Please can the Nethesis team consider having some sort of “status dashboard” for their products.
This problem with ClamAV must be affecting lots of people and has caused some users to install packages that have broken their systems. If Nethesis could have a status pages of “current issues” and what’s being done to fix them it might help prevent users damaging their systems.
It seems to me as though the ClamAV issue is due to upstream software, which requires a fix from upstream that will eventually be rolled out to Nethserver. My solution is to “wait for the fix and delete the spam email”.
@bobtskutter, don’t get me wrong, but a status page is meant to report incidents that have an impact on the availability of a service.
In this case, there have been no availability issues.
While annoying, we simply have received a lot of emails about a “supposed” non-existent problem, think of that like spam.
I didn’t like that spam, I tried to avoid the issue and find a way to protect us from future mistakes.
The only option that came to my mind needs a lot of resources and I think that we could work together with “upstream” to avoid future problems.
What commands did you run exactly for this solution?
You say you followed upgrade instructions for 6.1, downloaded files, and copied files into right directories, but I don’t see those instructions there. I ran the following commands as it shows, and I still get the email message;
Then copied clamav-unofficial-sigs.sh to /usr/sbin and master.conf to /etc/clamav-unofficial-sigs.
After that i had to do sh /usr/sbin/clamav-unofficial-sigs.sh --force
it seems good so far. But this problem after the dayly virusscan is the same like yesterday:
Scan Jan 27 12:30:01 2020
Scanned Folder: //var/lib/clamav/rfxn.yara: Php.Exploit.C99-23 FOUND
/var/lib/clamav-unofficial-sigs/dbs-lmd/sigpack.tgz: Php.Exploit.C99-23 FOUND
/var/lib/clamav-unofficial-sigs/dbs-lmd/rfxn.yara: Php.Exploit.C99-23 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 6561649
Engine version: 0.101.5
Scanned directories: 25608
Scanned files: 147292
Infected files: 3
Data scanned: 21736.71 MB
Data read: 16733.96 MB (ratio 1.30:1)
Time: 1975.858 sec (32 m 55 s)
Is that a real virus or a mistake related to the problem?
The community is aware about epel update issues, but not really when we have tested the upgrade and seen a broken rpm. One recent example, fail2ban was broken by the email notification action, the service was down after the upgrade.
Imagine the number of rpm tests we have to do.
When the update comes from epel-testing, we have 15days to test and report.
This is not relevant to nethserver, but also valid for any centos/rhel products
What is not working for you? The upstream fix? Are you sure you have installed the right RPM?
Other upstream users are reporting that everything has been fixed with the package from epel-testing.
No, I can’t reproduce on a clean machine. Are you sure the subscription is still valid?
Since this is not relevant to this thread, feel free to open a new one or send me a private message if you think that you have problems with a valid subscription.
Scan Jan 28 12:30:01 2020
Scanned Folder: //var/lib/clamav/rfxn.yara: Php.Exploit.C99-23 FOUND
/var/lib/clamav-unofficial-sigs/dbs-lmd/sigpack.tgz: Php.Exploit.C99-23 FOUND
/var/lib/clamav-unofficial-sigs/dbs-lmd/rfxn.yara: Php.Exploit.C99-23 FOUND