...
This will be useful when you are configuring the additional steps for anti-virus scanning.
Common Issues
The command line virus scanner is not compatible with Attachment Checker
Symptoms | An infected attachment uploaded but not detected by the Attachment Checker |
---|
Root cause | Attachment Checker have following requirements on 3rd party command line virus scanners - The scanner should allow scanning of a single file
- The file to be scanned should be the last parameter
- The scanner should return the exit code value 0 if there is no threat found. Other values if there is a possible infection
|
---|
Solution | You can verify that the virus scanner is compatible by trying to scan eicar.txt Tip |
---|
The EICAR test file is a computer file used to test the response of computer antivirus (AV) programs. Instead of using real malware, which could cause real damage, this test file allows people to test anti-virus software without having to use a real computer virus. |
Code Block |
---|
| [jirauser@server jirauser]$ clamscan -v /opt/normal.txt
Scanning /opt/normal.txt
----------- SCAN SUMMARY -----------
Known viruses: 6779665
Engine version: 0.100.2
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 51.530 sec (0 m 51 s)
## It will return 0 exit code if the file is safe
[jirauser@server jirauser]$ echo $?
0 |
The following example using Clamscan illustrate the different behaviour
Info |
---|
Please update the codes and clean up this page |
Code Block |
---|
title | For an infected file |
---|
| [jirauser@server jirauser]$ clamscan -v /opt/EICAR.txt
Scanning /opt/EICAR.txt
/opt/EICAR.txt: Eicar-Signature FOUND
----------- SCAN SUMMARY -----------
Known viruses: 6779665
Engine version: 0.100.2
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 51.530 sec (0 m 51 s)
## It will return a non 0 exit code when an infected file is being scanned
[jirauser@server jirauser]$ echo $?
1 |
We do maintain a list of Compatible Antivirus Command Line Scanners. If you have any virus scanners that is not in the list, we will be glad to provide assistance |
---|
The user account running Jira/Confluence does not have permission to execute the scan
Symptoms | Got the error message Code Block |
---|
[jirauser@server jirauser]$ clamscan /opt/onefile.txt
/opt/onefile.txt: Access denied. ERROR
----------- SCAN SUMMARY -----------
Infected files: 0
Total errors: 1
Time: 0.000 sec (0 m 0 s) |
|
---|
Root Cause | This is because jirauser does not have permission to execute clamscan.
|
---|
Solution | To grant permission to jirauser Code Block |
---|
usermod -a -G jirauser clamscan |
|
---|
The user account running Jira/Confluence does not have permission to read/write to
Symptoms | |
---|
Root cause | This is because user has configured the additional options to write the scan results to another directory Code Block |
---|
--log=/var/log/jira_attachment_scan.log |
The directory is not inside the Jira home directory and the user account does not have write permissions
|
---|
Solution | |
---|
Other Useful Tips
Try to enable debug mode with the following package before uploading an attachment. Then you can check if there is any error in the atlassian-jira.log
Code Block |
---|
com.akelesconsulting.jira.plugins |
Try to switch to the same user running the Jira server and then execute the same command to see if there is any errors
Code Block |
---|
su - jirauser
## example to scan /opt/jira-home/data/attachments/PROJECT/10000 using clamscan
clamscan /opt/jira-home/data/attachments/PROJECT/10000 |
...