[ZendTo] Re: unable to upload
Jules
Jules at ZendTo.com
Wed Jul 21 16:33:56 BST 2010
On 21/07/2010 15:27, Gavin Silver wrote:
>
> [root at files ~]# freshclam
>
> ClamAV update process started at Wed Jul 21 14:21:25 2010
>
> main.cvd is up to date (version: 52, sigs: 704727, f-level: 44,
> builder: sven)
>
> Downloading daily-11403.cdiff [100%]
>
> daily.cld updated (version: 11403, sigs: 103267, f-level: 53, builder:
> arnaud)
>
> bytecode.cvd is up to date (version: 31, sigs: 7, f-level: 53,
> builder: nervous)
>
> Database updated (808001 signatures) from db.local.clamav.net (IP:
> 194.8.197.22)
>
> Clamd successfully notified about the update.
>
> [root at files ~]# service clamd restart
>
> Stopping Clam AntiVirus Daemon: [ OK ]
>
> Starting Clam AntiVirus Daemon: [ OK ]
>
> [root at files ~]# chkconfig clamd on
>
> [root at files ~]# which clamdscan
>
> /usr/bin/clamdscan
>
> [root at files ~]# echo hi > /var/zendto/incoming/testscanme
>
> [root at files ~]# chown apache.apache /var/zendto/incoming/*
>
That will still leave the file "testscanme" most likely with global read
permissions, which isn't what ZendTo should do by default. So please
read on...
>
> [root at files ~]# clamdscan /var/zendto/incoming/*
>
> /var/zendto/incoming/testscanme: OK
>
That looks okay, but what happens if you
chmod o-rwx /var/zendto/incoming/*
clamdscan /var/zendto/incoming/*
?
If that doesn't work, then add "apache" to the end of the line that
starts "clamav" in /etc/group and then run "grpconv". Then restart clamd
and try clamdscan again.
The full list of dependencies is listed at
http://www.zendto.com/rpm.html
If you still can't make it work, then as a stop-gap measure while we
investigate further you can edit your /opt/zendto/config/preferences.php
and change "clamdscan" to "clamscan". This will be a lot slower, but
should get around the problem for now.
"clamdscan" uses the daemon "clamd" to do the actual scanning, which has
already started up and read all the virus signature databases, which is
why it's lots faster. However, clamd runs as the "clamav" user, not as
root. So it can only access files which are available to the "clamav"
user or the "clamav" group.
So you have to add the "apache" group (which owns all the files created
by the web server, and hence all the files created by ZendTo) to the
"clamav" group so that clamd can read them if it's given group read
permissions (and group execute permissions in the case of directories).
So by adding "apache" to the "clamav" line in /etc/group, then
rebuilding the shadow file using "grpconv", and then restarting clamd,
it gets to refresh its version of what it can read.
At which point clamdscan will work.
Hopefully that helps explain what is going on and how it all works a
little better.
Cheers,
Jules.
> ----------- SCAN SUMMARY -----------
>
> Infected files: 0
>
> Time: 0.000 sec (0 m 0 s)
>
> [root at files ~]#
>
> ----------------------------------
> Gavin Silver
>
> *From:* zendto-bounces at zendto.com [mailto:zendto-bounces at zendto.com]
> *On Behalf Of *Jules
> *Sent:* Tuesday, July 20, 2010 5:26 PM
> *To:* ZendTo Users
> *Subject:* [ZendTo] Re: unable to upload
>
>
>
> On 20/07/2010 21:24, Gavin Silver wrote:
>
> centos 4.5
>
> rpm install
>
> followed docs to download and install all the dependencies including
> clamav
>
> That means it probably couldn't find clamdscan, which should be part
> of the ClamAV RPMs the docs told you to download. When logged in as
> root, what do you get from a "which clamdscan" command?
>
> The error return code 2 implies an error occurred during virus
> scanning. Put some files (anything will do for a test) into
> /var/zendto/incoming, then "chown apache.apache
> /var/zendto/incoming/*" and run a command such as
> clamdscan /var/zendto/incoming/*
> and see what it says.
>
> If it says "acccess denied" lots of times then what might be wrong is
> that the clamav group may need adding to the apache group in
> /etc/group. Find the line in /etc/group starting with "apache" and add
> "clamav" to the end of it. Then run the command "grpconv" to build the
> shadow file. Then "service clamd restart" and then try clamdscan again.
>
> If it still complains that it couldn't read files, then you either
> need to disable SELinux or configure it correctly so it can read the
> files under /var/zendto/incoming. I don't know much about SELinux so
> you're on your own a bit there, hopefully Google will help.
>
> When you find the solution, please let me know so that I can add it to
> the docs.
>
> Once you have got "clamdscan /var/zendto/incoming" working, you should
> be there.
>
> Thanks,
> Jules.
>
> getting:
>
> *Upload Error*
>
> The attempt to virus-scan your drop-off failed. Please contact your
> administrator for assistance.
>
> after the file uploads
>
> Where should I start looking first?
>
> ----------------------------
> Gavin Silver
>
>
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zendto.com <mailto:ZendTo at zendto.com>
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
>
>
>
> Jules
>
> --
> Julian Field MEng CITP CEng
> www.ZendTo.com <http://www.ZendTo.com>
>
> Need help fixing or optimising your systems?
> Contact me!
> Need help getting you started solving new requirements from your boss?
> Contact me!
>
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> Follow me at twitter.com/JulesFM
>
> --
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zendto.com
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
Jules
--
Julian Field MEng CITP CEng
www.ZendTo.com
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20100721/d861e503/attachment.html
More information about the ZendTo
mailing list