Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-78442

clamAV gets wrong path for MoodleNet files by Moodle

    XMLWordPrintable

Details

    • MOODLE_311_STABLE, MOODLE_401_STABLE, MOODLE_402_STABLE

    Description

      When transferring a file via Moodlenet, clamAV reports a virus detection.

      We suspect that this is a bug.
      The error can be reproduced with the following constellation:

      Settings for clamAV:
      unixsocket (not TCP)
      clamAV is executed as user clamav.
      This user is in the group www-data and vice versa, www-data is in the group clamav.

      In Moodle the procedure:

      1. Login to your website
      2. Open course
      3. Enable edit mode
      4. click "add an activity or resource"
      5. Select MoodleNet (should be at the bottom of the window)
      6. Follow steps and upload
      7. Get error:

      We get the following error:
      In clamAV:

      xxx/moodledata/temp/yidR/64706f63d126d/64706f63d1bc0/01H14ZTHP6JJWX2RNM9Z02B71C.h5p: File path check failure: Permission denied. ERROR
      xxx/moodledata/temp/yidR/64706f63d126d/64706f63d1bc0/01H14ZTHP6JJWX2RNM9Z02B71C.h5p: File path check failure: Permission denied. ERROR
      xxx/moodledata/temp/yidR/64706f63d126d/64706f63d1bc0: OK

       

      Error message in Moodle with debug mode:

      Notice: sha1_file(): read of 8192 bytes failed with errno=21 Is a directory in /home/vhosts/moodle/xxx/public_html/lib/filestorage/file_storage.php on line 2455
       
      Warning: unlink(/home/vhosts/moodle/xxx/moodledata/temp/BZfY/648318f8c4597/648318f8c4fd3): Is a directory in /home/vhosts/moodle/xxx/public_html/lib/classes/antivirus/manager.php on line 124

       

      The error indicates that it is trying to scan a folder.
      ClamAV seems to expect the file.

      We did further testing to see if the permission might be incorrect.
      We were able to disprove this by using the command line to check the scan directly during the upload.

       

      Workaround:

      When switching from unixsocket to TCP, the upload works, but we fear performance losses with this setting.

      Workaround 2:

      run clamav as root.
      There are safety concerns with this.

      Attachments

        Activity

          People

            Unassigned Unassigned
            Mephisto Serhat Saman
            Votes:
            3 Vote for this issue
            Watchers:
            11 Start watching this issue

            Dates

              Created:
              Updated:

              Clockify

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.