[clamav-users] File::Scan::ClamAV

Chris cpollock at embarqmail.com
Tue Jul 22 12:19:00 EDT 2014


On Tue, 2014-07-22 at 10:33 -0500, Chris wrote:
> On Tue, 2014-07-22 at 13:53 +0100, Anthony DIckinson wrote:
> > On 22/07/14 03:47, Chris wrote:
> > > On Sun, 2014-07-20 at 12:52 -0400, Scott Kitterman wrote:
> > >> On Sunday, July 20, 2014 07:27:25 Chris wrote:
> > >>> On Sun, 2014-07-20 at 13:32 +0200, Matus UHLAR - fantomas wrote:
> > >>>> On 19.07.14 21:38, Chris wrote:
> > >>>>> Finally I'm about finished with setting up my Ubuntu 14.04 system and
> > >>>>> getting everything setup the way it was in the old Mandriva system. I
> > >>>>> have both SA and ClamAV running now but I'm missing a module,
> > >>>>> File::Scan::ClamAV to interface with SA. Have tried multiple times to
> > >>>>> install via CPAN, I'm posted the output at pastebin -
> > >>>>> http://pastebin.com/bdurgL6X
> > >>>>>
> > >>>>> Any ideas anyone? ClamAV has been installed via the Ubuntu software
> > >>>>> installer if it makes a difference.
> > >>>> why not using ClamAV with your MTA directly?
> > >>> Good morning Matus, I have postfix installed and running, however, the
> > >>> only mail that goes through it are the outputs of cronjobs sent to me
> > >>> and the forwarding of spam to the address spam at uce.gov . That is
> > >>> probably overkill but I installed it so long ago on the old machine that
> > >>> it was just 2nd nature to install it again. The mail from my ISP comes
> > >>> in via Fetchmail > Procmail and is run through SA prior to getting
> > >>> tossed to my inbox.
> > >> I use clamsmtp (also from the Ubuntu package archive) with postfix, but I
> > >> suspect you could configure it as a transparent proxy between fetchmail and
> > >> procmail.  Then the virus scanning would be handled further upstream.
> > >>
> > >> Scott K
> > > I looked at this Scott but I don't think I'm techno-savy enough to try
> > > it. Any other ideas on how to install this module? After looking at the
> > > 't' folder in the source pkg and the errors it looks like it's looking
> > > for something it can't find but then again I'm not a perl programmer so
> > > I can't be positive.
> > >
> > > Thanks
> > > Chris
> > >
> > 
> > Chris,
> > 
> > Looks like the tests for this module are out of date or not 100% 
> > accurate. You can get the tests to complete by fudging.... Warning: Hack 
> > alert!!!
> > 
> > 
> > #step 1
> > sudo cpan
> > install File::Scan::ClamAV
> > (this will fail)
> > look File::Scan::ClamAV
> > (this puts you in the build directory for this module within cpan) e.g.:
> > 
> > cpan[2]> look File::Scan::ClamAV
> > Running look for module 'File::Scan::ClamAV'
> > 
> > Trying to open a subshell in the build directory...
> > Working directory is /root/.cpan/build/File-Scan-ClamAV-1.91-O_dSGE
> > xxxx at xxxx:.cpan/build/File-Scan-ClamAV-1.91-O_dSGE#
> > 
> > #step 2
> > cd t
> > (go into the test directory)
> > (in mkconf.pl change):
> > my $dir = cwd;
> > to
> > my $dir = '/tmp/;
> > 
> > #step 3
> > In  01ping.t, 02reload.t, 03quit.t, 04scan.t and 05streamscan.t files:
> > 1) change all references to 'clamsock' to '/tmp/clamsock' (should be 3 
> > places in each file: in the loop, during File::Scan::ClamAV 
> > instantiation and unlink)
> > 2) change the for loop count from 10 to 60 (as clamd takes a while to 
> > load) so,
> > for (1..10)
> > to
> > for (1..60)
> > 
> > #step 4
> > cd ..
> > (back to the root build dir)
> > 
> > # step 5
> > (run make test to run the test suite) e.g.:
> > 
> > xxxx at xxxx:.cpan/build/File-Scan-ClamAV-1.91-O_dSGE# make test
> > PERL_DL_NONLAZY=1 CLAMD_PATH=/usr/sbin /usr/bin/perl 
> > "-MExtUtils::Command::MM" "-e" "test_harness(0, 'blib/lib', 
> > '                                            blib/arch')" t/*.t
> > t/00basic.t ....... ok
> > t/01ping.t ........ ok
> > t/02reload.t ...... ok
> > t/03quit.t ........ ok
> > t/04scan.t ........ ok
> > t/05streamscan.t .. ok
> > t/pod-coverage.t .. skipped: Test::Pod::Coverage 1.00 required for 
> > testing POD coverage
> > t/pod.t ........... skipped: Test::Pod 1.00 required for testing POD
> > All tests successful.
> > Files=8, Tests=27, 187 wallclock secs ( 0.09 usr  0.04 sys + 174.55 
> > cusr  4.58 csys = 179.26 CPU)
> > Result: PASS
> > xxxx at xxxx:.cpan/build/File-Scan-ClamAV-1.91-O_dSGE#
> > 
> > # step 6
> > (run make install to install the modules)
> > make install
> > 
> > # step 7
> > exit
> > quit
> > 
> > Hope this helps,
> > 
> > Ant
> > _______________________________________________
> > Help us build a comprehensive ClamAV guide:
> > https://github.com/vrtadmin/clamav-faq
> > http://www.clamav.net/support/ml
> 
> Hmm, made the changes as noted:
> 
> root at localhost:~/.cpan/build/File-Scan-ClamAV-1.91-N3ENzf# make test
> PERL_DL_NONLAZY=1 CLAMD_PATH=/usr/sbin /usr/bin/perl
> "-MExtUtils::Command::MM" "-e" "test_harness(0, 'blib/lib',
> 'blib/arch')" t/*.t
> t/00basic.t ....... ok   
> t/01ping.t ........ ERROR: LOCAL: Socket file /clamsock could not be
> bound: Permission denied
> t/01ping.t ........ 1/3 # Failed test 2 in t/01ping.t at line 26
> #  t/01ping.t line 26 is: ok($av->ping);
> t/01ping.t ........ Failed 1/3 subtests 
> t/02reload.t ...... ERROR: LOCAL: Socket file /clamsock could not be
> bound: Permission denied
> ^Cmake: *** [test_dynamic] Interrupt
> 
> root at localhost:~/.cpan/build/File-Scan-ClamAV-1.91-N3ENzf# make test
> PERL_DL_NONLAZY=1 CLAMD_PATH=/usr/sbin /usr/bin/perl
> "-MExtUtils::Command::MM" "-e" "test_harness(0, 'blib/lib',
> 'blib/arch')" t/*.t
> t/00basic.t ....... ok   
> t/01ping.t ........ ERROR: LOCAL: Socket file /clamsock could not be
> bound: Permission denied
> t/01ping.t ........ 1/3 # Failed test 2 in t/01ping.t at line 26
> #  t/01ping.t line 26 is: ok($av->ping);
> t/01ping.t ........ Failed 1/3 subtests 
> t/02reload.t ...... ERROR: LOCAL: Socket file /clamsock could not be
> bound: Permission denied
> t/02reload.t ...... 1/3 # Failed test 2 in t/02reload.t at line 25
> #  t/02reload.t line 25 is: ok($av->reload);
> t/02reload.t ...... Failed 1/3 subtests 
> t/03quit.t ........ ERROR: LOCAL: Socket file /clamsock could not be
> bound: Permission denied
> t/03quit.t ........ 1/4 # Failed test 2 in t/03quit.t at line 31
> #  t/03quit.t line 31 is: ok($av->quit);
> t/03quit.t ........ Failed 1/4 subtests 
> t/04scan.t ........ ERROR: LOCAL: Socket file /clamsock could not be
> bound: Permission denied
> t/04scan.t ........ 1/8 # Test 4 got: "" (t/04scan.t at line 36)
> #   Expected: "1" (Didn't
> detect /home/chris/.cpan/build/File-Scan-ClamAV-1.91-N3ENzf/testfiles/clamavtest)
> #  t/04scan.t line 36 is: ok(exists($results{"$testdir/clamavtest"}), 1,
> "Didn't detect $testdir/clamavtest");
> # Test 5 got: "" (t/04scan.t at line 37)
> #   Expected: "1" (Didn't
> detect /home/chris/.cpan/build/File-Scan-ClamAV-1.91-N3ENzf/testfiles/clamavtest.zip)
> #  t/04scan.t line 37 is:
> ok(exists($results{"$testdir/clamavtest.zip"}), 1, "Didn't detect
> $testdir/clamavtest.zip");
> # Test 6 got: "" (t/04scan.t at line 38)
> #   Expected: "1" (Didn't
> detect /home/chris/.cpan/build/File-Scan-ClamAV-1.91-N3ENzf/testfiles/clamavtest.gz)
> #  t/04scan.t line 38 is: ok(exists($results{"$testdir/clamavtest.gz"}),
> 1, "Didn't detect $testdir/clamavtest.gz");
> t/04scan.t ........ Failed 3/8 subtests 
> t/05streamscan.t .. ERROR: LOCAL: Socket file /clamsock could not be
> bound: Permission denied
> t/05streamscan.t .. 1/8 # Test 5 got: <UNDEF> (t/05streamscan.t at line
> 43)
> #   Expected: "FOUND"
> #  t/05streamscan.t line 43 is: ok($ans, 'FOUND');
> # Test 6 got: <UNDEF> (t/05streamscan.t at line 44)
> #   Expected: "ClamAV-Test-Signature"
> #  t/05streamscan.t line 44 is: ok($vir, 'ClamAV-Test-Signature');
> t/05streamscan.t .. Failed 2/8 subtests 
> t/pod-coverage.t .. ok   
> t/pod.t ........... ok   
> 
> Test Summary Report
> -------------------
> t/01ping.t      (Wstat: 0 Tests: 3 Failed: 1)
>   Failed test:  2
> t/02reload.t    (Wstat: 0 Tests: 3 Failed: 1)
>   Failed test:  2
> t/03quit.t      (Wstat: 0 Tests: 4 Failed: 1)
>   Failed test:  2
> t/04scan.t      (Wstat: 0 Tests: 8 Failed: 3)
>   Failed tests:  4-6
> t/05streamscan.t (Wstat: 0 Tests: 8 Failed: 2)
>   Failed tests:  5-6
> Files=8, Tests=29, 301 wallclock secs ( 0.04 usr  0.01 sys + 56.64 cusr
> 1.95 csys = 58.64 CPU)
> Result: FAIL
> Failed 5/8 test programs. 8/29 subtests failed.
> make: *** [test_dynamic] Error 255
> 
> I have /tmp under:
> 
> root at localhost:/# cd root
> root at localhost:/root# ls -l
> total 8
> drwxr-xr-x 2 root root 4096 Jul 15 07:49 Desktop
> drwxr-xr-x 2 root root 4096 Jul 22 10:22 tmp
> 
> root at localhost:/root# cd ..
> root at localhost:/# ls -l
> total 129
> drwxr-xr-x   2 root root  4096 Jul 12 20:32 bin
> drwxr-xr-x   4 root root  1024 Jul 17 08:22 boot
> drwxrwxr-x   2 root root  4096 Jul 12 19:52 cdrom
> drwxr-xr-x  16 root root  4300 Jul 21 22:30 dev
> drwxr-xr-x 152 root root 12288 Jul 21 22:30 etc
> -rw-r--r--   1 root root  4777 Jan 11  2008 GPG.KEY
> drwxr-xr-x   3 root root  4096 Jul 12 19:53 home
> lrwxrwxrwx   1 root root    33 Jul 17 08:22 initrd.img ->
> boot/initrd.img-3.13.0-32-generic
> lrwxrwxrwx   1 root root    33 Jul 12 20:33 initrd.img.old ->
> boot/initrd.img-3.13.0-30-generic
> drwxr-xr-x  23 root root  4096 Jul 12 19:58 lib
> drwxr-xr-x   2 root root  4096 Apr 16 20:21 lib64
> drwx------   2 root root 16384 Jul 12 19:45 lost+found
> drwxr-xr-x   3 root root  4096 Jul 12 21:05 media
> drwxr-xr-x   2 root root  4096 Apr 10 17:12 mnt
> drwxr-xr-x   7 root root  4096 Jul 16 15:39 nonexisting
> drwxr-xr-x   2 root root  4096 Apr 16 20:21 opt
> dr-xr-xr-x 239 root root     0 Jul 20 17:45 proc
> -rw-r--r--   1 root root   108 Jul 14 09:13 razor-agent.log
> drwx------  21 root root  4096 Jul 22 10:22 root
> drwxr-xr-x  28 root root   880 Jul 21 07:37 run
> drwxr-xr-x   2 root root 12288 Jul 12 20:28 sbin
> drwxr-xr-x   2 root root  4096 Apr 16 20:21 srv
> dr-xr-xr-x  13 root root     0 Jul 20 17:45 sys
> drwxrwxrwt  12 root root 20480 Jul 22 10:26 tmp
> drwxr-xr-x  12 root root  4096 Jul 14 20:50 usr
> drwxr-xr-x  17 root root  4096 Jul 16 13:37 var
> lrwxrwxrwx   1 root root    30 Jul 17 08:22 vmlinuz ->
> boot/vmlinuz-3.13.0-32-generic
> lrwxrwxrwx   1 root root    30 Jul 12 20:33 vmlinuz.old ->
> boot/vmlinuz-3.13.0-30-generic
> -rw-r--r--   1 root root  2165 Jul 13 14:07 webmin-setup.out
> 
> and to be sure I made one in my /home/chris folder:
> 
> drwxrwxr-x   2 chris chris      4096 Jul 22 10:31 tmp
> 
> So, where did I go wrong?
> 
> Thanks
> Chris
> 
Looking at my hourly syslog output I see:

Jul 22 09:48:58 localhost kernel: [144184.546324] type=1400
audit(1406040538.469:90): apparmor="DENIED" operation="mknod"
profile="/usr/sbin/clamd" name="/clamsock" pid=8074 comm="clamd"
requested_mask="c" denied_mask="c" fsuid=0 ouid=0
Jul 22 09:49:58 localhost kernel: [144244.680690] type=1400
audit(1406040598.605:91): apparmor="DENIED" operation="mknod"
profile="/usr/sbin/clamd" name="/clamsock" pid=8099 comm="clamd"
requested_mask="c" denied_mask="c" fsuid=0 ouid=0
Jul 22 09:50:58 localhost kernel: [144304.679231] type=1400
audit(1406040658.601:92): apparmor="DENIED" operation="mknod"
profile="/usr/sbin/clamd" name="/clamsock" pid=8105 comm="clamd"
requested_mask="c" denied_mask="c" fsuid=0 ouid=0
Jul 22 09:51:59 localhost kernel: [144365.674034] type=1400
audit(1406040719.597:93): apparmor="DENIED" operation="mknod"
profile="/usr/sbin/clamd" name="/clamsock" pid=8127 comm="clamd"
requested_mask="c" denied_mask="c" fsuid=0 ouid=0
Jul 22 09:52:59 localhost kernel: [144425.952664] type=1400
audit(1406040779.877:94): apparmor="DENIED" operation="mknod"
profile="/usr/sbin/clamd" name="/clamsock" pid=8172 comm="clamd"
requested_mask="c" denied_mask="c" fsuid=0 ouid=0

Since I'm not familiar with Ubuntu yet is this 'apparmor' causing this
not to work?


-- 
Chris
31.11°N 97.89°W (Elev. 1092 ft)
11:17:32 up 1 day, 17:31, 1 user, load average: 0.11, 0.22, 0.29
Ubuntu 14.04 LTS, kernel 3.13.0-32-generic




More information about the clamav-users mailing list