CLAM AV: can it be disabled?
185 views
Skip to first unread message
davstev
Jan 14, 2015, 11:44:40 AM1/14/15
to archiv...@googlegroups.com
We are starting to use Archivematica and we encountered an issue with our inability to proceed past the Virus Check, CLAM AV, with a number of our test files. We are still looking into the cause of this, but for now we are wondering if it is possible to deactive CLAM AV for our current testing, simply to proceed with our processing. If so, can someone please tell us how this deactivation is done?
If it is possible to disable CLAM AV, assuming there are no viruses (note: we are scanning for viruses prior to Archivematica), will the deactivation of CLAM AV negatively affect the Archivematica workflow?
One possibility is that CLAM AV is catching something inherent to the files: asian language characters in the metadata or in the file contents itself? Still investigating this.
Thank You,
David
If it is possible to disable CLAM AV, assuming there are no viruses (note: we are scanning for viruses prior to Archivematica), will the deactivation of CLAM AV negatively affect the Archivematica workflow?
One possibility is that CLAM AV is catching something inherent to the files: asian language characters in the metadata or in the file contents itself? Still investigating this.
Thank You,
David
Sarah Romkey
Jan 14, 2015, 4:30:56 PM1/14/15
to archiv...@googlegroups.com
Hi David,
There isn't a way to do this through the UI- you can change the configuration for quarantine, but you can't skip the virus scan altogether. Virus scan is also not controlled by the Format Policy Registry, otherwise you would be able to create a rule telling your dashboard not to scan certain types of files.I'm more concerned though with the fact that clamAV is telling you there are viruses where there presumably are not. Would you mind copying and pasting the error message into this thread? Be sure to expand "show arguments" please.
Cheers,
Sarah
--
You received this message because you are subscribed to the Google Groups "archivematica" group.
To unsubscribe from this group and stop receiving emails from it, send an email to archivematic...@googlegroups.com.
To post to this group, send email to archiv...@googlegroups.com.
Visit this group at http://groups.google.com/group/archivematica.
For more options, visit https://groups.google.com/d/optout.
davstev
Jan 14, 2015, 5:06:32 PM1/14/15
to archiv...@googlegroups.com
Hi Sarah,
Thanks for your prompt reply.
I attach here five screenshots.
Note that they are varied file types, and that while some of them have odd characters, punctuation and diacritics in the file names (presumably an awkward translation from asian characters), other files that erred had more normal file names (i.e. "8.jpg").
Thanks,
David
Misty De Meo
Jan 14, 2015, 5:14:39 PM1/14/15
to archiv...@googlegroups.com
Hi, David,
What version of Archivematica are you using?We made a change to the way that ClamAV is called in Archivematica 1.1 which should fix this bug; the screenshots you attached look like they come from Archivematica 1.0. Would it be possible for you to install a newer release and see if it resolves the problem?
Best,
Misty
--
davstev
Jan 14, 2015, 5:22:11 PM1/14/15
to archiv...@googlegroups.com
Thanks, Misty,
Again, thanks for the quick reply.
Yes, we are using an earlier version (0.9 or 1.0) and it did occur to us that we might resolve this by updating.
We'll do that and let you know if it corrects the issue.
regards,
David
Sarah Romkey
Jan 14, 2015, 5:28:48 PM1/14/15
to archiv...@googlegroups.com
Oh great, please do let us know how that goes. You'll find version 1.3 much more feature-packed than 0.9 too! Feel free to post if you have any further questions.
Cheers,
Sarah
Cheers,
Sarah
Nico Poppelier
Mar 13, 2020, 1:10:33 PM3/13/20
to archivematica
This discussion is 5 years old, but I have the same question: can an option be added to Archivematica such that virus checking can be configured and/or disabled via the GUI? We are running some experiments with Archivematica at the moment. Since virus checking is already operational on all file systems from which we initiate transfers, why do an extra check during the transger?
Regards,
Nico Poppelier
University Medical Centre Utrecht
Op woensdag 14 januari 2015 17:44:40 UTC+1 schreef davstev:
Sarah Romkey
Mar 13, 2020, 2:54:49 PM3/13/20
to archiv...@googlegroups.com
Hi Nico,
An issue has been filed for this but it's currently unsponsored: https://github.com/archivematica/Issues/issues/869
We'd be happy to review a pull request for code to add this, or you could get in touch with Artefactual Systems on sponsoring development of the feature.
Cheers,
Sarah
--
You received this message because you are subscribed to the Google Groups "archivematica" group.
To unsubscribe from this group and stop receiving emails from it, send an email to archivematic...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/archivematica/737dfd20-c058-4d42-9e23-a1a152d3272d%40googlegroups.com.
Karl Goetz
Mar 16, 2020, 1:25:32 AM3/16/20
to archiv...@googlegroups.com
Hi Nico,
Does the pre-ingest virus scan happen on the AM server or before it reaches? If before you could probably replace the clamav binary with a dummy.
Its not graphical but is one off.
Thanks,
Karl.
From: archiv...@googlegroups.com <archiv...@googlegroups.com> on behalf of Nico Poppelier <n.pop...@xs4all.nl>
Sent: Saturday, 14 March 2020 4:10 AM
To: archivematica <archiv...@googlegroups.com>
Subject: [archivematica] Re: CLAM AV: can it be disabled?
Sent: Saturday, 14 March 2020 4:10 AM
To: archivematica <archiv...@googlegroups.com>
Subject: [archivematica] Re: CLAM AV: can it be disabled?
--
You received this message because you are subscribed to the Google Groups "archivematica" group.
To unsubscribe from this group and stop receiving emails from it, send an email to archivematic...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/archivematica/737dfd20-c058-4d42-9e23-a1a152d3272d%40googlegroups.com.
You received this message because you are subscribed to the Google Groups "archivematica" group.
To unsubscribe from this group and stop receiving emails from it, send an email to archivematic...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/archivematica/737dfd20-c058-4d42-9e23-a1a152d3272d%40googlegroups.com.
University of Tasmania Electronic Communications Policy (December, 2014).
This email is confidential, and is for the intended recipient only. Access, disclosure, copying, distribution, or reliance on any of it by anyone outside the intended recipient organisation is prohibited and may be a criminal offence. Please delete if obtained
in error and email confirmation to the sender. The views expressed in this email are not necessarily the views of the University of Tasmania, unless clearly intended otherwise.
Nico Poppelier
Mar 16, 2020, 6:52:45 AM3/16/20
to archiv...@googlegroups.com
Hi Karl,
The virus scan is a mandatory part of
the Transfer workflow. The quickest way to disable it is a
one-line patch in
/usr/lib/archivematica/MCPClient/clientScripts/archivematica_clamscan.py:
--- archivematica_clamscan.py.orig
2020-03-15 16:43:47.983843009 +0100
+++ archivematica_clamscan.py 2020-03-15 16:43:20.056270724 +0100
@@ -304,6 +304,7 @@
def scan_file(event_queue, file_uuid, path, date, task_uuid):
+ return 0
if file_already_scanned(file_uuid):
logger.info("Virus scan already performed, not running scan again")
return 0
+++ archivematica_clamscan.py 2020-03-15 16:43:20.056270724 +0100
@@ -304,6 +304,7 @@
def scan_file(event_queue, file_uuid, path, date, task_uuid):
+ return 0
if file_already_scanned(file_uuid):
logger.info("Virus scan already performed, not running scan again")
return 0
It would be nicer to do: if not
configuration['scan_for_viruses']: return 0, but there is no
configuration for this (yet).
Regards, Nico
Op 16-03-2020 om 06:25 schreef Karl
Goetz:
Karl Goetz
Mar 18, 2020, 5:43:03 AM3/18/20
to archiv...@googlegroups.com
Hi Nico,
My question was supposed to be framed as "When doing your virus scanning, is it being performed on a separate server or the archivematica server?".
If scanning happens off server clamav can be stubbed so it always returns true (depends if you'd rather change the system or archivematica I guess).
Agree it would be good not to enforce it.
thanks,
kk
From: archiv...@googlegroups.com <archiv...@googlegroups.com> on behalf of Nico Poppelier <n.pop...@xs4all.nl>
Sent: Monday, 16 March 2020 9:52 PM
To: archiv...@googlegroups.com <archiv...@googlegroups.com>
Subject: Re: [archivematica] Re: CLAM AV: can it be disabled?
To: archiv...@googlegroups.com <archiv...@googlegroups.com>
Subject: Re: [archivematica] Re: CLAM AV: can it be disabled?
--
You received this message because you are subscribed to the Google Groups "archivematica" group.
To unsubscribe from this group and stop receiving emails from it, send an email to archivematic...@googlegroups.com.
To unsubscribe from this group and stop receiving emails from it, send an email to archivematic...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/archivematica/fd1b7f6b-5e72-1a59-297c-0c2214b00e64%40xs4all.nl.
Ross Spencer
Mar 18, 2020, 9:02:58 AM3/18/20
to archivematica
There is some information in the Archivematica docs that might be helpful here. You should be able to set one or more of these settings in ClamAV itself to 0MB and you'll effectively turn off scanning. You can see via the two matrices the effect on PREMIS output: https://www.archivematica.org/en/docs/archivematica-1.10/user-manual/transfer/scan-for-viruses/#exploring-clamav-settings working with Clam's environment variables will also provide greater control through deployment scripts such as Ansible. The impact of modifying code in-place is that it might impact future upgrade paths and may also produce undesirable output in METS, for example, in the docs, we want to make sure folk aren't seeing false information reported. But of course worth playing around with to see what works for you.
All the best,
Ross
On Wednesday, March 18, 2020 at 5:43:03 AM UTC-4, Karl Goetz wrote:
Hi Nico,My question was supposed to be framed as "When doing your virus scanning, is it being performed on a separate server or the archivematica server?".
If scanning happens off server clamav can be stubbed so it always returns true (depends if you'd rather change the system or archivematica I guess).
Agree it would be good not to enforce it.
thanks,kk
From: archiv...@googlegroups.com <archivematica@googlegroups.com> on behalf of Nico Poppelier <n.pop...@xs4all.nl>
Sent: Monday, 16 March 2020 9:52 PM
Subject: Re: [archivematica] Re: CLAM AV: can it be disabled?
Hi Karl,
The virus scan is a mandatory part of the Transfer workflow. The quickest way to disable it is a one-line patch in/usr/lib/archivematica/MCPClient/clientScripts/archivematica_clamscan.py:
--- archivematica_clamscan.py.orig 2020-03-15 16:43:47.983843009 +0100
+++ archivematica_clamscan.py 2020-03-15 16:43:20.056270724 +0100
@@ -304,6 +304,7 @@
def scan_file(event_queue, file_uuid, path, date, task_uuid):
+ return 0
if file_already_scanned(file_uuid):
logger.info("Virus scan already performed, not running scan again")
return 0
It would be nicer to do: if not configuration['scan_for_viruses']: return 0, but there is no configuration for this (yet).
Regards, Nico
Op 16-03-2020 om 06:25 schreef Karl Goetz:
Hi Nico,Does the pre-ingest virus scan happen on the AM server or before it reaches? If before you could probably replace the clamav binary with a dummy.Its not graphical but is one off.
Thanks,
Karl.
From: archiv...@googlegroups.com <archivematica@googlegroups.com> on behalf of Nico Poppelier <n.pop...@xs4all.nl>
Sent: Saturday, 14 March 2020 4:10 AM
To: archivematica <archivematica@googlegroups.com>
Subject: [archivematica] Re: CLAM AV: can it be disabled?
This discussion is 5 years old, but I have the same question: can an option be added to Archivematica such that virus checking can be configured and/or disabled via the GUI? We are running some experiments with Archivematica at the moment. Since virus checking is already operational on all file systems from which we initiate transfers, why do an extra check during the transger?
Regards,
Nico PoppelierUniversity Medical Centre Utrecht
Op woensdag 14 januari 2015 17:44:40 UTC+1 schreef davstev:We are starting to use Archivematica and we encountered an issue with our inability to proceed past the Virus Check, CLAM AV, with a number of our test files. We are still looking into the cause of this, but for now we are wondering if it is possible to deactive CLAM AV for our current testing, simply to proceed with our processing. If so, can someone please tell us how this deactivation is done?
If it is possible to disable CLAM AV, assuming there are no viruses (note: we are scanning for viruses prior to Archivematica), will the deactivation of CLAM AV negatively affect the Archivematica workflow?
One possibility is that CLAM AV is catching something inherent to the files: asian language characters in the metadata or in the file contents itself? Still investigating this.
Thank You,
David
--
You received this message because you are subscribed to the Google Groups "archivematica" group.
To unsubscribe from this group and stop receiving emails from it, send an email to archivematica+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/archivematica/fd1b7f6b-5e72-1a59-297c-0c2214b00e64%40xs4all.nl.
Nico Poppelier
Mar 18, 2020, 11:36:08 AM3/18/20
to archiv...@googlegroups.com
Hi Ross and Karl,
The method via the ClamAV settings is
of course superior. I agree that patching Python scripts is not
the right way, but for our temporary and so far purely
experimental setup it works fine.
As for Karl's question: virus scanning
is performed on a separate server before Transfer/Ingest.
Thanks for taking the time to answer my
question.
Nico
Op 18-03-2020 om 14:02 schreef Ross
Spencer:
Reply all
Reply to author
Forward
0 new messages