[ZendTo] Re: unable to upload

Jules Jules at ZendTo.com
Wed Jul 21 19:37:26 BST 2010



On 21/07/2010 17:53, Gavin Silver wrote:
>
> I appened "apache" to the end of the clamav line on /etc/group, then i 
> ran grpconv, but i still got access denied when trying to scan.
>
And you did restart clamd after doing that?
>
> using usermod to add clamav to apache seemed to work though. not sure 
> what usermod did that adding the line in /etc/group did not as my 
> /etc/group file looks the same
>
I'll update the docs, that's a neater solution that doesn't require 
editing any files or running grpconv.
>
> [root at files ~]# usermod -a -G apache clamav
>
> [root at files ~]# service clamd restart
>
> Stopping Clam AntiVirus Daemon:                            [  OK  ]
>
> Starting Clam AntiVirus Daemon:                            [  OK  ]
>
> [root at files ~]# clamdscan /var/zendto/incoming/*
>
> /var/zendto/incoming/testscanme: OK
>
> ----------- SCAN SUMMARY -----------
>
> Infected files: 0
>
> Time: 0.000 sec (0 m 0 s)
>
> thanks!
>
> ----------------------------------
> Gavin Silver
>
> *From:* zendto-bounces at zendto.com [mailto:zendto-bounces at zendto.com] 
> *On Behalf Of *Jules
> *Sent:* Wednesday, July 21, 2010 11:34 AM
> *To:* ZendTo Users
> *Subject:* [ZendTo] Re: unable to upload
>
>
>
> On 21/07/2010 15:27, Gavin Silver wrote:
>
> [root at files ~]# freshclam
>
> ClamAV update process started at Wed Jul 21 14:21:25 2010
>
> main.cvd is up to date (version: 52, sigs: 704727, f-level: 44, 
> builder: sven)
>
> Downloading daily-11403.cdiff [100%]
>
> daily.cld updated (version: 11403, sigs: 103267, f-level: 53, builder: 
> arnaud)
>
> bytecode.cvd is up to date (version: 31, sigs: 7, f-level: 53, 
> builder: nervous)
>
> Database updated (808001 signatures) from db.local.clamav.net (IP: 
> 194.8.197.22)
>
> Clamd successfully notified about the update.
>
> [root at files ~]# service clamd restart
>
> Stopping Clam AntiVirus Daemon:                            [  OK  ]
>
> Starting Clam AntiVirus Daemon:                            [  OK  ]
>
> [root at files ~]# chkconfig clamd on
>
> [root at files ~]# which clamdscan
>
> /usr/bin/clamdscan
>
> [root at files ~]# echo hi > /var/zendto/incoming/testscanme
>
> [root at files ~]# chown apache.apache /var/zendto/incoming/*
>
> That will still leave the file "testscanme" most likely with global 
> read permissions, which isn't what ZendTo should do by default. So 
> please read on...
>
> [root at files ~]# clamdscan /var/zendto/incoming/*
>
> /var/zendto/incoming/testscanme: OK
>
> That looks okay, but what happens if you
>     chmod o-rwx /var/zendto/incoming/*
>     clamdscan /var/zendto/incoming/*
> ?
> If that doesn't work, then add "apache" to the end of the line that 
> starts "clamav" in /etc/group and then run "grpconv". Then restart 
> clamd and try clamdscan again.
>
> The full list of dependencies is listed at
> http://www.zendto.com/rpm.html
>
> If you still can't make it work, then as a stop-gap measure while we 
> investigate further you can edit your 
> /opt/zendto/config/preferences.php and change "clamdscan" to 
> "clamscan". This will be a lot slower, but should get around the 
> problem for now.
>
> "clamdscan" uses the daemon "clamd" to do the actual scanning, which 
> has already started up and read all the virus signature databases, 
> which is why it's lots faster. However, clamd runs as the "clamav" 
> user, not as root. So it can only access files which are available to 
> the "clamav" user or the "clamav" group.
>
> So you have to add the "apache" group (which owns all the files 
> created by the web server, and hence all the files created by ZendTo) 
> to the "clamav" group so that clamd can read them if it's given group 
> read permissions (and group execute permissions in the case of 
> directories).
>
> So by adding "apache" to the "clamav" line in /etc/group, then 
> rebuilding the shadow file using "grpconv", and then restarting clamd, 
> it gets to refresh its version of what it can read.
>
> At which point clamdscan will work.
>
> Hopefully that helps explain what is going on and how it all works a 
> little better.
>
> Cheers,
> Jules.
>
>
>
> ----------- SCAN SUMMARY -----------
>
> Infected files: 0
>
> Time: 0.000 sec (0 m 0 s)
>
> [root at files ~]#
>
> ----------------------------------
> Gavin Silver
>
> *From:* zendto-bounces at zendto.com <mailto:zendto-bounces at zendto.com> 
> [mailto:zendto-bounces at zendto.com] *On Behalf Of *Jules
> *Sent:* Tuesday, July 20, 2010 5:26 PM
> *To:* ZendTo Users
> *Subject:* [ZendTo] Re: unable to upload
>
>
>
> On 20/07/2010 21:24, Gavin Silver wrote:
>
> centos 4.5
>
> rpm install
>
> followed docs to download and install all the dependencies including 
> clamav
>
> That means it probably couldn't find clamdscan, which should be part 
> of the ClamAV RPMs the docs told you to download. When logged in as 
> root, what do you get from a "which clamdscan" command?
>
> The error return code 2 implies an error occurred during virus 
> scanning. Put some files (anything will do for a test) into 
> /var/zendto/incoming, then "chown apache.apache 
> /var/zendto/incoming/*" and run a command such as
>     clamdscan /var/zendto/incoming/*
> and see what it says.
>
> If it says "acccess denied" lots of times then what might be wrong is 
> that the clamav group may need adding to the apache group in 
> /etc/group. Find the line in /etc/group starting with "apache" and add 
> "clamav" to the end of it. Then run the command "grpconv" to build the 
> shadow file. Then "service clamd restart" and then try clamdscan again.
>
> If it still complains that it couldn't read files, then you either 
> need to disable SELinux or configure it correctly so it can read the 
> files under /var/zendto/incoming. I don't know much about SELinux so 
> you're on your own a bit there, hopefully Google will help.
>
> When you find the solution, please let me know so that I can add it to 
> the docs.
>
> Once you have got "clamdscan /var/zendto/incoming" working, you should 
> be there.
>
> Thanks,
> Jules.
>
>
> getting:
>
> *Upload Error*
>
> The attempt to virus-scan your drop-off failed. Please contact your 
> administrator for assistance.
>
> after the file uploads
>
> Where should I start looking first?
>
> ----------------------------
> Gavin Silver
>
>
>
>   
>   
> _______________________________________________
> ZendTo mailing list
> ZendTo at zendto.com  <mailto:ZendTo at zendto.com>
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>    
>
>
>
>
> Jules
>   
> -- 
> Julian Field MEng CITP CEng
> www.ZendTo.com  <http://www.ZendTo.com>
>   
> Need help fixing or optimising your systems?
> Contact me!
> Need help getting you started solving new requirements from your boss?
> Contact me!
>   
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> Follow me at twitter.com/JulesFM
>
> -- 
>
>   
>   
> _______________________________________________
> ZendTo mailing list
> ZendTo at zendto.com  <mailto:ZendTo at zendto.com>
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>    
>
>
>
> Jules
>   
> -- 
> Julian Field MEng CITP CEng
> www.ZendTo.com  <http://www.ZendTo.com>
>   
> Need help fixing or optimising your systems?
> Contact me!
> Need help getting you started solving new requirements from your boss?
> Contact me!
>   
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> Follow me at twitter.com/JulesFM
>
> -- 
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zendto.com
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>    

Jules

-- 
Julian Field MEng CITP CEng
www.ZendTo.com

Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20100721/3dad0dc1/attachment-0001.html 


More information about the ZendTo mailing list