[ZendTo] ClamAV error
jules at zend.to
jules at zend.to
Fri Jan 7 14:35:02 GMT 2022
Yes, you want to keep my modified version. There's a lacking in the
clamd configuration in apparmor that needs extending to work with
ZendTo, or else it won't be able to scan any files in /var/zendto/incoming.
Cheers,
Jules.
On 18/10/2021 13:44, HILLENBRAND Marita via ZendTo wrote:
>
> Dear all,
>
> I retried the update of ourUbuntu 18.04.5 LTS and at one point there
> was this message (sorry, it’s a french version) :
>
> ….
>
> /Fichier de configuration « /etc/apparmor.d/usr.sbin.clamd »/
>
> /==> Modifié (par vous ou par un script) depuis l'installation./
>
> /==> Le distributeur du paquet a fourni une version mise à jour./
>
> / Que voulez-vous faire ? Vos options sont les suivantes :/
>
> / Y ou I : installer la version du responsable du paquet/
>
> / N ou O : garder votre version actuellement installée/
>
> / D : afficher les différences entre les versions/
>
> / Z : suspendre ce processus pour examiner la situation/
>
> /L'action par défaut garde votre version actuelle./
>
> /*** usr.sbin.clamd (Y/I/N/O/D/Z) [défaut=N] ?/
>
> This time, I said « Y » and now clamav works fine after the update.
>
> The only thing that I didn’t get right, was the update of the version
> of clamav :
>
> /root at sv-ctm-zendto:/home/zendto# freshclam/
>
> /WARNING: Ignoring deprecated option SafeBrowsing at
> /etc/clamav/freshclam.conf:22/
>
> /Mon Oct 18 14:33:03 2021 -> ClamAV update process started at Mon Oct
> 18 14:33:03 2021/
>
> /Mon Oct 18 14:33:03 2021 //-> ^Your ClamAV installation is OUTDATED!/
>
> /Mon Oct 18 14:33:03 2021 -> ^Local version: 0.103.2 Recommended
> version: 0.103.3/
>
> /Mon Oct 18 14:33:03 2021 -> DON'T PANIC! Read
> https://www.clamav.net/documents/upgrading-clamav/
>
> /Mon Oct 18 14:33:03 2021 -> daily.cld database is up-to-date
> (version: 26326, sigs: 1938868, f-level: 90, builder: raynman)/
>
> /Mon Oct 18 14:33:03 2021 -> main.cld database is up-to-date (version:
> 62, sigs: 6647427, f-level: 90, builder: sigmgr)/
>
> /Mon Oct 18 14:33:03 2021 -> bytecode.cld database is up-to-date
> (version: 333, sigs: 92, f-level: 63, builder: awillia2)/
>
> I had a look on there website, but that didn’t help me much. I guess
> I’ll wait and see.
>
> Best regards,
>
> *Marita HILLENBRAND*
> Service Informatique
>
> *Centre Administratif et Technique*
> 130, avenue Charles de Gaulle - 91230 Montgeron
> Tél : 01 70 58 93 40 Port : 06 24 04 43 58
> www.montgeron.fr <https://www.montgeron.fr/>
>
> /Participez, vous aussi, à la protection de l'environnement en
> n'imprimant ce courriel que si nécessaire.//
> //Le présent courriel peut contenir des renseignements confidentiels
> et ne s’adresse qu’au(x) destinataire(s) indiqué(s) ci-dessus. Si ce
> courriel vous est parvenu par erreur, veuillez le supprimer et nous en
> aviser aussitôt. Merci./
>
> *De :*ZendTo <zendto-bounces at zend.to> *De la part de* HILLENBRAND
> Marita via ZendTo
> *Envoyé :* lundi 18 octobre 2021 12:20
> *À :* ZendTo Users <zendto at zend.to>
> *Cc :* HILLENBRAND Marita <m.hillenbrand at montgeron.fr>
> *Objet :* Re: [ZendTo] ClamAV error
>
> Dear all,
>
> I have also the problem, I updated our Ubuntu 18.04.5 LTS (en root)
> with the commands below and got the upload error “The attempt to
> virus-scan your drop-off failed. Please notify the system administrator.”
>
> apt update
>
> apt upgrade zendto
>
> # systemctl status clamav-daemon
>
> ●clamav-daemon.service - Clam AntiVirus userspace daemon
>
> Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled;
> vendor preset: enabled)
>
> Drop-In: /etc/systemd/system/clamav-daemon.service.d
>
> └─extend.conf
>
> Active: failed (Result: exit-code) since Mon 2021-10-18 11:32:57
> CEST; 28min ago
>
> Docs: man:clamd(8)
>
> man:clamd.conf(5)
>
> https://www.clamav.net/documents/
>
> Main PID: 11391 (code=exited, status=1/FAILURE)
>
> oct. 18 11:32:56 sv-ctm-zendto systemd[1]: Stopped Clam AntiVirus
> userspace daemon.
>
> oct. 18 11:32:56 sv-ctm-zendto systemd[1]: Starting Clam AntiVirus
> userspace daemon...
>
> oct. 18 11:32:56 sv-ctm-zendto systemd[1]: Started Clam AntiVirus
> userspace daemon.
>
> oct. 18 11:32:57 sv-ctm-zendto clamd[11391]: ERROR: lchown to user
> 'clamav' failed on
>
> oct. 18 11:32:57 sv-ctm-zendto clamd[11391]: log file
> '/var/log/clamav/clamav.log'.
>
> oct. 18 11:32:57 sv-ctm-zendto clamd[11391]: Error was 'Operation not
> permitted'
>
> oct. 18 11:32:57 sv-ctm-zendto clamd[11391]: Mon Oct 18 11:32:57 2021
> -> ^lchown to user 'clamav' failed on log file
> '/var/log/clamav/clamav.log'. Erro
>
> oct. 18 11:32:57 sv-ctm-zendto systemd[1]: clamav-daemon.service: Main
> process exited, code=exited, status=1/FAILURE
>
> oct. 18 11:32:57 sv-ctm-zendto systemd[1]: clamav-daemon.service:
> Failed with result 'exit-code'.
>
> I got back to the old version for now, but I suspect, I need to update
> the system to make the let’s encrypt certificate function.
>
> Best regards,
>
> *Marita HILLENBRAND*
> Service Informatique
>
> *Centre Administratif et Technique*
> 130, avenue Charles de Gaulle - 91230 Montgeron
> Tél : 01 70 58 93 40 Port : 06 24 04 43 58
> www.montgeron.fr <https://www.montgeron.fr/>
>
> /Participez, vous aussi, à la protection de l'environnement en
> n'imprimant ce courriel que si nécessaire.//
> //Le présent courriel peut contenir des renseignements confidentiels
> et ne s’adresse qu’au(x) destinataire(s) indiqué(s) ci-dessus. Si ce
> courriel vous est parvenu par erreur, veuillez le supprimer et nous en
> aviser aussitôt. Merci./
>
> *De :*ZendTo <zendto-bounces at zend.to> *De la part de* Dean Sherwood
> via ZendTo
> *Envoyé :* lundi 18 octobre 2021 09:42
> *À :* zendto at zend.to
> *Cc :* Dean Sherwood <Dean at tropmedres.ac>
> *Objet :* [ZendTo] ClamAV error
>
> Dear all
>
> We updated our Ubuntu 18.04.6 LTS server with below commands and now
> have the upload error “The attempt to virus-scan your drop-off failed.
> Please notify the system administrator.”
>
> sudo apt update
>
> sudo apt upgrade
>
> ---
>
> Checking the clamav service we see
>
> systemctl status clamav-daemon.service
>
> ● clamav-daemon.service - Clam AntiVirus userspace daemon
>
> Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled;
> vendor preset: enabled)
>
> Drop-In: /etc/systemd/system/clamav-daemon.service.d
>
> └─extend.conf
>
> Active: failed (Result: exit-code) since Mon 2021-09-27 11:33:58
> +07; 3min 59s ago
>
> Docs: man:clamd(8)
>
> man:clamd.conf(5)
>
> Process: 1323 ExecStart=/usr/sbin/clamd --foreground=true
> (code=exited, status=1/FAILURE)
>
> Process: 1317 ExecStartPre=/bin/chown clamav /run/clamav
> (code=exited, status=0/SUCCESS)
>
> Process: 1097 ExecStartPre=/bin/mkdir -p /run/clamav (code=exited,
> status=0/SUCCESS)
>
> Main PID: 1323 (code=exited, status=1/FAILURE)
>
> Sep 27 11:33:51 zend2 systemd[1]: Starting Clam AntiVirus userspace
> daemon...
>
> Sep 27 11:33:53 zend2 systemd[1]: Started Clam AntiVirus userspace daemon.
>
> Sep 27 11:33:58 zend2 systemd[1]: clamav-daemon.service: Main process
> exited, code=exited, status=1/FAILURE
>
> Sep 27 11:33:58 zend2 clamd[1323]: ERROR: lchown to user 'clamav'
> failed on
>
> Sep 27 11:33:58 zend2 clamd[1323]: log file '/var/log/clamav/clamav.log'.
>
> Sep 27 11:33:58 zend2 clamd[1323]: Error was 'Operation not permitted'
>
> Sep 27 11:33:58 zend2 clamd[1323]: Mon Sep 27 11:33:58 2021 -> ^lchown
> to user 'clamav' failed on log file '/var/log/clamav/clamav.log'.
> Error was 'Operation not permitted'
>
> Sep 27 11:33:58 zend2 systemd[1]: clamav-daemon.service: Failed with
> result 'exit-code'.
>
> ---
>
> Reinstalled and skipped all parts except for “Install and configure
> virus scanner, including SELinux and AppArmor support for it.”
>
> Become root with "su -" if using CentOS, RedHat, Debian or SuSE, or
> "sudo su -" if using Ubuntu.
>
> Download the installer:
> curl -O zend.to path
>
> Unpack it and cd into it:
> tar xzf install.ZendTo.tgz
> cd install.ZendTo
>
> Run the installer:
> ./install.sh
>
> =================================================================
>
> Install and configure ClamAV
>
> =================================================================
>
> Installing ClamAV packages
>
> Reading package lists... Done
>
> Building dependency tree
>
> Reading state information... Done
>
> clamav is already the newest version (0.103.2+dfsg-0ubuntu0.18.04.2).
>
> clamav-daemon is already the newest version
> (0.103.2+dfsg-0ubuntu0.18.04.2).
>
> 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
>
> Making clamd notice new signatures much faster
>
> Stop freshclam daemon so we can update signatures
>
> Updating signatures
>
> 1. Ignore errors about not being able to notify clamd
>
> 2. Expect a delay after downloading main.cvd
>
> 3. Expect a long delay after downloading daily.cvd
>
> WARNING: Ignoring deprecated option SafeBrowsing at
> /etc/clamav/freshclam.conf:22
>
> Mon Sep 27 11:32:42 2021 -> ClamAV update process started at Mon Sep
> 27 11:32:42 2021
>
> Mon Sep 27 11:32:42 2021 -> ^Your ClamAV installation is OUTDATED!
>
> Mon Sep 27 11:32:42 2021 -> ^Local version: 0.103.2 Recommended
> version: 0.103.3
>
> Mon Sep 27 11:32:42 2021 -> DON'T PANIC! Read
>
> Mon Sep 27 11:32:42 2021 -> daily.cld database is up-to-date (version:
> 26304, sigs: 1936445, f-level: 90, builder: raynman)
>
> Mon Sep 27 11:32:42 2021 -> main.cld database is up-to-date (version:
> 62, sigs: 6647427, f-level: 90, builder: sigmgr)
>
> Mon Sep 27 11:32:42 2021 -> bytecode.cld database is up-to-date
> (version: 333, sigs: 92, f-level: 63, builder: awillia2)
>
> Allowing ClamAV to read Apache files
>
> Allowing ClamAV through AppArmor to read ZendTo uploads
>
> No need, already done.
>
> Ubuntu 18: may need to work around a bug in the clamd AppArmor profile
>
> Good, they have fixed it. No change needed
>
> * Unloading AppArmor profiles
> [
> OK ]
>
> [ ok ] Starting apparmor (via systemctl): apparmor.service.
>
> [ ok ] Reloading apparmor configuration (via systemctl): apparmor.service.
>
> I am going to have to override the systemd definition for
>
> apache2 so it starts up with PrivateTmp=false.
>
> I am creating /etc/systemd/system/apache2.service.d/PrivateTmp_zendto.conf
>
> And tell systemd about the change
>
> Starting ClamAV and freshclam daemons
>
> ClamAV has been setup for you to work with ZendTo.
>
> ---
>
> However we still have the upload error “The attempt to virus-scan your
> drop-off failed. Please notify the system administrator.”
>
> Best regards,
>
> Dean
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://jul.es/mailman/listinfo/zendto
Jules
--
Julian Field MEng CEng CITP MBCS MIEEE MACM
'The AI does not hate you, nor does it love you, but you are made
out of atoms which it can use for something else.' - Eliezer Yudkowsky
www.Zend.To
Twitter: @JulesFM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jul.es/pipermail/zendto/attachments/20220107/6ac7e2ea/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 2631 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20220107/6ac7e2ea/attachment-0002.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.jpg
Type: image/jpeg
Size: 2631 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20220107/6ac7e2ea/attachment-0003.jpg>
More information about the ZendTo
mailing list