• Recent
    • Unsolved
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    • Register
    • Login

    Clam AV Scans Not Working

    Scheduled Pinned Locked Moved
    FOG Problems
    6
    24
    12.8k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      chad-bisd Moderator
      last edited by

      I’ll get on my FOG server that does AV updates and see if I can find the missing link. I think it was an apache configuration change that allowed downloading the files from the root of the web server.


      If you would like to make a donation to the Fog project, please do so [U][COLOR=#0000ff][URL='http://sourceforge.net/dona…

      1 Reply Last reply Reply Quote 0
      • F
        Fernando Gietz Developer
        last edited by

        You must config the FOG_PXE_IMAGE_DNSADDRESS value, if you don’t have configured it, the client doesn’t know how to resolve the direction of the clamAV server.
        To rebuit the init.gz with the new version of clamav
        [url]http://fogproject.org/forum/threads/clamav-version-update.3926/[/url]
        To resize the init.gz
        [url]http://fogproject.org/forum/threads/change-initrd-size.3920/[/url]

        1 Reply Last reply Reply Quote 0
        • C
          chad-bisd Moderator
          last edited by

          One thing I did that is not in the wiki article is to make symbolic links:
          [CODE]
          cd /var/www
          sudo ln -s /var/lib/clamav/bytecode.cld
          sudo ln -s /var/lib/clamav/daily.cld
          sudo ln -s /var/lib/clamav/daily.cvd
          sudo ln -s /var/lib/clamav/main.cvd
          [/CODE]


          If you would like to make a donation to the Fog project, please do so [U][COLOR=#0000ff][URL='http://sourceforge.net/dona…

          1 Reply Last reply Reply Quote 0
          • M
            Martin T
            last edited by

            Thank you Fernando Gietz and chad-bisd for input.

            I have rebuilt the complete fog server with Ubuntu 12.04.2 LTS 64bit and fog .32 and I am back to the same error that I started with (clamaverror.jpg Monday 2:41PM). I did this because I have tried so many changes that I wanted to make sure that I got back to a safe starting point. So a few questions, if you please.
            Do I go back and make all the changes 1-9, yesterday at 11:34 AM or try the rebuild/resize of init.gz?[B] - both[/B]
            The server does have 0.97.6 and I see the client does say 0.97.1. Are the definitions truly incompatible?[B] - Fernando Gietz[/B]
            Where is the FOG_PXE_IMAGE_DNSADDRESS at? [B]- Fernando Gietz[/B]
            I can only find main, daily, and bytecode CVD files. No CLD files. Do I just make the symbolic links to what I have? [B]- chad-bisd[/B]
            I have asked other questions above but let’s see how this goes.
            I am willing to try almost anything and can rebuild the server when I know exactly the steps to make it work. Hopefully I can create a complete posting that outlines the exact steps to make this work for everyone who wants this task to work correctly.

            1 Reply Last reply Reply Quote 0
            • C
              chad-bisd Moderator
              last edited by

              Before you go through the effort of resizing the init.gz, just try the steps in the wiki with the slight modifications from this thread.

              Try it with the different versions. The compatibility error came from no files in /usr/share/clamav inside the init image, not because the client and server were different versions.

              You only need DNS settings if you use the host name of the FOG server and not the IP address.

              I believe the .cld files come and go, but make symbolic links to anything you have and try it.


              If you would like to make a donation to the Fog project, please do so [U][COLOR=#0000ff][URL='http://sourceforge.net/dona…

              1 Reply Last reply Reply Quote 0
              • M
                Martin T
                last edited by

                These are the only items I changed after the rebuild/install of FOG and [B]ClamAV is now working at the client[/B]. I will now work on getting rid of the OUTDATED AV ENGINE errors.

                1 - (6, 7, 8 from above) - [B]modify the init.gz image file[/B]
                cd /
                cd /tftpboot/fog/images
                cp init.gz init-ORIG.gz
                gunzip init.gz
                mkdir initmountdir
                mount -o loop init initmountdir
                nano initmountdir/etc/freshclam.conf
                add “ScriptedUpdates” to “no” based on above ERROR
                change “DatabaseMirror” to “IPAddressOfServer” instead of original “database.clamav.net”
                umount initmountdir/
                rmdir initmountdir
                gzip init

                2 - [B]create symbolic links[/B]
                cd /var/www
                ln -s /var/lib/clamav/bytecode.cvd
                ln -s /var/lib/clamav/daily.cvd
                ln -s /var/lib/clamav/main.cvd

                Before I start working on the init.gz do either of you know what I need to change so that the client does not reboot after the AV scan is finished? I want to see what the results are before the computer reboots.

                1 Reply Last reply Reply Quote 0
                • C
                  chad-bisd Moderator
                  last edited by

                  You need to edit the av script in the init image and remove the call to reboot the workstation or add a pause or something.


                  If you would like to make a donation to the Fog project, please do so [U][COLOR=#0000ff][URL='http://sourceforge.net/dona…

                  1 Reply Last reply Reply Quote 0
                  • C
                    chad-bisd Moderator
                    last edited by

                    I will update the wiki and note the changes.


                    If you would like to make a donation to the Fog project, please do so [U][COLOR=#0000ff][URL='http://sourceforge.net/dona…

                    1 Reply Last reply Reply Quote 0
                    • M
                      Martin T
                      last edited by

                      Even after making the changes above and ‘knowing’ that I had the AV scanning working sometimes it would not work. Especially when trying to show staff how good this product was. The culprit - different kernels. I found that ‘Kernel - 2.6.35.7 KS’ would not allow the AV scan to work but the default bzImage would. Thanks for all the help.

                      1 Reply Last reply Reply Quote 0
                      • F
                        Fernando Gietz Developer
                        last edited by

                        [quote=“Martin T, post: 10917, member: 3420”]Thank you Fernando Gietz and chad-bisd for input.

                        I have rebuilt the complete fog server with Ubuntu 12.04.2 LTS 64bit and fog .32 and I am back to the same error that I started with (clamaverror.jpg Monday 2:41PM). I did this because I have tried so many changes that I wanted to make sure that I got back to a safe starting point. So a few questions, if you please.
                        Do I go back and make all the changes 1-9, yesterday at 11:34 AM or try the rebuild/resize of init.gz?[B] - both[/B]
                        The server does have 0.97.6 and I see the client does say 0.97.1. Are the definitions truly incompatible?[B] - Fernando Gietz[/B]
                        Where is the FOG_PXE_IMAGE_DNSADDRESS at? [B]- Fernando Gietz[/B]
                        I can only find main, daily, and bytecode CVD files. No CLD files. Do I just make the symbolic links to what I have? [B]- chad-bisd[/B]
                        I have asked other questions above but let’s see how this goes.
                        I am willing to try almost anything and can rebuild the server when I know exactly the steps to make it work. Hopefully I can create a complete posting that outlines the exact steps to make this work for everyone who wants this task to work correctly.[/quote]

                        Sorry for answer so late.

                        [I]Where is the FOG_PXE_IMAGE_DNSADDRESS at?[/I]
                        In webui: About > FOG settings > TFTP Server

                        [I]The server does have 0.97.6 and I see the client does say 0.97.1. Are the definitions truly incompatible?[/I]
                        I’m not claAV expert 🙂 but the capture says that [I]Not supported database files founf in /usr/share/clamav. [/I]Seems the database files are incompatibles. This problem/issue desappears if you upgrade the clamAV version[I] to 0.97.6[/I]

                        I have seen the fog.av script and you don’t must resize the init.gz (sorry, but i’m sure that you have learn a lot of 🙂 ). The database files from the server are copied in /usr/share/clamav. This folder is a ramdisk:

                        [CODE]mount -t tmpfs none /usr/share/clamav/ -o size=50m;[/CODE]

                        This ramdisk have 50M size. This size would be little[I], why? [/I]the reason is the database files size grown more and more, daily. For example, in my server those files:

                        [CODE]-rw-r–r-- 1 clam clam 302K feb 15 03:37 bytecode.cld
                        -rw-r–r-- 1 clam clam 0 feb 26 20:25 clamd.sock
                        -rw-r–r-- 1 clam clam 55M mar 12 03:10 daily.cld
                        -rw-r–r-- 1 clam clam 30M mar 11 14:14 main.cvd
                        -rw-r–r-- 1 clam clam 572 mar 12 03:10 mirrors.dat[/CODE]

                        86 MB, and daily increases his size 😞 The size of the ramdisk would be dinamic.

                        1 Reply Last reply Reply Quote 0
                        • 1
                        • 2
                        • 2 / 2
                        • First post
                          Last post

                        173

                        Online

                        12.1k

                        Users

                        17.3k

                        Topics

                        155.3k

                        Posts
                        Copyright © 2012-2024 FOG Project