Scénario #34609
EOLE 2.9 : Actualiser le template ClamD
Status:
Terminé (Sprint)
Priority:
Normal
Assigned To:
Category:
-
Target version:
Start date:
05/03/2021
Due date:
01/01/2024
% Done:
100%
Story points:
3.0
Remaining (hours):
0.00 hour
Velocity based estimate:
Release:
Release relationship:
Auto
Description
Ce template ClamD a été crée pour la version 0.99 (2016).
La version en cours chez Ubuntu est la 103.
Il faut vérifier les options du fichier de conf Clamd.conf
Ex. :
00:06:04.330 WARNING: Ignoring deprecated option DetectBrokenExecutables at /etc/clamav/clamd.conf:206 00:06:04.330 ERROR: Can't save PID to file /run/clamav/clamd.pid: No such file or directory
Donc,
Clam n'est pas fonctionnel
--> e2guardian
sept. 16 11:24:05 amon e2guardian0[2356]: "2022.09.16 11:24:05"," -","10.1.2.50","http://repo.saltproject.io/py3/ubuntu/20.04/amd64/3004/dists/focal/InRelease","*SCANNED* *Accès interdit* ICAP Response filtering: WARNING: Could not perfo> sept. 16 11:24:05 amon e2guardian0[2356]: Error connecting to ClamD socket sept. 16 11:24:05 amon e2guardian0[2356]: Unknown return code from content scanner: -1
--> squid répond 403
--> apt-get en erreur !
00:07:19.670 deb [arch=amd64] http://repo.saltproject.io/py3/ubuntu/20.04/amd64/3004 focal main 00:07:19.670 Réception de :1 http://repo.saltproject.io/py3/ubuntu/20.04/amd64/3004 focal InRelease 00:07:19.670 Err :1 http://repo.saltproject.io/py3/ubuntu/20.04/amd64/3004 focal InRelease 00:07:19.670 Le fichier signé en clair n'est pas valable, ce qui a été reçu est « NOSPLIT ». Peut-être le réseau nécessite-t-il une authentification.
Exemple d'info : https://github.com/edestecd/puppet-clamav/issues/62
A voir :- EOLE 2.8.1 : le service est fonctionnel, il y a uniquement "Ignoring deprecated option DetectBrokenExecutables" → ne rien faire
- amon audit22973: AVC apparmor="DENIED" operation="capable" profile="/usr/sbin/clamd" pid=22973 comm="clamd" capability=2 capname="dac_read_search"
- Revoir les variables et la doc si nécessaire
Subtasks
Related issues
History
#1 Updated by Gilles Grandgérard about 1 year ago
- Description updated (diff)
#2 Updated by Gilles Grandgérard about 1 year ago
- Description updated (diff)
#3 Updated by Joël Cuissinat about 1 year ago
- Release set to Carnet de produit (Cadoles)
- Story points set to 2.0
#4 Updated by Joël Cuissinat about 1 year ago
- Description updated (diff)
#5 Updated by Gilles Grandgérard about 1 year ago
- Subject changed from Actualiser le template ClamD to EOLE 2.9 : Actualiser le template ClamD
#6 Updated by Laurent Gourvenec about 1 year ago
Gilles Grandgérard a écrit :
A voir :
- EOLE 2.8 ?
Que faut-il faire ? Travail en 2.9 puis backport potentiel ?
#7 Updated by Joël Cuissinat about 1 year ago
Sur etb1.amon 2.9.0, systemctl status clamav-daemon.service me renvoie :
○ clamav-daemon.service - Clam AntiVirus userspace daemon Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor preset: enabled) Drop-In: /etc/systemd/system/clamav-daemon.service.d └─extend.conf Active: inactive (dead) Condition: start condition failed at Fri 2022-09-30 11:52:07 CEST; 2min 17s ago └─ ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc} was not met Docs: man:clamd(8) man:clamd.conf(5) https://docs.clamav.net/ sept. 30 10:00:43 amon systemd[1]: Condition check resulted in Clam AntiVirus userspace daemon being skipped. sept. 30 10:00:45 amon systemd[1]: /lib/systemd/system/clamav-daemon.service:12: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether.
#8 Updated by Joël Cuissinat about 1 year ago
- Description updated (diff)
#9 Updated by Laurent Gourvenec 12 months ago
- Assigned To set to Philippe Caseiro
#10 Updated by Laurent Gourvenec 12 months ago
- Due date set to 01/01/2024
- Target version set to Carnet Cadoles
- Start date set to 10/01/2022
#11 Updated by Ludwig Seys 12 months ago
- Status changed from Nouveau to Résolu
#12 Updated by Joël Cuissinat 12 months ago
- Status changed from Résolu to En cours
Je précise que le "ne rien faire" mentionné dans le scénario concerne uniquement la 2.8.1.
#13 Updated by Gilles Grandgérard 12 months ago
- Story points changed from 2.0 to 3.0
#14 Updated by Ludwig Seys 11 months ago
- Status changed from En cours to Résolu
#15 Updated by Joël Cuissinat 11 months ago
- Status changed from Résolu to Terminé (Sprint)
- Release changed from Carnet de produit (Cadoles) to EOLE 2.9.0
#16 Updated by Joël Cuissinat 11 months ago
- Target version changed from Carnet Cadoles to Livraison Cadoles 30/11/2022