-config zip"
-makedepends="json-c-devel libcurl-devel libmspack-devel libxml2-devel
- ncurses-devel pcre-devel tcl-devel"
+version=1.2.0
+revision=1
+
+_configdir=/etc/clamav
+_databasedir=/var/lib/clamav
+
+build_style=cmake
+cmake_builddir=build
+# Setting ENABLE_JSON_SHARED=OFF is preferred, as libclamav.so may crash if you
+# use a different JSON library.
+configure_args="
+ -D CMAKE_BUILD_TYPE=Release
+ -D CMAKE_INSTALL_PREFIX=/usr
+ -D APP_CONFIG_DIRECTORY=${_configdir}
+ -D DATABASE_DIRECTORY=${_databasedir}
+ -D CLAMAV_USER=_clamav
+ -D CLAMAV_GROUP=_clamav
+ -D ENABLE_JSON_SHARED=OFF"
+hostmakedepends="rust cargo python3"
+makedepends="bzip2-devel check-devel libcurl-devel json-c-devel libmilter-devel
+ libxml2-devel ncurses-devel openssl-devel pcre2-devel zlib-devel"
 short_desc="Clam Anti-Virus scanner"
 maintainer="Orphaned <orphan@voidlinux.org>"
 license="GPL-2.0-only"
 homepage="https://www.clamav.net/"
+changelog="https://raw.githubusercontent.com/Cisco-Talos/clamav/main/NEWS.md"
 distfiles="https://www.clamav.net/downloads/production/clamav-${version}.tar.gz"
-checksum=6f49da6ee927936de13d359e559d3944248e3a257d40b80b6c99ebe6fe8c8c3f
-_clamav_homedir="/var/lib/_${pkgname}"
-_clamav_descr="ClamAV user"
+checksum=97a192dffe141480b56cabf1063d79a9fc55cd59203241fa41bfc7a98a548020
 system_accounts="_clamav"
-make_check=ci-skip
+_clamav_homedir=${_databasedir}
+conf_files="
+ ${_configdir}/clamav-milter.conf
+ ${_configdir}/clamd.conf
+ ${_configdir}/freshclam.conf"
+_sv_files="clamd clamonacc freshclam"
 
-CPPFLAGS="-Wno-unused-local-typedefs"
 if [ "$CROSS_BUILD" ]; then
-	configure_args+=" --disable-mempool"
+	build_helper="qemu"
+	makedepends+=" rust-std"
+	configure_args+="
+	 -D RUST_COMPILER_TARGET:STRING=${XBPS_CROSS_RUST_TARGET}
+	 -D RUSTFLAGS=${XBPS_CROSS_RUSTFLAGS}"
 fi
+
 if [ "$XBPS_TARGET_LIBC" = "musl" ]; then
 	makedepends+=" musl-fts-devel"
-	LDFLAGS="-lfts"
+	configure_args+=" -D CMAKE_EXE_LINKER_FLAGS=-lfts"
 fi
 
-do_configure() {
-	# Disable detection of sys/cdefs.h (it's obsolete)
-	sed -i configure -e 's; sys/cdefs\.h$;;'
-	sed -i configure -e 's;3\.7;3.9;'
-	# Enable IPv6 for cross builds
-	if [ "$CROSS_BUILD" ]; then
-		configure_args+=" have_cv_ipv6=yes"
-	fi
-	# Need to set PCRE_HOME to make --with-pcre=/usr work
-	PCRE_HOME=/usr ./configure ${configure_args}
-}
 post_install() {
-	# Enable and patch clamd configuration
-	mv -v ${PKGDESTDIR}/etc/clamd.conf.sample ${PKGDESTDIR}/etc/clamd.conf
-	vsconf etc/clamd.conf.sample
-	sed -i ${PKGDESTDIR}/etc/clamd.conf \
-		-e "s;^Example$;# Example;" \
-		-e "s;#DatabaseDirectory.*;DatabaseDirectory /var/lib/_${pkgname};"
+	vmkdir ${_configdir}
+	for sv in ${_sv_files}; do vsv "${sv}"; done
+	for path in ${conf_files}; do
+		name=${path#"${_configdir}"/}
+
+		mv -v "${PKGDESTDIR}"/"${path}".sample "${PKGDESTDIR}"/"${path}"
+		vsconf "${PKGDESTDIR}"/"${path}" "${name}".sample
+		sed -i "${PKGDESTDIR}"/"${path}" -e "s;^Example$;# Example;"
+	done
+	vdoc "${FILESDIR}"/README.voidlinux
 
-	# Enable and patch freshclam configuration
-	mv -v ${PKGDESTDIR}/etc/freshclam.conf.sample ${PKGDESTDIR}/etc/freshclam.conf
-	vsconf etc/freshclam.conf.sample
-	sed -i ${PKGDESTDIR}/etc/freshclam.conf \
-		-e "s;^Example$;# Example;" \
-		-e "s;#DatabaseDirectory.*;DatabaseDirectory /var/lib/_${pkgname};"
-	vdoc "${FILESDIR}/README.voidlinux"
 }
+
 clamav-devel_package() {
 	depends="${sourcepkg}>=${version}_${revision}"
 	short_desc+=" - development files"

Re: clamav: update to 1.2.0.

[nsudsgaard]

[-- Attachment #1: Type: text/plain, Size: 556 bytes --]

New comment by nsudsgaard on void-packages repository

https://github.com/void-linux/void-packages/pull/46196#issuecomment-1851315254

Comment:
> @nsudsgaard thanks for continuing here! Honestly, if someone else wants to take over clamav, I'm more than happy. I was absent from void for a while, but starting to get back atm and I've used your PR to deploy clamav on my machine. Seems to work fine :)

I'm glad it worked on your machine.
I'll see if I can update the PR to 1.2.1 and somehow get the checks to not fail when I have some spare time.  

Re: clamav: update to 1.2.0.

[jcgruenhage]

[-- Attachment #1: Type: text/plain, Size: 217 bytes --]

New comment by jcgruenhage on void-packages repository

https://github.com/void-linux/void-packages/pull/46196#issuecomment-1851481197

Comment:
I actually built 1.2.1 on my machine, updating that was fairly trivial.

Re: clamav: update to 1.2.0.

[nsudsgaard]

[-- Attachment #1: Type: text/plain, Size: 326 bytes --]

New comment by nsudsgaard on void-packages repository

https://github.com/void-linux/void-packages/pull/46196#issuecomment-1851510714

Comment:
> I actually built 1.2.1 on my machine, updating that was fairly trivial.

Nice, that's great to hear. :+1: 
I guess all that's left is to figure out why the checks keep failing.

Re: [PR PATCH] [Updated] [WIP] clamav: update to 1.2.1.

[nsudsgaard]

[-- Attachment #1: Type: text/plain, Size: 1628 bytes --]

There is an updated pull request by nsudsgaard against master on the void-packages repository

https://github.com/nsudsgaard/void-packages clamav-1.2.0
https://github.com/void-linux/void-packages/pull/46196

[WIP] clamav: update to 1.2.1.
I understand that opening another PR is not the best thing to do. However, my previous PR had a bit of an accident and the other PR for clamav (#41188) is not very active (maybe I am just inpatient).

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes

- [ ] Finished this for 1.2.1

- I tested the changes in this PR: **YES**

<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->

#### Local build testing

- [ ]  Finished this for 1.2.1

- I built this PR locally for my native architecture, (x86_64, x86_64-musl, i686)
- I built this PR locally for these architectures:
  - aarch64 _crossbuild_
  - aarch64-musl _crossbuild_
  - armv7l _crossbuild_
  - armv7l-musl _crossbuild_
  - armv6l _crossbuild_
  - armv6l-musl _crossbuild_



A patch file from https://github.com/void-linux/void-packages/pull/46196.patch is attached

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-clamav-1.2.0-46196.patch --]
[-- Type: text/x-diff, Size: 15757 bytes --]

From 7670abe3540d980be394ef40eaacc5e18244123b Mon Sep 17 00:00:00 2001
From: Nicholas Sudsgaard <devel@nsudsgaard.com>
Date: Sat, 23 Sep 2023 22:21:32 +0900
Subject: [PATCH 1/2] clamav: update to 1.2.0.

---
 common/shlibs                              |  9 ++-
 srcpkgs/clamav/INSTALL                     | 88 ++++++++++++++++++---
 srcpkgs/clamav/INSTALL.msg                 | 12 +++
 srcpkgs/clamav/REMOVE                      | 10 ++-
 srcpkgs/clamav/files/clamd/run             |  9 +++
 srcpkgs/clamav/files/clamonacc/run         |  4 +
 srcpkgs/clamav/files/freshclam/run         |  4 +
 srcpkgs/clamav/patches/10-void-linux.patch | 71 +++++++++++++++++
 srcpkgs/clamav/template                    | 92 +++++++++++-----------
 9 files changed, 235 insertions(+), 64 deletions(-)
 create mode 100644 srcpkgs/clamav/INSTALL.msg
 create mode 100755 srcpkgs/clamav/files/clamd/run
 create mode 100755 srcpkgs/clamav/files/clamonacc/run
 create mode 100755 srcpkgs/clamav/files/freshclam/run
 create mode 100644 srcpkgs/clamav/patches/10-void-linux.patch

diff --git a/common/shlibs b/common/shlibs
index 2d7f32eee393b..8b33fe5ee29b3 100644
--- a/common/shlibs
+++ b/common/shlibs
@@ -2257,10 +2257,11 @@ libsfml-system.so.2.5 SFML-2.5.0_1
 libsfml-window.so.2.5 SFML-2.5.0_1
 libsfml-audio.so.2.5 SFML-2.5.0_1
 libsfml-graphics.so.2.5 SFML-2.5.0_1
-libclamav.so.9 clamav-0.103.1_2
-libclamunrar.so.9 clamav-0.103.1_2
-libclamunrar_iface.so.9 clamav-0.103.1_2
-libfreshclam.so.2 clamav-0.103.1_2
+libclamav.so.12 clamav-1.2.0_1
+libclamunrar.so.12 clamav-1.2.0_1
+libclamunrar_iface.so.12 clamav-1.2.0_1
+libfreshclam.so.3 clamav-1.2.0_1
+libclammspack.so.0 clamav-1.2.0_1
 libqca-qt5.so.2 qca-qt5-2.1.3_1
 libqt5keychain.so.1 qtkeychain-qt5-0.7.0_1
 libphonon4qt5.so.4 phonon-qt5-4.8.3_1
diff --git a/srcpkgs/clamav/INSTALL b/srcpkgs/clamav/INSTALL
index 4b8adfa4a360a..7ea5300a7a8f9 100644
--- a/srcpkgs/clamav/INSTALL
+++ b/srcpkgs/clamav/INSTALL
@@ -1,20 +1,84 @@
 # INSTALL
+
+readonly old_configdir=/etc
+readonly configdir=/etc/clamav
+readonly old_config_files="
+    ${old_configdir}/clamd.conf
+    ${old_configdir}/freshclam.conf"
+readonly config_files="
+    ${configdir}/clamav-milter.conf
+    ${configdir}/clamd.conf
+    ${configdir}/freshclam.conf"
+readonly old_databasedir=/var/lib/_clamav
+readonly databasedir=/var/lib/clamav
+
+version="$(xbps-query clamav | grep pkgver)"
+version=${version#pkgver: clamav-}
+
+check_mv() {
+	[ -f "${1}" ] && mv "${1}" "${2}"
+}
+
+# The following functions are to used automatically to migrate the config files
+# from /etc (0.x versions) to /etc/clamav (1.x versions) safely.
+save_conflicting_config_files() {
+	[ ! -d ${configdir} ] && mkdir -p ${configdir}
+	for file in ${config_files}; do
+		check_mv "${file}" "${file}".custom
+	done
+	# Saves the previous version to use in the post action.
+	printf '%s' "${version}" > ${configdir}/.migrate
+}
+
+# This is done as moving the old config files into /etc/clamav in the preinstall
+# phase would end in xbps overwriting them with the new config files (not making
+# xxx.new-${VERSION}).
+# An alternative to this would be by renaming the new config files into the
+# xxx.new-${VERSION} format before moving the old config files into /etc/clamav
+# in the postinstall phase. However, it is usually not a good idea to emulate
+# program behavior as it may cause issues in the future (in this case if the
+# format changes).
+bootstrap_pkg() {
+	printf '%s\n' "${PKGNAME}-${VERSION}: bootstrapping ..."
+	xbps-remove -y clamav > /dev/null 2>&1
+	xbps-install -y clamav > /dev/null 2>&1
+}
+
+migrate_config_files() {
+	for file in ${old_config_files}; do
+		for match in "${file}"*; do
+			name=${match#"${old_configdir}"/}
+			check_mv "${match}" ${configdir}/"${name}"
+		done
+	done
+	bootstrap_pkg
+	rm ${configdir}/.migrate
+}
+
 case "$ACTION" in
+pre)
+	if [ "$UPDATE" = "yes" ]; then
+		case "${version}" in
+		0.*) save_conflicting_config_files ;;
+		esac
+	fi
+	;;
 post)
-	# Only if not updating
 	if [ "$UPDATE" != "yes" ]; then
-		# Create the database directory
-		mkdir -p var/lib/_clamav
-		# The clamav user owns it
-		chown -R _clamav:_clamav var/lib/_clamav
-		# Let group members write to it
-		chmod g+w var/lib/_clamav
+		mkdir -p ${databasedir}
 	else
-		if [ -d "var/lib/clamav" ]; then
-			mv var/lib/clamav var/lib/_clamav
-			chown -R _clamav:_clamav var/lib/_clamav
-		fi
+		prev_version="$(cat ${configdir}/.migrate 2> /dev/null)"
+
+		case "${prev_version}" in
+		0.*)
+			# This should come first or else the old database
+			# directory will be moved to /var/lib/clamav/_clamav.
+			[ -d ${old_databasedir} ] && mv ${old_databasedir} ${databasedir}
+			migrate_config_files
+			;;
+		esac
 	fi
+	chown -R _clamav:_clamav ${databasedir}
+	chmod g+w ${databasedir}
 	;;
 esac
-
diff --git a/srcpkgs/clamav/INSTALL.msg b/srcpkgs/clamav/INSTALL.msg
new file mode 100644
index 0000000000000..325ec6002c668
--- /dev/null
+++ b/srcpkgs/clamav/INSTALL.msg
@@ -0,0 +1,12 @@
+The directories used by clamav have changed in versions >=1.2.0_1. This change
+was made to keep the system clean and consistent with other packages.
+
+Changes:
+ - All the configuration files are now located in /etc/clamav
+ - The database directory is now /lib/var/clamav
+
+This change should be done automatically for most users and should require no
+user interference.
+
+For users already using the /etc/clamav directory for custom clamav installs,
+a '.custom' extension was added to those configuration files.
diff --git a/srcpkgs/clamav/REMOVE b/srcpkgs/clamav/REMOVE
index 1edffaba785c3..bc2171087b722 100644
--- a/srcpkgs/clamav/REMOVE
+++ b/srcpkgs/clamav/REMOVE
@@ -1,10 +1,14 @@
 # REMOVE
+
+readonly configdir=/etc/clamav
+readonly databasedir=/var/lib/clamav
+
 case "$ACTION" in
 pre)
-	# Only if not updating
 	if [ "$UPDATE" != "yes" ]; then
-		# Remove the clamav database directory and contents
-		rm -rf var/lib/_clamav
+		# Do not delete while bootstrapping.
+		[ -f ${configdir}/.migrate ] && exit 0
+		rm -rf ${databasedir}
 	fi
 	;;
 esac
diff --git a/srcpkgs/clamav/files/clamd/run b/srcpkgs/clamav/files/clamd/run
new file mode 100755
index 0000000000000..1eab01d0d077c
--- /dev/null
+++ b/srcpkgs/clamav/files/clamd/run
@@ -0,0 +1,9 @@
+#!/bin/sh
+
+exec 2>&1
+
+localsocket="$(grep '^[[:space:]]*LocalSocket[[:space:]]' /etc/clamav/clamd.conf | cut -d' ' -f2)"
+runtimedir="$(dirname "$localsocket")"
+
+[ ! -d "${runtimedir}" ] && install -m 755 -o _clamav -g _clamav -d "${runtimedir}"
+exec clamd --foreground 2>&1
diff --git a/srcpkgs/clamav/files/clamonacc/run b/srcpkgs/clamav/files/clamonacc/run
new file mode 100755
index 0000000000000..622467adf2e98
--- /dev/null
+++ b/srcpkgs/clamav/files/clamonacc/run
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+exec 2>&1
+exec clamonacc --foreground --fdpass 2>&1
diff --git a/srcpkgs/clamav/files/freshclam/run b/srcpkgs/clamav/files/freshclam/run
new file mode 100755
index 0000000000000..8372eab14e4cb
--- /dev/null
+++ b/srcpkgs/clamav/files/freshclam/run
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+exec 2>&1
+exec freshclam --daemon --foreground 2>&1
diff --git a/srcpkgs/clamav/patches/10-void-linux.patch b/srcpkgs/clamav/patches/10-void-linux.patch
new file mode 100644
index 0000000000000..16cb8eb32d4ea
--- /dev/null
+++ b/srcpkgs/clamav/patches/10-void-linux.patch
@@ -0,0 +1,71 @@
+--- a/etc/clamav-milter.conf.sample	2023-09-23 21:48:44.563130754 +0900
++++ b/etc/clamav-milter.conf.sample	2023-09-23 21:52:44.693134403 +0900
+@@ -38,7 +38,7 @@
+ # to work)
+ #
+ # Default: unset (don't drop privileges)
+-#User clamav
++#User _clamav
+ 
+ # Waiting for data from clamd will timeout after this time (seconds).
+ # Value of 0 disables the timeout.
+--- a/etc/clamd.conf.sample	2023-09-23 21:20:27.717104965 +0900
++++ b/etc/clamd.conf.sample	2023-09-23 21:57:28.716138720 +0900
+@@ -81,7 +81,7 @@
+ #TemporaryDirectory /var/tmp
+ 
+ # Path to the database directory.
+-# Default: hardcoded (depends on installation options)
++# Default: /var/lib/clamav
+ #DatabaseDirectory /var/lib/clamav
+ 
+ # Only load the official signatures published by the ClamAV project.
+@@ -224,7 +224,7 @@
+ 
+ # Run as another user (clamd must be started by root for this option to work)
+ # Default: don't drop privileges
+-#User clamav
++#User _clamav
+ 
+ # Stop daemon when libclamav reports out of memory condition.
+ #ExitOnOOM yes
+@@ -706,7 +706,7 @@
+ # Modifies fanotify blocking behaviour when handling permission events.
+ # If off, fanotify will only notify if the file scanned is a virus,
+ # and not perform any blocking.
+-# Default: no
++# Default: no (Void Linux does not support this option; setting this to 'yes' will do nothing)
+ #OnAccessPrevention yes
+ 
+ # When using prevention, if this option is turned on, any errors that occur
+@@ -766,7 +766,7 @@
+ # It has the same potential race condition limitations of the
+ # OnAccessExcludeUID option.
+ # Default: disabled
+-#OnAccessExcludeUname clamav
++#OnAccessExcludeUname _clamav
+ 
+ # Number of times the OnAccess client will retry a failed scan due to
+ # connection problems (or other issues).
+--- a/etc/freshclam.conf.sample	2023-09-23 21:52:51.220134502 +0900
++++ b/etc/freshclam.conf.sample	2023-09-23 21:57:12.082138467 +0900
+@@ -9,7 +9,7 @@
+ 
+ # Path to the database directory.
+ # WARNING: It must match clamd.conf's directive!
+-# Default: hardcoded (depends on installation options)
++# Default: /var/lib/clamav
+ #DatabaseDirectory /var/lib/clamav
+ 
+ # Path to the log file (make sure it has proper permissions)
+@@ -56,8 +56,8 @@
+ 
+ # By default when started freshclam drops privileges and switches to the
+ # "clamav" user. This directive allows you to change the database owner.
+-# Default: clamav (may depend on installation options)
+-#DatabaseOwner clamav
++# Default: _clamav
++#DatabaseOwner _clamav
+ 
+ # Use DNS to verify virus database version. FreshClam uses DNS TXT records
+ # to verify database and software versions. With this directive you can change
diff --git a/srcpkgs/clamav/template b/srcpkgs/clamav/template
index 3574b7baeed09..eacaba9302dfa 100644
--- a/srcpkgs/clamav/template
+++ b/srcpkgs/clamav/template
@@ -1,66 +1,68 @@
 # Template file for 'clamav'
 pkgname=clamav
-version=0.103.8
-revision=4
-build_style=gnu-configure
-# XXX: system llvm is too new (< 3.7 required)
-# Shipped llvm does not build with gcc>=6
-configure_args="--sbindir=/usr/bin --libdir=/usr/lib
- --with-openssl=${XBPS_CROSS_BASE}/usr --with-pcre=${XBPS_CROSS_BASE}/usr
- --with-zlib=${XBPS_CROSS_BASE}/usr --with-libbz2-prefix=${XBPS_CROSS_BASE}/usr
- --with-system-libmspack=${XBPS_CROSS_BASE}/usr --with-libcurl=${XBPS_CROSS_BASE}/usr
- --enable-ipv6 --with-user=_clamav --with-group=_clamav"
-conf_files="/etc/clamd.conf /etc/freshclam.conf"
-hostmakedepends="flex pkg-config zip"
-makedepends="json-c-devel libcurl-devel libmspack-devel libxml2-devel
- ncurses-devel pcre-devel tcl-devel"
+version=1.2.0
+revision=1
+
+_configdir=/etc/clamav
+_databasedir=/var/lib/clamav
+
+build_style=cmake
+cmake_builddir=build
+# Setting ENABLE_JSON_SHARED=OFF is preferred, as libclamav.so may crash if you
+# use a different JSON library.
+configure_args="
+ -D CMAKE_BUILD_TYPE=Release
+ -D CMAKE_INSTALL_PREFIX=/usr
+ -D APP_CONFIG_DIRECTORY=${_configdir}
+ -D DATABASE_DIRECTORY=${_databasedir}
+ -D CLAMAV_USER=_clamav
+ -D CLAMAV_GROUP=_clamav
+ -D ENABLE_JSON_SHARED=OFF"
+hostmakedepends="rust cargo python3"
+makedepends="bzip2-devel check-devel libcurl-devel json-c-devel libmilter-devel
+ libxml2-devel ncurses-devel openssl-devel pcre2-devel zlib-devel"
 short_desc="Clam Anti-Virus scanner"
 maintainer="Orphaned <orphan@voidlinux.org>"
 license="GPL-2.0-only"
 homepage="https://www.clamav.net/"
+changelog="https://raw.githubusercontent.com/Cisco-Talos/clamav/main/NEWS.md"
 distfiles="https://www.clamav.net/downloads/production/clamav-${version}.tar.gz"
-checksum=6f49da6ee927936de13d359e559d3944248e3a257d40b80b6c99ebe6fe8c8c3f
-_clamav_homedir="/var/lib/_${pkgname}"
-_clamav_descr="ClamAV user"
+checksum=97a192dffe141480b56cabf1063d79a9fc55cd59203241fa41bfc7a98a548020
 system_accounts="_clamav"
-make_check=ci-skip
+_clamav_homedir=${_databasedir}
+conf_files="
+ ${_configdir}/clamav-milter.conf
+ ${_configdir}/clamd.conf
+ ${_configdir}/freshclam.conf"
+_sv_files="clamd clamonacc freshclam"
 
-CPPFLAGS="-Wno-unused-local-typedefs"
 if [ "$CROSS_BUILD" ]; then
-	configure_args+=" --disable-mempool"
+	build_helper="qemu"
+	makedepends+=" rust-std"
+	configure_args+="
+	 -D RUST_COMPILER_TARGET:STRING=${XBPS_CROSS_RUST_TARGET}
+	 -D RUSTFLAGS=${XBPS_CROSS_RUSTFLAGS}"
 fi
+
 if [ "$XBPS_TARGET_LIBC" = "musl" ]; then
 	makedepends+=" musl-fts-devel"
-	LDFLAGS="-lfts"
+	configure_args+=" -D CMAKE_EXE_LINKER_FLAGS=-lfts"
 fi
 
-do_configure() {
-	# Disable detection of sys/cdefs.h (it's obsolete)
-	sed -i configure -e 's; sys/cdefs\.h$;;'
-	sed -i configure -e 's;3\.7;3.9;'
-	# Enable IPv6 for cross builds
-	if [ "$CROSS_BUILD" ]; then
-		configure_args+=" have_cv_ipv6=yes"
-	fi
-	# Need to set PCRE_HOME to make --with-pcre=/usr work
-	PCRE_HOME=/usr ./configure ${configure_args}
-}
 post_install() {
-	# Enable and patch clamd configuration
-	mv -v ${PKGDESTDIR}/etc/clamd.conf.sample ${PKGDESTDIR}/etc/clamd.conf
-	vsconf etc/clamd.conf.sample
-	sed -i ${PKGDESTDIR}/etc/clamd.conf \
-		-e "s;^Example$;# Example;" \
-		-e "s;#DatabaseDirectory.*;DatabaseDirectory /var/lib/_${pkgname};"
+	vmkdir ${_configdir}
+	for sv in ${_sv_files}; do vsv "${sv}"; done
+	for path in ${conf_files}; do
+		name=${path#"${_configdir}"/}
+
+		mv -v "${PKGDESTDIR}"/"${path}".sample "${PKGDESTDIR}"/"${path}"
+		vsconf "${PKGDESTDIR}"/"${path}" "${name}".sample
+		sed -i "${PKGDESTDIR}"/"${path}" -e "s;^Example$;# Example;"
+	done
+	vdoc "${FILESDIR}"/README.voidlinux
 
-	# Enable and patch freshclam configuration
-	mv -v ${PKGDESTDIR}/etc/freshclam.conf.sample ${PKGDESTDIR}/etc/freshclam.conf
-	vsconf etc/freshclam.conf.sample
-	sed -i ${PKGDESTDIR}/etc/freshclam.conf \
-		-e "s;^Example$;# Example;" \
-		-e "s;#DatabaseDirectory.*;DatabaseDirectory /var/lib/_${pkgname};"
-	vdoc "${FILESDIR}/README.voidlinux"
 }
+
 clamav-devel_package() {
 	depends="${sourcepkg}>=${version}_${revision}"
 	short_desc+=" - development files"

From 2f57e9966bc517324d6cc40f9c38e7c38f3af71b Mon Sep 17 00:00:00 2001
From: Nicholas Sudsgaard <devel@nsudsgaard.com>
Date: Wed, 13 Dec 2023 21:48:17 +0900
Subject: [PATCH 2/2] clamav: update to 1.2.1

---
 srcpkgs/clamav/template | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/srcpkgs/clamav/template b/srcpkgs/clamav/template
index eacaba9302dfa..3428fbd393a18 100644
--- a/srcpkgs/clamav/template
+++ b/srcpkgs/clamav/template
@@ -1,6 +1,6 @@
 # Template file for 'clamav'
 pkgname=clamav
-version=1.2.0
+version=1.2.1
 revision=1
 
 _configdir=/etc/clamav
@@ -18,7 +18,7 @@ configure_args="
  -D CLAMAV_USER=_clamav
  -D CLAMAV_GROUP=_clamav
  -D ENABLE_JSON_SHARED=OFF"
-hostmakedepends="rust cargo python3"
+hostmakedepends="rust cargo python3 python3-pytest"
 makedepends="bzip2-devel check-devel libcurl-devel json-c-devel libmilter-devel
  libxml2-devel ncurses-devel openssl-devel pcre2-devel zlib-devel"
 short_desc="Clam Anti-Virus scanner"
@@ -27,7 +27,7 @@ license="GPL-2.0-only"
 homepage="https://www.clamav.net/"
 changelog="https://raw.githubusercontent.com/Cisco-Talos/clamav/main/NEWS.md"
 distfiles="https://www.clamav.net/downloads/production/clamav-${version}.tar.gz"
-checksum=97a192dffe141480b56cabf1063d79a9fc55cd59203241fa41bfc7a98a548020
+checksum=9a14fe870cbb8f5f79f668b789dca0f25cc6be22abe32f4f7d3677e4ee3935b0
 system_accounts="_clamav"
 _clamav_homedir=${_databasedir}
 conf_files="

Re: [WIP] clamav: update to 1.2.1.

[github-actions]

[-- Attachment #1: Type: text/plain, Size: 305 bytes --]

New comment by github-actions[bot] on void-packages repository

https://github.com/void-linux/void-packages/pull/46196#issuecomment-2001043235

Comment:
Pull Requests become stale 90 days after last activity and are closed 14 days after that.  If this pull request is still relevant bump it or assign it.

Re: [PR PATCH] [Closed]: [WIP] clamav: update to 1.2.1.

[github-actions]

[-- Attachment #1: Type: text/plain, Size: 1461 bytes --]

There's a closed pull request on the void-packages repository

[WIP] clamav: update to 1.2.1.
https://github.com/void-linux/void-packages/pull/46196

Description:
I understand that opening another PR is not the best thing to do. However, my previous PR had a bit of an accident and the other PR for clamav (#41188) is not very active (maybe I am just inpatient).

<!-- Uncomment relevant sections and delete options which are not applicable -->

#### Testing the changes

- [ ] Finished this for 1.2.1

- I tested the changes in this PR: **YES**

<!--
#### New package
- This new package conforms to the [package requirements](https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#package-requirements): **YES**|**NO**
-->

<!-- Note: If the build is likely to take more than 2 hours, please add ci skip tag as described in
https://github.com/void-linux/void-packages/blob/master/CONTRIBUTING.md#continuous-integration
and test at least one native build and, if supported, at least one cross build.
Ignore this section if this PR is not skipping CI.
-->

#### Local build testing

- [x]  Finished this for 1.2.1

- I built this PR locally for my native architecture, (x86_64, x86_64-musl, i686)
- I built this PR locally for these architectures:
  - aarch64 _crossbuild_
  - aarch64-musl _crossbuild_
  - armv7l _crossbuild_
  - armv7l-musl _crossbuild_
  - armv6l _crossbuild_
  - armv6l-musl _crossbuild_