Re: [clamav-users] Clam user has read permissions, but I still get "lstat() failed: Permission denied"
Sorry, for the delay in replying, and many thanks to those who did. On Tue, 30 Oct 2018 at 19:08, Scott Kitterman wrote: > Did you explicitly remove Apparmor? It's shipped by default in Ubuntu and > the > Ubuntu clamav has an Apparmor profile included. > That was exactly it! I was unaware of Apparmor now coming enabled by default. It's the first time it's ever caused me any issues. For anyone looking for a fix in the future, do the following: 1. Uncomment the local config include at the bottom of "/etc/apparmor.d/usr.sbin.clamd" 2. Add the system paths clamd should have access to in "/etc/apparmor.d/local/usr.sbin.clamd" 3. Reload the apparmor service Many thanks for your help all! -- Doug ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Clam user has read permissions, but I still get "lstat() failed: Permission denied"
Hi, I would try: # ps -ef | grep clamd ==> see owner (as you are running clamdscan): if it is not clamav it means there is another config file or an option in the startup procedure... # sudo -u clamav clamscan -v --config-file=/etc/clamav/clamd.conf nc_data/ ==> it should work as we are running as clamav # strace -o /tmp/strace.out -fp "`pgrep clamd`" & # clamdscan -v --config-file=/etc/clamav/clamd.conf nc_data/ # kill %1 # more /tmp/strace.out ==> analyze Pierre On 30 Oct 2018 at 18:22, Doug Ingham wrote: Hi all, For some reason, clamdscan is returning a permissions error for files it has read access to. I've copied some output below to help show the situation... == root@arquivos0:/var/www# grep User /etc/clamav/clamd.conf User clamav root@arquivos0:/var/www# grep clamav /etc/group www-data:x:33:clamav clamav:x:121: root@arquivos0:/var/www# ls -ld nc_data/ drwxrwx--- 59 www-data www-data 4096 Out 22 08:40 nc_data/ root@arquivos0:/var/www# clamdscan -v --config-file=/etc/clamav/clamd.conf nc_data/ /var/www/nc_data: lstat() failed: Permission denied. ERROR --- SCAN SUMMARY --- Infected files: 0 Total errors: 1 Time: 0.000 sec (0 m 0 s) root@arquivos0:/var/www# sudo -u clamav ls nc_data/ [correct directory contents listed] root@arquivos0:/var/www# ls -al /var/log/clamav/ total 20 drwxr-xr-x 2 clamav clamav 45 Out 30 12:29 . drwxrwxr-x 16 root syslog 4096 Out 30 15:41 .. -rw-r- 1 clamav adm 10914 Out 30 17:12 clamav.log -rw-r- 1 clamav adm 2352 Out 30 15:17 freshclam.log root@arquivos0:/var/www# clamdscan -v --config-file=/etc/clamav/clamd.conf /var/log/clamav/ /var/log/clamav: lstat() failed: Permission denied. ERROR --- SCAN SUMMARY --- Infected files: 0 Total errors: 1 Time: 0.000 sec (0 m 0 s) == To quote Aristotle, "WTF?" Any help appreciated! -- Doug ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Clam user has read permissions, but I still get "lstat() failed: Permission denied"
On Tuesday, October 30, 2018 07:01:40 PM Doug Ingham wrote: > >and make sure user www-data has at least read and execute permissions > > If www-data didn't have r/w access to that directory, my site would be > broken! > > From the (redacted) comand output I copied above: > >> root@arquivos0:/var/www# sudo -u clamav ls nc_data/ > >> [correct directory contents listed] > > I do normally mount /var noexec, however I had to remount it exec when I > ran dpkg-reconfigure, so that's not it. I've just tested it with /tmp also > mounted exec, however that still didn't fix the problem. > > > Apparmor/SE Linux is another possibility. > > Neither are installed on this server. > > BTW, I'm running Ubuntu 16.04 & ClamAV 0.100.2/25075/Mon. Did you explicitly remove Apparmor? It's shipped by default in Ubuntu and the Ubuntu clamav has an Apparmor profile included. Scott K ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Clam user has read permissions, but I still get "lstat() failed: Permission denied"
>and make sure user www-data has at least read and execute permissions If www-data didn't have r/w access to that directory, my site would be broken! >From the (redacted) comand output I copied above: >> root@arquivos0:/var/www# sudo -u clamav ls nc_data/ >> [correct directory contents listed] I do normally mount /var noexec, however I had to remount it exec when I ran dpkg-reconfigure, so that's not it. I've just tested it with /tmp also mounted exec, however that still didn't fix the problem. > Apparmor/SE Linux is another possibility. Neither are installed on this server. BTW, I'm running Ubuntu 16.04 & ClamAV 0.100.2/25075/Mon. -- Doug ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Clam user has read permissions, but I still get "lstat() failed: Permission denied"
Apparmor/SE Linux is another possibility. Scott K On October 30, 2018 9:29:28 PM UTC, SCOTT PACKARD wrote: >You'd want to: >ls -ld / >ls -ld /var >ls -ld /var/www >l s-ld /var/www/nc_data >and make sure user www-data has at least read and execute permissions >to the parent directories. >You probably have removed read and execute from other, so clamdscan >can't go down in the >directory hierarchy to get to /var/www/nc_data/. > >Regards, Scott > > >From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On >Behalf Of Doug Ingham >Sent: Tuesday, October 30, 2018 2:23 PM >To: clamav-users@lists.clamav.net >Subject: [External] [clamav-users] Clam user has read permissions, but >I still get "lstat() failed: Permission denied" > >Hi all, >For some reason, clamdscan is returning a permissions error for files >it has read access to. >I've copied some output below to help show the situation... > >== >root@arquivos0:/var/www# grep User /etc/clamav/clamd.conf >User clamav > >root@arquivos0:/var/www# grep clamav /etc/group >www-data:x:33:clamav >clamav:x:121: > >root@arquivos0:/var/www# ls -ld nc_data/ >drwxrwx--- 59 www-data www-data 4096 Out 22 08:40 nc_data/ > >root@arquivos0:/var/www# clamdscan -v >--config-file=/etc/clamav/clamd.conf nc_data/ >/var/www/nc_data: lstat() failed: Permission denied. ERROR >--- SCAN SUMMARY --- >Infected files: 0 >Total errors: 1 >Time: 0.000 sec (0 m 0 s) >root@arquivos0:/var/www# sudo -u clamav ls nc_data/ >[correct directory contents listed] > >root@arquivos0:/var/www# ls -al /var/log/clamav/ >total 20 >drwxr-xr-x 2 clamav clamav45 Out 30 12:29 . >drwxrwxr-x 16 root syslog 4096 Out 30 15:41 .. >-rw-r- 1 clamav adm10914 Out 30 17:12 clamav.log >-rw-r- 1 clamav adm 2352 Out 30 15:17 freshclam.log > >root@arquivos0:/var/www# clamdscan -v >--config-file=/etc/clamav/clamd.conf /var/log/clamav/ >/var/log/clamav: lstat() failed: Permission denied. ERROR >--- SCAN SUMMARY --- >Infected files: 0 >Total errors: 1 >Time: 0.000 sec (0 m 0 s) >== >To quote Aristotle, "WTF?" > >Any help appreciated! > >-- >Doug ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Clam user has read permissions, but I still get "lstat() failed: Permission denied"
You'd want to: ls -ld / ls -ld /var ls -ld /var/www l s-ld /var/www/nc_data and make sure user www-data has at least read and execute permissions to the parent directories. You probably have removed read and execute from other, so clamdscan can't go down in the directory hierarchy to get to /var/www/nc_data/. Regards, Scott From: clamav-users [mailto:clamav-users-boun...@lists.clamav.net] On Behalf Of Doug Ingham Sent: Tuesday, October 30, 2018 2:23 PM To: clamav-users@lists.clamav.net Subject: [External] [clamav-users] Clam user has read permissions, but I still get "lstat() failed: Permission denied" Hi all, For some reason, clamdscan is returning a permissions error for files it has read access to. I've copied some output below to help show the situation... == root@arquivos0:/var/www# grep User /etc/clamav/clamd.conf User clamav root@arquivos0:/var/www# grep clamav /etc/group www-data:x:33:clamav clamav:x:121: root@arquivos0:/var/www# ls -ld nc_data/ drwxrwx--- 59 www-data www-data 4096 Out 22 08:40 nc_data/ root@arquivos0:/var/www# clamdscan -v --config-file=/etc/clamav/clamd.conf nc_data/ /var/www/nc_data: lstat() failed: Permission denied. ERROR --- SCAN SUMMARY --- Infected files: 0 Total errors: 1 Time: 0.000 sec (0 m 0 s) root@arquivos0:/var/www# sudo -u clamav ls nc_data/ [correct directory contents listed] root@arquivos0:/var/www# ls -al /var/log/clamav/ total 20 drwxr-xr-x 2 clamav clamav45 Out 30 12:29 . drwxrwxr-x 16 root syslog 4096 Out 30 15:41 .. -rw-r- 1 clamav adm10914 Out 30 17:12 clamav.log -rw-r- 1 clamav adm 2352 Out 30 15:17 freshclam.log root@arquivos0:/var/www# clamdscan -v --config-file=/etc/clamav/clamd.conf /var/log/clamav/ /var/log/clamav: lstat() failed: Permission denied. ERROR --- SCAN SUMMARY --- Infected files: 0 Total errors: 1 Time: 0.000 sec (0 m 0 s) == To quote Aristotle, "WTF?" Any help appreciated! -- Doug ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] Clam user has read permissions, but I still get "lstat() failed: Permission denied"
Hi all, For some reason, clamdscan is returning a permissions error for files it has read access to. I've copied some output below to help show the situation... == root@arquivos0:/var/www# grep User /etc/clamav/clamd.conf User clamav root@arquivos0:/var/www# grep clamav /etc/group www-data:x:33:clamav clamav:x:121: root@arquivos0:/var/www# ls -ld nc_data/ drwxrwx--- 59 www-data www-data 4096 Out 22 08:40 nc_data/ root@arquivos0:/var/www# clamdscan -v --config-file=/etc/clamav/clamd.conf nc_data/ /var/www/nc_data: lstat() failed: Permission denied. ERROR --- SCAN SUMMARY --- Infected files: 0 Total errors: 1 Time: 0.000 sec (0 m 0 s) root@arquivos0:/var/www# sudo -u clamav ls nc_data/ [correct directory contents listed] root@arquivos0:/var/www# ls -al /var/log/clamav/ total 20 drwxr-xr-x 2 clamav clamav45 Out 30 12:29 . drwxrwxr-x 16 root syslog 4096 Out 30 15:41 .. -rw-r- 1 clamav adm10914 Out 30 17:12 clamav.log -rw-r- 1 clamav adm 2352 Out 30 15:17 freshclam.log root@arquivos0:/var/www# clamdscan -v --config-file=/etc/clamav/clamd.conf /var/log/clamav/ /var/log/clamav: lstat() failed: Permission denied. ERROR --- SCAN SUMMARY --- Infected files: 0 Total errors: 1 Time: 0.000 sec (0 m 0 s) == To quote Aristotle, "WTF?" Any help appreciated! -- Doug ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml