[ZendTo] Re: unable to upload
Jules
Jules at ZendTo.com
Wed Jul 21 19:37:26 BST 2010
On 21/07/2010 17:53, Gavin Silver wrote:
>
> I appened "apache" to the end of the clamav line on /etc/group, then i
> ran grpconv, but i still got access denied when trying to scan.
>
And you did restart clamd after doing that?
>
> using usermod to add clamav to apache seemed to work though. not sure
> what usermod did that adding the line in /etc/group did not as my
> /etc/group file looks the same
>
I'll update the docs, that's a neater solution that doesn't require
editing any files or running grpconv.
>
> [root at files ~]# usermod -a -G apache clamav
>
> [root at files ~]# service clamd restart
>
> Stopping Clam AntiVirus Daemon: [ OK ]
>
> Starting Clam AntiVirus Daemon: [ OK ]
>
> [root at files ~]# clamdscan /var/zendto/incoming/*
>
> /var/zendto/incoming/testscanme: OK
>
> ----------- SCAN SUMMARY -----------
>
> Infected files: 0
>
> Time: 0.000 sec (0 m 0 s)
>
> thanks!
>
> ----------------------------------
> Gavin Silver
>
> *From:* zendto-bounces at zendto.com [mailto:zendto-bounces at zendto.com]
> *On Behalf Of *Jules
> *Sent:* Wednesday, July 21, 2010 11:34 AM
> *To:* ZendTo Users
> *Subject:* [ZendTo] Re: unable to upload
>
>
>
> On 21/07/2010 15:27, Gavin Silver wrote:
>
> [root at files ~]# freshclam
>
> ClamAV update process started at Wed Jul 21 14:21:25 2010
>
> main.cvd is up to date (version: 52, sigs: 704727, f-level: 44,
> builder: sven)
>
> Downloading daily-11403.cdiff [100%]
>
> daily.cld updated (version: 11403, sigs: 103267, f-level: 53, builder:
> arnaud)
>
> bytecode.cvd is up to date (version: 31, sigs: 7, f-level: 53,
> builder: nervous)
>
> Database updated (808001 signatures) from db.local.clamav.net (IP:
> 194.8.197.22)
>
> Clamd successfully notified about the update.
>
> [root at files ~]# service clamd restart
>
> Stopping Clam AntiVirus Daemon: [ OK ]
>
> Starting Clam AntiVirus Daemon: [ OK ]
>
> [root at files ~]# chkconfig clamd on
>
> [root at files ~]# which clamdscan
>
> /usr/bin/clamdscan
>
> [root at files ~]# echo hi > /var/zendto/incoming/testscanme
>
> [root at files ~]# chown apache.apache /var/zendto/incoming/*
>
> That will still leave the file "testscanme" most likely with global
> read permissions, which isn't what ZendTo should do by default. So
> please read on...
>
> [root at files ~]# clamdscan /var/zendto/incoming/*
>
> /var/zendto/incoming/testscanme: OK
>
> That looks okay, but what happens if you
> chmod o-rwx /var/zendto/incoming/*
> clamdscan /var/zendto/incoming/*
> ?
> If that doesn't work, then add "apache" to the end of the line that
> starts "clamav" in /etc/group and then run "grpconv". Then restart
> clamd and try clamdscan again.
>
> The full list of dependencies is listed at
> http://www.zendto.com/rpm.html
>
> If you still can't make it work, then as a stop-gap measure while we
> investigate further you can edit your
> /opt/zendto/config/preferences.php and change "clamdscan" to
> "clamscan". This will be a lot slower, but should get around the
> problem for now.
>
> "clamdscan" uses the daemon "clamd" to do the actual scanning, which
> has already started up and read all the virus signature databases,
> which is why it's lots faster. However, clamd runs as the "clamav"
> user, not as root. So it can only access files which are available to
> the "clamav" user or the "clamav" group.
>
> So you have to add the "apache" group (which owns all the files
> created by the web server, and hence all the files created by ZendTo)
> to the "clamav" group so that clamd can read them if it's given group
> read permissions (and group execute permissions in the case of
> directories).
>
> So by adding "apache" to the "clamav" line in /etc/group, then
> rebuilding the shadow file using "grpconv", and then restarting clamd,
> it gets to refresh its version of what it can read.
>
> At which point clamdscan will work.
>
> Hopefully that helps explain what is going on and how it all works a
> little better.
>
> Cheers,
> Jules.
>
>
>
> ----------- SCAN SUMMARY -----------
>
> Infected files: 0
>
> Time: 0.000 sec (0 m 0 s)
>
> [root at files ~]#
>
> ----------------------------------
> Gavin Silver
>
> *From:* zendto-bounces at zendto.com <mailto:zendto-bounces at zendto.com>
> [mailto:zendto-bounces at zendto.com] *On Behalf Of *Jules
> *Sent:* Tuesday, July 20, 2010 5:26 PM
> *To:* ZendTo Users
> *Subject:* [ZendTo] Re: unable to upload
>
>
>
> On 20/07/2010 21:24, Gavin Silver wrote:
>
> centos 4.5
>
> rpm install
>
> followed docs to download and install all the dependencies including
> clamav
>
> That means it probably couldn't find clamdscan, which should be part
> of the ClamAV RPMs the docs told you to download. When logged in as
> root, what do you get from a "which clamdscan" command?
>
> The error return code 2 implies an error occurred during virus
> scanning. Put some files (anything will do for a test) into
> /var/zendto/incoming, then "chown apache.apache
> /var/zendto/incoming/*" and run a command such as
> clamdscan /var/zendto/incoming/*
> and see what it says.
>
> If it says "acccess denied" lots of times then what might be wrong is
> that the clamav group may need adding to the apache group in
> /etc/group. Find the line in /etc/group starting with "apache" and add
> "clamav" to the end of it. Then run the command "grpconv" to build the
> shadow file. Then "service clamd restart" and then try clamdscan again.
>
> If it still complains that it couldn't read files, then you either
> need to disable SELinux or configure it correctly so it can read the
> files under /var/zendto/incoming. I don't know much about SELinux so
> you're on your own a bit there, hopefully Google will help.
>
> When you find the solution, please let me know so that I can add it to
> the docs.
>
> Once you have got "clamdscan /var/zendto/incoming" working, you should
> be there.
>
> Thanks,
> Jules.
>
>
> getting:
>
> *Upload Error*
>
> The attempt to virus-scan your drop-off failed. Please contact your
> administrator for assistance.
>
> after the file uploads
>
> Where should I start looking first?
>
> ----------------------------
> Gavin Silver
>
>
>
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zendto.com <mailto:ZendTo at zendto.com>
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
>
>
>
>
> Jules
>
> --
> Julian Field MEng CITP CEng
> www.ZendTo.com <http://www.ZendTo.com>
>
> Need help fixing or optimising your systems?
> Contact me!
> Need help getting you started solving new requirements from your boss?
> Contact me!
>
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> Follow me at twitter.com/JulesFM
>
> --
>
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zendto.com <mailto:ZendTo at zendto.com>
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
>
>
>
> Jules
>
> --
> Julian Field MEng CITP CEng
> www.ZendTo.com <http://www.ZendTo.com>
>
> Need help fixing or optimising your systems?
> Contact me!
> Need help getting you started solving new requirements from your boss?
> Contact me!
>
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> Follow me at twitter.com/JulesFM
>
> --
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zendto.com
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
Jules
--
Julian Field MEng CITP CEng
www.ZendTo.com
Need help fixing or optimising your systems?
Contact me!
Need help getting you started solving new requirements from your boss?
Contact me!
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
Follow me at twitter.com/JulesFM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20100721/3dad0dc1/attachment-0001.html
More information about the ZendTo
mailing list