[clamav-users] Clamd: WARNING: lstat() failed on

2014-11-24 Thread stephen . bone 
Hi all,

I'm hoping someone can shed some light on an issue I'm experiencing...

I have been running Qmail, qpsmtpd, Qmail-Scanner, Spam Assassin, and 
Clamd on three mx's for some years.Until recently I've been compiling 
my own ClamAV, and all has been well.  However in order to try to simplify 
the process  I've recently switched a test mx to using prebuilt rpms, and 
here I've been having an issue with clamd reporting WARNING: lstat() 
failed on ..., when scanning the contents of a directory.

I have tried to break the problem down.  So now I can re-create the same 
error by using clamdscan / clamd to scan the contents of a test directory. 
 I've tried running clamd as qscand (qmail-scanner user), clamav (clamav 
default), and root (only for testing).  It would appear that clamd scans a 
file in the root of the file system fine, however as soon as I point 
clamdscan to a/any directory I get 'lstat failed'.

Thinking it's a permissions issue, I've tested changing the owner of the 
directory to qscand, clamav, and root, to match the owner of the clamd 
process, as specified in clamd.conf.  I've also set permissions on the 
test directory to 755, however I'm still getting the same error.

I've spent some hours trying to diagnose the problem myself, since I get 
that your time is as valuable to you, and mine is to me!  But I'm at the 
point now where I guess I'm looking for a sanity check here...

I'm running CentOS 6.6, I've tried using ClamAV-0.98.4 from the epel repo. 
 This morning I've tried 0.98.5 from the epel-testing repo.  I have 
experience the same issue with both.

I've attached clamd.conf for reference.

Any assistance gratefully appreciated!

Thanks,

Steve




Disclaimer

This email and any attachments are intended solely for the addressee/s and may 
contain privileged or confidential information. All information or opinions 
expressed in this email and any attachments are those of the author and are not 
necessarily those of Tangent International. Neither Tangent International Group 
Plc, nor any of its controlled entities, accepts any responsibility for the 
accuracy or completeness of this message or liability for any damage or breach 
of confidentiality arising from the receipt or use of messages sent from its 
networks. The Internet and public networks can be inherently insecure and you 
should therefore rely on your own precautions against viruses and other 
defects. If you received this email in error, please advise the sender and 
immediately delete it and any attachments from your system.

Tangent International Limited (TIL) and Tangent International Group Plc (TIG) 
are registered in England and Wales both with a Registered Office Address of:
Swan House, 11 Woodbrook Crescent, Billericay, Essex, UK CM12 0EQ.
Registration Numbers are TIL #1552284, TIG #2110920.
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Clamd: WARNING: lstat() failed on

2014-11-24 Thread Steve Basford 

On Mon, November 24, 2014 11:21 am, stephen.b...@tanint.com wrote:

 I'm hoping someone can shed some light on an issue I'm experiencing...


Seem to remember a post a while ago... to do with AllowSupplementaryGroups ?

clamd.conf...

AllowSupplementaryGroups true


Cheers,

Steve
Sanesecurity.com

___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

[clamav-users] Mirroring Problems with db.de.clamav.net and safebrowsing

2014-11-24 Thread Matthias Egger 
Hello List

I just checked the logfiles back until october 2014 and saw, that we got
often safebrowsing-N.cdiff not found on remote server when we tried
downloading the file from db.de.clamav.net.

   2 times from 212.227.138.145
  15 times from 62.245.181.53
  41 times from 88.198.17.100

Are these mirrors just not aware that they should now mirror a
safebrowsing-N.cdiff File? Or should i use another URL
(db.??.clamav.net) to download (and which url in that case?).

Best regards
Matthias

-- 
Matthias Egger
ETH Zurich
Department of Information Technology  maeg...@ee.ethz.ch
and Electrical Engineering
IT Support Group (ISG.EE), ETL/F/24.1 Phone +41 (0)44 632 03 90
Physikstrasse 3, CH-8092 Zurich   Fax   +41 (0)44 632 11 95



smime.p7s
Description: S/MIME Cryptographic Signature
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] Mirroring Problems with db.de.clamav.net and afebrowsing

2014-11-24 Thread Joel Esler 
Matthias,

I’ll have our Mirror admins take a look.  Thanks.  


On Monday, November 24, 2014 at 8:07 AM, Matthias Egger wrote:

 Hello List
  
 I just checked the logfiles back until october 2014 and saw, that we got
 often safebrowsing-N.cdiff not found on remote server when we tried
 downloading the file from db.de.clamav.net (http://db.de.clamav.net).
  
 2 times from 212.227.138.145
 15 times from 62.245.181.53
 41 times from 88.198.17.100
  
 Are these mirrors just not aware that they should now mirror a
 safebrowsing-N.cdiff File? Or should i use another URL
 (db.??.clamav.net (http://clamav.net)) to download (and which url in that 
 case?).
  
 Best regards
 Matthias
  
 --  
 Matthias Egger
 ETH Zurich
 Department of Information Technology maeg...@ee.ethz.ch 
 (mailto:maeg...@ee.ethz.ch)
 and Electrical Engineering
 IT Support Group (ISG.EE), ETL/F/24.1 Phone +41 (0)44 632 03 90
 Physikstrasse 3, CH-8092 Zurich Fax +41 (0)44 632 11 95
  
 ___
 Help us build a comprehensive ClamAV guide:
 https://github.com/vrtadmin/clamav-faq
  
 http://www.clamav.net/contact.html#ml  



smime.p7s
Description: S/MIME cryptographic signature
___
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml