FSPMS 10.10 and FSAUA on Debian 6.0 - default fsavupd problem

I have instlled FSPMS 10.10 on Linux Debian 6.0

The automatic update agent doesn't work as instended.

in /etc/crontab I have this line :

*/30 * * * * fspms /opt/f-secure/fspms/bin/fsavupd

It doesn't seem to work.

so now I tried to launch it manually to see what went wrong

su fspms

/opt/f-secure/fsaua/bin/fsauasc -vv -m pms -u -t /etc/opt/f-secure/fspms/fspms-fsauasc.conf -d /var/opt/f-secure/fspms/logs/fspms-fsauasc.state

here is the output

avmisc seems to be non extract
Couldn't connect AUA

So I tied with another user : fsaua

su fsaua  -s /bin/bash

/opt/f-secure/fsaua/bin/fsauasc -vv -m pms -u -t /etc/opt/f-secure/fspms/fspms-fsauasc.conf -d /var/opt/f-secure/fspms/logs/fspms-fsauasc.state

then it works

avmisc seems to be non extract
Sending registeration
Asking latest segmentation rules
Sending update request for avmisc version 0
Sending update request for BLENG version 0
Sending update request for gemdb version 0
Sending update request for hipscfg version 0
Sending update request for idsdb version 0
Sending update request for SCDB3 version 0
Sending update request for SCDB31 version 0
Sending update request for hydrawin version 0
Sending update request for hydralinux version 0
...

 8: -q
Failed
Download complete for hydralinux version 1367322229, OK
Republishing update...running /opt/f-secure/fsaus/bin/bwadmin with args:
 0: /opt/f-secure/fsaus/bin/bwadmin
 1: addsubchannel
 2: -name
 3: DB Updates
 4: -q
running /opt/f-secure/fsaus/bin/bwadmin with args:
 0: /opt/f-secure/fsaus/bin/bwadmin
 1: addexpgroup
 2: -scname
 3: DB Updates
 4: -name
 5: Main
 6: -q
running /opt/f-secure/fsaus/bin/bwadmin with args:
 0: /opt/f-secure/fsaus/bin/bwadmin
 1: set_segrules
 2: -path
 3: /tmp/fsauasc_7ee2_segrules
 4: -q
running /opt/f-secure/fsaus/bin/bwadmin with args:
 0: /opt/f-secure/fsaus/bin/bwadmin
 1: add_prs
 2: -scname
 3: DB Updates
 4: -egname
 5: Main
 6: -localdir
 7: /tmp/fsauasc_7ee2
 8: -q
Failed
Last AUA status code: 0
All finished, 23 new updates
fsaua@fspms1:/home/toto$ echo $?
0

So, something must be wrong somewhere in the fsavupd script ?

Is this script still supposed to be launched by the user fspms , if this is the case what can be wrong in my installation ? Some files/directories ownerships ?

If now it shoud be executed by the user fsaua then the fsavupd script is wrong and so is the crontab command

does anybody has the same thing ? or a workaround ?

my packages versions are :

f-secure-automatic-update-agent_8.26.5592_i386.deb
f-secure-policy-manager-server_10.10.45186_amd64.deb

Find more posts tagged with

Comments

Peter

If Policy Manager Console indicates virus updates are not available (N/A), something is still wrong in that if the updates are downloaded, they are not being published to the Automatic Update Server for whatever reason.

1. Verify updates are being downloaded by Automatic Update Agent by checking the relevant logfile: /var/opt/f-secure/fsaua/fsaua.log

2. If AUA is downloading updates, try republishing the updates manually using the following command and paste the output of /tmp/fsavupd.log to this thread:

# sudo -u fspms /opt/f-secure/fspms/bin/fsavupd --debug &> /tmp/fsavupd.log

Related to previous item, you should have an entry for executing fsavupd every x minutes in /etc/crontab:

*/30 * * * * fspms /opt/f-secure/fspms/bin/fsavupd

FRAK

Hi Chrissy_T,

I just checked and everything is working well untill now.

My system checks the virus definitions updates regularily.

Just a little follow-up you may help me on :

on fspmc (linux debian) connected to fspms (debian ) , I can't see the virus definition version on the server (il always show up in red as N/D ), is there a solution for that ?

Best regards.

Chrissy

Hi FRAK!

Thanks for updating us on how you solved your problem!

Did you still require some information from us, or is everything now clear?

// Chrissy

F-Secure Community Manager

FRAK

Important Note :

In my first post, I said that when I execute fsavupd as user fsaua it works. BUT this was a mistake, it only download the latest virus definitions but it doesn't ditribute it to the fspms clients.

The permissions change indicated in my latest post was the right solution.

FRAK

I think I found my problem.

It was actually a permission problem. I remember thet I once executed fsauasc... (the command executed bu fsavupd) as root user !! which worked, but this is BAD! bbecause it did change some file permissions.

To see what was wrong, I ran a strace on fsavupd to see what was the cause of

>ls -al /var/opt/f-secure/fspms/logs/fspms-fsauasc.state

--> -rw------- 1 root root 442 6 mai 06:05 /var/opt/f-secure/fspms/logs/fspms-fsauasc.state

it was root.root so I made a change :

>chown fspms /var/opt/f-secure/fspms/logs/fspms-fsauasc.state

and because of the AUA connect error, I checked this

>ls -al /var/opt/f-secure/fsaua//run/fsaua_socket

--> srw-rw-rw- 1 fsaua fsc 0 30 avril 13:59 /var/opt/f-secure/fsaua//run/fsaua_socket

so I added a group fsc to the user fspms ... (not sure it is compulsory) ?

>usermod -a -G fsc fspms

Since then it seems to work flawlessly

Could you please let me know who should be member of the group fsc ? fsaua , fspms, both

Because after my installation, only fsaua has fsc as its primary group , no other member to fsc (is this the expected behaviour ?)

Best regards.

Peter

Hi,

Looks like an issue with missing permissions and AUA or the Automatic Update Agent fails to start because it's unable to access the files it needs. Please verify /var/opt/f-secure/fsaua folder is owned by the user: fsaua, group:fsc (fsaua.fsc) and if needed, adjust these using chown.

Once done, try stopping/starting the fsaua daemon:

# /etc/init.d/fsaua stop

# /etc/init.d/fsaua start

If this fails to resolve the issue, I'd recommend creating a support ticket, so we can have a closer look at the system.