Opened 12 years ago
Last modified 12 years ago
#590 closed enhancement
Problems with active McAfee Virus Scanner — at Initial Version
Reported by: | mopp | Owned by: | Bruno Cornec |
---|---|---|---|
Priority: | normal | Milestone: | 3.0.2 |
Component: | mondo | Version: | 3.0.1 |
Severity: | normal | Keywords: | McAfee Scanner Blocked Files |
Cc: |
Description
This problem is not really a mondo problem. But the McAfee scanner blocks in my default configuration certain files, which makes it impossible to create a backup. McAfee doesn't like some files in the tar archive. The problem cannot be solved by mondo, but my idea would be to write a big warning message into a log file.
Here are my error messages on SLES 11 SP1 with McAfee on access scanner. These messages are shown in the McAfee console: The file is a Block/Char/FIFO special file object=/usr/lib64/mindi/rootfs/vc.tgz, reason=NotScanned, uid=root, programPath=/bin/cp scanType=File The file is a Block/Char/FIFO special file object=/usr/lib64/mindi/rootfs/rd.tgz, reason=NotScanned, uid=root, programPath=/bin/cp scanType=File The file is a Block/Char/FIFO special file object=/usr/lib64/mindi/rootfs/raw.tgz, reason=NotScanned, uid=root, programPath=/bin/cp scanType=File The file is a Block/Char/FIFO special file object=/usr/lib64/mindi/rootfs/nst.tgz, reason=NotScanned, uid=root, programPath=/bin/cp scanType=File The file is a Block/Char/FIFO special file object=/usr/lib64/mindi/rootfs/ida.tgz, reason=NotScanned, uid=root, programPath=/bin/cp scanType=File The file is a Block/Char/FIFO special file object=/usr/lib64/mindi/rootfs/dm.tgz, reason=NotScanned, uid=root, programPath=/bin/cp scanType=File The file is a Block/Char/FIFO special file object=/usr/lib64/mindi/rootfs/dev/dev-entries.tgz, reason=NotScanned, uid=root, programPath=/bin/cp scanType=File The file is a Block/Char/FIFO special file object=/usr/lib64/mindi/rootfs/cciss.tgz, reason=NotScanned, uid=root, programPath=/bin/cp scanType=File The file is a Block/Char/FIFO special file object=/usr/lib64/mindi/rootfs/ataraid.tgz, reason=NotScanned, uid=root, programPath=/bin/cp scanType=File The file is a Block/Char/FIFO special file object=/var/cache/mondo.scratch.18997/mondo.scratch.3166/images/all.tar.gz, reason=NotScanned, uid=root, programPath=gzip scanType=File The file is a Block/Char/FIFO special file object=/var/cache/mondo.scratch.18665/mondo.scratch.11691/images/all.tar.gz, reason=NotScanned, uid=root, programPath=gzip scanType=File
One idea to improve the error handling could be to run this script during the sanity check. if [ $(cat /proc/linuxshield/enabled 2>/dev/null) = "1" ]; then
echo "McAfee LinuxShield is enabled. McAfee might block access to certain special files." echo "Check in /var/opt/NAI/LinuxShield/etc/nailsd.cfg for 'nailsd.profile.OAS.action.error: Block'" echo "You have two options:" echo "Exclude all directories with special files (check McAfee System Events Log)" echo "Disable the scanner during the backup"
fi
Another idea would be to do a simple check if the *.tgz files in /usr/lib64/mindi/rootfs/ are readable. My McAfee version blocks the access to the files. They are not readable.
There are some other virus protection tools available, which might cause the same problem.