mahara-contributors team mailing list archive
-
mahara-contributors team
-
Mailing list archive
-
Message #47062
[Bug 1754560] [NEW] ClamAV messages misleading
Public bug reported:
Mahara: 17.10.2
OS: Ubuntu 16.04
DB: Postgres
Browser: n/a
ClamAV is catching files with viruses. Great!
But, the messages it's generating are quite misleading.
====================================================================
The system message (in inbox) it generates is:
On 9/03/2018, 1:26 PM, "ePortfolios" <noreply@xxxxxxxxxxxxxx> wrote:
You have been sent a notification from ePortfolios. Message follows:
------------------------------------------------------------------------
Subject: ePortfolios :: ClamAV notification
ClamAV has failed to run. The return error message was An error occurred. Here
is the output from ClamAV:
ERROR: Can't access file
/var/lib/sitedata/temp/import/12061/extract/Portfolio.docx
----------- SCAN SUMMARY -----------
Infected files: 0
Total errors: 1
Time: 0.165 sec (0 m 0 s)
The file has been moved to a quarantine directory.
------------------------------------------------------------------------
====================================================================
When in fact, it did catch the file and quarantined it:
-rw-r--r-- 1 www-data www-data 106K Mar 9 02:26
20180309132649-user-0-infected
====================================================================
And, in the error log file, the following is logged:
Mar 9 13:26:50 0c200fda6b66 mahara: 2018/03/09 13:26:50 [error] 195#195:
*4511 FastCGI sent in stderr: "PHP message: [DBG] e4 (lib/uploadmanager.php:452) Clam AV has found a file that is infected with a virus. It was uploaded by . The original file path of the infected file was /var/lib/sitedata/temp/import/12062/extract/Portfolio.docx.
The file has been moved to a quarantine directory and the new path is /var/lib/sitedata/quarantine/20180309132649-user-0-infected
#012PHP message: [WAR] e4 (import/file/lib.php:58) Your administrator has enabled virus checking for file uploads but has misconfigured something. Your file upload was NOT successful. Your administrator was notified so they can fix it. Maybe try uploading this file later.
#012PHP message: Call stack (most recent first):
#012PHP message:
* PluginImportFile->verify_file_contents() at /var/www/site/import/file/lib.php:37#012PHP message:
* PluginImportFile->process() at /var/www/site/api/xmlrpc/lib.php:514#012PHP message:
* send_content_ready(string(size 40), string(size 8), string(size 4), array(size 4), integer) at /var/www/site/api/xmlrpc/lib.php:115#012PHP message:
* api_dummy_method(string(size 43), array(size 5), string(size 18)) at Unknown:0#012PHP message:
* xmlrpc_server_call_method(resource(#23), string(size 1668), string(size 18), array(size 1)) at /var/www/site/api/xmlrpc/dispatcher.php:178#012PHP message:
* Dispatcher->__construct(string(size 1668), true, true) at /var/www/site/api/xmlrpc/server.php:122#012PHP message:" while reading response header from upstream, client: xxx.xxx.xxx.xxx, server: eportfolio.xxx, request: "POST /api/xmlrpc/server.php HTTP/1.1", upstream: "fastcgi:
//unix:/var/run/php-fpm7.sock:", host: "eportfolio.xxx"
Which says "Your administrator has enabled virus checking for file
uploads but has misconfigured something" (and this is what appears to
the user).
But, the virus checking is not misconfigured. It's actually working.
====================================================================
1. The message displayed to the user needs to reflect the correct
activity - that their file has been a virus and that they really should
not try to upload it at a later time.
2. The message logged in the log file should include the new (updated)
message from 1.
3. The SCAN SUMMARY is also incorrect. 'Infected files' is 0 and 'Total
errors' is 1. When it should be the other way around.
** Affects: mahara
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1754560
Title:
ClamAV messages misleading
Status in Mahara:
New
Bug description:
Mahara: 17.10.2
OS: Ubuntu 16.04
DB: Postgres
Browser: n/a
ClamAV is catching files with viruses. Great!
But, the messages it's generating are quite misleading.
====================================================================
The system message (in inbox) it generates is:
On 9/03/2018, 1:26 PM, "ePortfolios" <noreply@xxxxxxxxxxxxxx> wrote:
You have been sent a notification from ePortfolios. Message follows:
------------------------------------------------------------------------
Subject: ePortfolios :: ClamAV notification
ClamAV has failed to run. The return error message was An error occurred. Here
is the output from ClamAV:
ERROR: Can't access file
/var/lib/sitedata/temp/import/12061/extract/Portfolio.docx
----------- SCAN SUMMARY -----------
Infected files: 0
Total errors: 1
Time: 0.165 sec (0 m 0 s)
The file has been moved to a quarantine directory.
------------------------------------------------------------------------
====================================================================
When in fact, it did catch the file and quarantined it:
-rw-r--r-- 1 www-data www-data 106K Mar 9 02:26
20180309132649-user-0-infected
====================================================================
And, in the error log file, the following is logged:
Mar 9 13:26:50 0c200fda6b66 mahara: 2018/03/09 13:26:50 [error] 195#195:
*4511 FastCGI sent in stderr: "PHP message: [DBG] e4 (lib/uploadmanager.php:452) Clam AV has found a file that is infected with a virus. It was uploaded by . The original file path of the infected file was /var/lib/sitedata/temp/import/12062/extract/Portfolio.docx.
The file has been moved to a quarantine directory and the new path is /var/lib/sitedata/quarantine/20180309132649-user-0-infected
#012PHP message: [WAR] e4 (import/file/lib.php:58) Your administrator has enabled virus checking for file uploads but has misconfigured something. Your file upload was NOT successful. Your administrator was notified so they can fix it. Maybe try uploading this file later.
#012PHP message: Call stack (most recent first):
#012PHP message:
* PluginImportFile->verify_file_contents() at /var/www/site/import/file/lib.php:37#012PHP message:
* PluginImportFile->process() at /var/www/site/api/xmlrpc/lib.php:514#012PHP message:
* send_content_ready(string(size 40), string(size 8), string(size 4), array(size 4), integer) at /var/www/site/api/xmlrpc/lib.php:115#012PHP message:
* api_dummy_method(string(size 43), array(size 5), string(size 18)) at Unknown:0#012PHP message:
* xmlrpc_server_call_method(resource(#23), string(size 1668), string(size 18), array(size 1)) at /var/www/site/api/xmlrpc/dispatcher.php:178#012PHP message:
* Dispatcher->__construct(string(size 1668), true, true) at /var/www/site/api/xmlrpc/server.php:122#012PHP message:" while reading response header from upstream, client: xxx.xxx.xxx.xxx, server: eportfolio.xxx, request: "POST /api/xmlrpc/server.php HTTP/1.1", upstream: "fastcgi:
//unix:/var/run/php-fpm7.sock:", host: "eportfolio.xxx"
Which says "Your administrator has enabled virus checking for file uploads but has misconfigured something" (and this is what appears to the user).
But, the virus checking is not misconfigured. It's actually working.
====================================================================
1. The message displayed to the user needs to reflect the correct
activity - that their file has been a virus and that they really
should not try to upload it at a later time.
2. The message logged in the log file should include the new (updated)
message from 1.
3. The SCAN SUMMARY is also incorrect. 'Infected files' is 0 and
'Total errors' is 1. When it should be the other way around.
To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1754560/+subscriptions
Follow ups
