10月 | 2012 | 自宅サーバー構築メモ(CentOS)

[root@server1 ~]# yum install phpmyadmin Loaded plugins: fastestmirror, priorities, refresh-packagekit Loading mirror speeds from cached hostfile epel/metalink | 5.0 kB 00:00 * base: www.ftp.ne.jp * centosplus: www.ftp.ne.jp * epel: ftp.jaist.ac.jp * extras: www.ftp.ne.jp * rpmforge: ftp.riken.jp * updates: www.ftp.ne.jp 117 packages excluded due to repository priority protections Setting up Install Process Resolving Dependencies --> Running transaction check ---> Package phpMyAdmin.noarch 0:3.5.2.2-1.el6 will be installed --> Processing Dependency: php-php-gettext for package: phpMyAdmin-3.5.2.2-1.el6.noarch --> Running transaction check ---> Package php-php-gettext.noarch 0:1.0.11-3.el6 will be installed --> Finished Dependency Resolution Dependencies Resolved ==================================================================================================== Package Arch Version Repository Size ==================================================================================================== Installing: phpMyAdmin noarch 3.5.2.2-1.el6 epel 4.3 M Installing for dependencies: php-php-gettext noarch 1.0.11-3.el6 epel 21 k Transaction Summary ==================================================================================================== Install 2 Package(s) Total download size: 4.3 M Installed size: 17 M Is this ok [y/N]: y Downloading Packages: (1/2): php-php-gettext-1.0.11-3.el6.noarch.rpm | 21 kB 00:00 (2/2): phpMyAdmin-3.5.2.2-1.el6.noarch.rpm | 4.3 MB 00:00 ---------------------------------------------------------------------------------------------------- Total 5.1 MB/s | 4.3 MB 00:00 Running rpm_check_debug Running Transaction Test Transaction Test Succeeded Running Transaction Installing : php-php-gettext-1.0.11-3.el6.noarch 1/2 Installing : phpMyAdmin-3.5.2.2-1.el6.noarch 2/2 Verifying : php-php-gettext-1.0.11-3.el6.noarch 1/2 Verifying : phpMyAdmin-3.5.2.2-1.el6.noarch 2/2 Installed: phpMyAdmin.noarch 0:3.5.2.2-1.el6 Dependency Installed: php-php-gettext.noarch 0:1.0.11-3.el6 Complete!

[root@server1 ~]# vi /etc/httpd/conf.d/phpMyAdmin.conf # phpMyAdmin - Web based MySQL browser written in php # # Allows only localhost by default # # But allowing phpMyAdmin to anyone other than localhost should be considered # dangerous unless properly secured by SSL Alias /phpMyAdmin /usr/share/phpMyAdmin Alias /phpmyadmin /usr/share/phpMyAdmin <Directory /usr/share/phpMyAdmin/> <IfModule mod_authz_core.c> # Apache 2.4 <RequireAny> Require ip 127.0.0.1 Require ip ::1 </RequireAny> </IfModule> <IfModule !mod_authz_core.c> # Apache 2.2 Order Deny,Allow Deny from All Allow from 127.0.0.1 Allow from ::1 Allow from 192.168.1.　　←　追加：内部ネットワークからのアクセスを許可 Allow from ***.***.***.***　　←　追加：特定の外部IPからのアクセスを許可する場合 </IfModule> </Directory> <Directory /usr/share/phpMyAdmin/setup/> <IfModule mod_authz_core.c> # Apache 2.4 <RequireAny> Require ip 127.0.0.1 Require ip ::1 </RequireAny> </IfModule> <IfModule !mod_authz_core.c> # Apache 2.2 Order Deny,Allow Deny from All Allow from 127.0.0.1 Allow from ::1 </IfModule> </Directory> # These directories do not require access over HTTP - taken from the original # phpMyAdmin upstream tarball # <Directory /usr/share/phpMyAdmin/libraries/> Order Deny,Allow Deny from All Allow from None </Directory> Apache設定反映 [root@server1 ~]# service httpd restart httpd を停止中: [ OK ] httpd を起動中: [ OK ]

今朝、freshclamが正常に動いてなくエラーになってるメールが届いた。
/etc/cron.daily/freshclam:
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
ERROR: Can’t open /var/log/clamav/freshclam.log in append mode (check permissions!).
どうもパーミッションが悪いからエラーになってるようだ。
ログのオーナーを確認

[root@server1 ~]# ll /var/log/clamav
合計 200
-rw-r--r-- 1 clamav clamav  9824 10月  1 23:52 2012 clamd.log
-rw-r--r-- 1 clam   clam   26371  9月  9 08:24 2012 clamd.log-20120909
-rw-r--r-- 1 clam   clam   26769  9月 16 08:22 2012 clamd.log-20120916
-rw-r--r-- 1 clam   clam   26828  9月 23 08:38 2012 clamd.log-20120923
-rw-r--r-- 1 clam   clam   54325  9月 30 07:07 2012 clamd.log-20120930
-rw-r--r-- 1 clamav clamav     0  9月 30 07:07 2012 freshclam.log
-rw-r--r-- 1 clam   clam    4401  9月  9 08:24 2012 freshclam.log-20120909
-rw-r--r-- 1 clam   clam    4917  9月 16 08:22 2012 freshclam.log-20120916
-rw-r--r-- 1 clam   clam    5084  9月 23 08:38 2012 freshclam.log-20120923
-rw-r--r-- 1 clam   clam    4841  9月 30 07:07 2012 freshclam.log-20120930

古いものはオーナーが clam だが新しいものは clamav になっている。
オーナーの変更

[root@server1 ~]# chown clamav:clamav /var/log/clamav/clamd*
[root@server1 ~]# chown clamav:clamav /var/log/clamav/freshclam*

再確認

[root@server1 ~]# ll /var/log/clamav
合計 200
-rw-r--r-- 1 clamav clamav 10159 10月  2 00:22 2012 clamd.log
-rw-r--r-- 1 clamav clamav 26371  9月  9 08:24 2012 clamd.log-20120909
-rw-r--r-- 1 clamav clamav 26769  9月 16 08:22 2012 clamd.log-20120916
-rw-r--r-- 1 clamav clamav 26828  9月 23 08:38 2012 clamd.log-20120923
-rw-r--r-- 1 clamav clamav 54325  9月 30 07:07 2012 clamd.log-20120930
-rw-r--r-- 1 clamav clamav     0  9月 30 07:07 2012 freshclam.log
-rw-r--r-- 1 clamav clamav  4401  9月  9 08:24 2012 freshclam.log-20120909
-rw-r--r-- 1 clamav clamav  4917  9月 16 08:22 2012 freshclam.log-20120916
-rw-r--r-- 1 clamav clamav  5084  9月 23 08:38 2012 freshclam.log-20120923
-rw-r--r-- 1 clamav clamav  4841  9月 30 07:07 2012 freshclam.log-20120930

freshclam を使用して VirusDB をアップデート

[root@server1 ~]# freshclam
ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!).
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).

やはりエラーになり、アップデート出来ない。
/etc/freshclam.conf を確認。
DatabaseOwner が clam になってたので clamav に直す。

[root@server1 ~]# vi /etc/freshclam.conf
# By default when started freshclam drops privileges and switches to the
# "clamav" user. This directive allows you to change the database owner.
# Default: clamav (may depend on installation options)
DatabaseOwner clam
　　　　↓
DatabaseOwner clamav

/etc/logrotate.d/freshclam を確認。
ここは clamav だったが、clam になってたら clamav に直す。

[root@server1 ~]# vi /etc/logrotate.d/freshclam
/var/log/clamav/freshclam.log {
missingok
notifempty
create 644 clamav clamav　←　clam になってたら  clamav に直す
}

再度 VirusDB をアップデート

[root@server1 ~]# freshclam
ERROR: Can't create temporary directory /var/lib/clamav/clamav-b130a8764a48d3f68ae52c545a0a9c06
Hint: The database directory must be writable for UID 502 or GID 502

テンポラリファル/var/lib/clamav/clamav-*を作れない。
データベースのディレクトリは UID 502 または GID 502 が書き込み可能である必要がある。
というエラーが出る。
UID 502 または GID 502 を書き込み可能に変更

[root@server1 ~]# chown 502:502 /var/lib/clamav
[root@server1 ~]# chmod 755 /var/lib/clamav
として VirusDB をアップデート
[root@server1 ~]# freshclam
ClamAV update process started at Tue Oct  2 00:34:26 2012
main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)
nonblock_connect: connect timing out (30 secs)
Can't connect to port 80 of host db.jp.clamav.net (IP: 219.106.242.51)
Trying host db.jp.clamav.net (120.29.176.126)...
ERROR: Can't open /var/lib/clamav/mirrors.dat for writing
Downloading daily-15418.cdiff [100%]
ERROR: Can't open /var/lib/clamav/mirrors.dat for writing
ERROR: Can't open /var/lib/clamav/mirrors.dat for writing
Downloading daily-15419.cdiff [100%]
ERROR: Can't open /var/lib/clamav/mirrors.dat for writing
ERROR: Can't open /var/lib/clamav/mirrors.dat for writing
Downloading daily-15420.cdiff [100%]
ERROR: Can't open /var/lib/clamav/mirrors.dat for writing
daily.cld updated (version: 15435, sigs: 275855, f-level: 63, builder: neo)
bytecode.cld is up to date (version: 190, sigs: 36, f-level: 63, builder: neo)
ERROR: Can't open /var/lib/clamav/mirrors.dat for writing
Database updated (1320278 signatures) from db.jp.clamav.net (IP: 203.178.137.175)

/var/lib/clamav/mirrors.dat もオーナーが違うようだ。
なので、/var/lib/clamav/mirrors.dat もオーナー変更して VirusDB をアップデート。

[root@server1 ~]# chown clamav:clamav /var/lib/clamav/mirrors.dat
[root@server1 ~]# freshclam
ClamAV update process started at Tue Oct  2 00:36:35 2012
main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)
nonblock_connect: connect timing out (30 secs)
Can't connect to port 80 of host db.jp.clamav.net (IP: 219.106.242.51)
Downloading daily-15433.cdiff [100%]
Downloading daily-15434.cdiff [100%]
Downloading daily-15435.cdiff [100%]
daily.cld updated (version: 15435, sigs: 275855, f-level: 63, builder: neo)
bytecode.cld is up to date (version: 190, sigs: 36, f-level: 63, builder: neo)
Database updated (1320278 signatures) from db.jp.clamav.net (IP: 203.178.137.175)

アップデート出来た。とりあえずこれで様子を見てみよう。

自宅サーバー構築メモ(CentOS)

CentOS 7.0

月別アーカイブ: 2012年10月

phpMyAdminをyumでインストール

freshclam でエラー

2012年10月
月	火	水	木	金	土	日
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30	31