I'm using an sme based server including clamav used for mail scanning.
I would like to use it also with moodle's uploaded files.
I tried both /usr/bin/clamscan and /usr/bin/clamdscan in the configuration parameters but infected files are uploaded anyway.
What's wrong with my configuration
When I use /usr/bin/clamscan file1 in a shell session a virus is detected but not with the same path in moodle's parameters ?
/usr/bin/clamdscan file1 in a shell session is giving a access denied message.
Need help !!!
There are four config settings for clam, not just pathtoclam -- can you tell me what you have for the other ones?
Even if /usr/bin/clamdscan is disallowed, /usr/bin/clamscan should work. Have you set run clam on upload to yes?
Even if /usr/bin/clamdscan is disallowed, /usr/bin/clamscan should work. Have you set run clam on upload to yes?
Here is my clamav config
| runclamonupload: | Oui |
| | Lancer clam AV lors du dépôt de fichiers ? Il est indispensable d'indiquer en outre le chemin d'accès correct dans le champ « pathtoclam » pour un fonctionnement correct. (Clam AV est un antivirus libre et gratuit que vous pouvez obtenir ici : http://www.clamav.net/) |
| pathtoclam: | |
| | Chemin d'accès du programme clam AV. En général quelque chose comme « /usr/bin/clamscan » ou « /usr/bin/clamdscan ». Cette valeur est indispensable au fonctionnement de clam AV. |
| quarantinedir: | |
| | Si vous désirez que clam AV déplace les fichiers infectés vers un dossier de quarantaine, spécifiez ici son chemin d'accès. Le serveur web doit pouvoir écrire dans ce dossier. Si vous laissez ce champ vide ou si vous spécifiez un dossier inexistant ou sans droit d'écriture, les fichiers infectés seront détruits. Ne pas écrire la barre oblique finale. |
| clamfailureonupload: | Ne pas traiter les fichiers |
| | Si vous avez configuré clam pour l'inspection des fichiers déposés et que la configuration n'est pas correcte ou que clam ne peut être lancé pour une autre raison, quel doit être le comportement ? Si vous indiquez « Traiter les fichiers comme des virus », ils seront déplacés vers un dossier de quarantaine ou détruits. Si vous indiquez « Ne pas traiter les fichiers », les fichiers seront déposés vers leur dossier de destination, sans être inspectés. Dans tous les cas, les administrateurs seront avertis que clam n'a pas fonctionné. En outre, si vous indiquez « Traiter les fichiers comme des virus » et que clam ne peut pas fonctionner (d'habitude parce que le chemin « pathtoclam » n'set pas correct), TOUS les fichiers déposés seront déplacés vers le dossier de quarantaine ou détruits. Soyez prudent avec ce réglage ! |
I'm experiencing a problem with Clam altogether. I receive emails stating that the path provided to Clam is invalid. I've pestered my hosting company no end and they have now washed their hands of it and state that it is a moodle problem.
Clam does not work with either /usr/bin/clamdscan or /usr/bin/clamscan.
Any suggestions?
Can you run clam with either /usr/bin/clamscan or /usr/bin/clamdscan from the command line on your server?
I have the exact same problem... My clamav is installed in
/usr/local/bin
I have tried to put:
/usr/local/bin/clamdscan
/usr/local/bin/clamscan
as my paths. The version of clamav is 0.86.1
On the commandline both commands work fine.
/usr/local/bin
I have tried to put:
/usr/local/bin/clamdscan
/usr/local/bin/clamscan
as my paths. The version of clamav is 0.86.1
On the commandline both commands work fine.
I use a commerical web hosting company which has also gone into Moodle Admin and looked at the settings. They have confirmed that all users have access to clamAV at /usr/bin/clamscan or clamdscan. The command line is not available to me.
Might this be a small bug with the new version of Clam or Moodle 1.5.1?
Yes, I had forgotten to mention that. In my setup all user have execution rights on both clamscan and clamdscan.
Can you post the output of your error message (the one in the email) and also can you look through your apache error logs to see if you can find any useful errors there.
Also, when you say 'all users have execution rights' - it could be that it doesn't include the user that apache runs as -- usually www-data or nobody.
Also, if anybody reads this who has successfully set up clam, please post here to say that it's working
Also, when you say 'all users have execution rights' - it could be that it doesn't include the user that apache runs as -- usually www-data or nobody.
Also, if anybody reads this who has successfully set up clam, please post here to say that it's working
I'm getting no errors on my installation - Fedora 3, Moodle 1.5.1, PHP 5.0.4.
I don't know where to look to see a successful check by clamav but there are no error emails or logs. The path is /usr/bin/clamdscan.
Tim.
I don't know where to look to see a successful check by clamav but there are no error emails or logs. The path is /usr/bin/clamdscan.
Tim.
If you're not getting errors and you've configured it to scan on upload it's working.
You can test it by uploading the test virus from the clamav people. It should complain loudly about it.
You can get it from
http://nzvle.eduforge.org/clam/testvirus.zip
You can test it by uploading the test virus from the clamav people. It should complain loudly about it.
You can get it from
http://nzvle.eduforge.org/clam/testvirus.zip
OK, I tested it with that test virus and I can confirm that it is working correctly on my system. It wouldn't accept the upload and gave me an error message as such:
The file you have uploaded, clamtest, has been scanned by a virus checker and found to be infected! Your file upload was NOT successful.
The file you have uploaded, clamtest, has been scanned by a virus checker and found to be infected! Your file upload was NOT successful.
It also copied the file to the quarantine directory I had set up in the settings.
Okay, here is some more info:
I run Moodle 1.5.1 (2005060210) on Fedora Core 2 with PHP 4.3.8.
You can see the attached screenshots for my clamav settings and the permissions on the executable.
The message was in Dutch (I guess you do not speak that) but I found it as the string 'clamlost' in moodle.php:
'Moodle is configured to run clam on file upload, but the path supplied to Clam AV, $a, is invalid.'
If I change my settings and treat uploaded files as viruses when there is a problem then I get the following error when I upload a file:
Your administrator has enabled virus checking for file uploads but has misconfigured something.
Your file upload was NOT successful. Your administrator has been emailed to notify them so they can fix it.
Maybe try uploading this file later.
Could it be that Moodle has a problem with clamscan being installed in /usr/local/bin instead of /usr/local?
I run Moodle 1.5.1 (2005060210) on Fedora Core 2 with PHP 4.3.8.
You can see the attached screenshots for my clamav settings and the permissions on the executable.
The message was in Dutch (I guess you do not speak that) but I found it as the string 'clamlost' in moodle.php:
'Moodle is configured to run clam on file upload, but the path supplied to Clam AV, $a, is invalid.'
If I change my settings and treat uploaded files as viruses when there is a problem then I get the following error when I upload a file:
Your administrator has enabled virus checking for file uploads but has misconfigured something.
Your file upload was NOT successful. Your administrator has been emailed to notify them so they can fix it.
Maybe try uploading this file later.
Could it be that Moodle has a problem with clamscan being installed in /usr/local/bin instead of /usr/local?
Weird. Your configuration looks good to me.. Can you please run the following command (preferably as the user your web server runs as)
php -r 'echo (int)file_exists("/usr/local/bin/clamscan"); echo (int)is_executable("/usr/local/bin/clamscan"); echo "\n";';
php -r 'echo (int)file_exists("/usr/local/bin/clamscan"); echo (int)is_executable("/usr/local/bin/clamscan"); echo "\n";';
I tried your command as shown :
[root@www root]# ls -al /usr/bin/cl*
-rwxr-xr-x 1 root root 1081 mai 20 20:25 /usr/bin/clamav-config
-rwxr-xr-x 1 root root 31982 mai 20 20:25 /usr/bin/clamdscan
-rwxr-xr-x 1 root root 52806 mai 20 20:25 /usr/bin/clamscan
-rwxr-xr-x 1 root root 4328 avr 25 2002 /usr/bin/cleanappledouble.pl
-rwxr-xr-x 1 root root 3348 jui 20 2001 /usr/bin/clear
[root@www root]# php -r 'echo (int)file_exists("/usr/bin/clamscan"); echo (int)is_executable("/usr/bin/clamscan"); echo "\n";';
11
[root@www root]#
What can I think about it ?
[root@www root]# ls -al /usr/bin/cl*
-rwxr-xr-x 1 root root 1081 mai 20 20:25 /usr/bin/clamav-config
-rwxr-xr-x 1 root root 31982 mai 20 20:25 /usr/bin/clamdscan
-rwxr-xr-x 1 root root 52806 mai 20 20:25 /usr/bin/clamscan
-rwxr-xr-x 1 root root 4328 avr 25 2002 /usr/bin/cleanappledouble.pl
-rwxr-xr-x 1 root root 3348 jui 20 2001 /usr/bin/clear
[root@www root]# php -r 'echo (int)file_exists("/usr/bin/clamscan"); echo (int)is_executable("/usr/bin/clamscan"); echo "\n";';
11
[root@www root]#
What can I think about it ?
Can you please try and run that command as the user that your webserver runs as? Either www-data or nobody, or maybe something else, depending on your server.
Although, I'm not sure it's going to make that much difference, the only reason I was asking is that I was not sure whether is_executable worked as I expected it to.
Although, I'm not sure it's going to make that much difference, the only reason I was asking is that I was not sure whether is_executable worked as I expected it to.
The webserver runs as user apache. I cannot run the command as the webserver because I get the following:
[root@localhost root]# su apache
This account is currently not available.
I then changed to an ordinary user:
[root@localhost root]# su rooipann
and ran your command. I get the following:
[root@localhost root]# php -r 'echo (int)file_exists("/usr/local/bin/clamscan"); echo (int)is_executable("/usr/local/bin/clamscan"); echo "\n";';
Error in argument 1, char 2: option not found r
Usage: php [-q] [-h] [-s] [-v] [-i] [-f ]
php [args...]
-a Run interactively
-C Do not chdir to the script's directory
-c | Look for php.ini file in this directory
-n No php.ini file will be used
-d foo[=bar] Define INI entry foo with value 'bar'
-e Generate extended information for debugger/profiler
-f Parse . Implies `-q'
-h This help
-i PHP information
-l Syntax check only (lint)
-m Show compiled in modules
-q Quiet-mode. Suppress HTTP Header output.
-s Display colour syntax highlighted source.
-v Version number
-w Display source with stripped comments and whitespace.
-z Load Zend extension .
When I leave out the '-r' part I get:
[root@localhost root]# php 'echo (int)file_exists("/usr/local/bin/clamscan"); echo (int)is_executable("/usr/local/bin/clamscan"); echo "\n";';
Status: 404
Content-type: text/html
X-Powered-By: PHP/4.3.10
No input file specified.
I doubt any of this will help you at all!
BTW I tried to upload the testvirus with the clamscan on and as you can see it just got uploaded.
[root@localhost root]# su apache
This account is currently not available.
I then changed to an ordinary user:
[root@localhost root]# su rooipann
and ran your command. I get the following:
[root@localhost root]# php -r 'echo (int)file_exists("/usr/local/bin/clamscan"); echo (int)is_executable("/usr/local/bin/clamscan"); echo "\n";';
Error in argument 1, char 2: option not found r
Usage: php [-q] [-h] [-s] [-v] [-i] [-f ]
php [args...]
-a Run interactively
-C Do not chdir to the script's directory
-c | Look for php.ini file in this directory
-n No php.ini file will be used
-d foo[=bar] Define INI entry foo with value 'bar'
-e Generate extended information for debugger/profiler
-f Parse . Implies `-q'
-h This help
-i PHP information
-l Syntax check only (lint)
-m Show compiled in modules
-q Quiet-mode. Suppress HTTP Header output.
-s Display colour syntax highlighted source.
-v Version number
-w Display source with stripped comments and whitespace.
-z Load Zend extension .
When I leave out the '-r' part I get:
[root@localhost root]# php 'echo (int)file_exists("/usr/local/bin/clamscan"); echo (int)is_executable("/usr/local/bin/clamscan"); echo "\n";';
Status: 404
Content-type: text/html
X-Powered-By: PHP/4.3.10
No input file specified.
I doubt any of this will help you at all!
BTW I tried to upload the testvirus with the clamscan on and as you can see it just got uploaded.
With www user I got the same thing as you can see :
[root@www script]# su www
[root@www script]# php -r 'echo (int)file_exists("/usr/bin/clamscan"); echo (int)is_executable("/usr/bin/clamscan"); echo "\n";';
11
What can I do to fix that ?
[root@www script]# su www
[root@www script]# php -r 'echo (int)file_exists("/usr/bin/clamscan"); echo (int)is_executable("/usr/bin/clamscan"); echo "\n";';
11
What can I do to fix that ?
Look in the apache error log?
I'm getting out of ideas.
I'm getting out of ideas.
I have solved my problem 
I moved the clamscan executable to the root-directory of my website, changed the the Path in the Moodle settings and now it works!
My server runs Fedora Core but has a Plesk interface on top of it. I use the Plesk Internet to create virtual hosts. I guess Plesk introduces some security measures that I do not fully understand nor was fully aware of.
I hope this could also solve Didier problems.
Penny, thank you very much for all your help.
I moved the clamscan executable to the root-directory of my website, changed the the Path in the Moodle settings and now it works!
My server runs Fedora Core but has a Plesk interface on top of it. I use the Plesk Internet to create virtual hosts. I guess Plesk introduces some security measures that I do not fully understand nor was fully aware of.
I hope this could also solve Didier problems.
Penny, thank you very much for all your help.