FSPMS 10.10 and FSAUA on Debian 6.0 - default fsavupd problem

FRAK

I have instlled FSPMS 10.10 on Linux Debian 6.0

The automatic update agent doesn't work as instended.

 

in /etc/crontab I have this line :

*/30 * * * * fspms /opt/f-secure/fspms/bin/fsavupd

It doesn't seem to work.

so now I tried to launch it manually to see what went wrong

 

su fspms

/opt/f-secure/fsaua/bin/fsauasc -vv -m pms -u -t /etc/opt/f-secure/fspms/fspms-fsauasc.conf -d /var/opt/f-secure/fspms/logs/fspms-fsauasc.state

 

 

 

here is the output

avmisc seems to be non extract
Couldn't connect AUA

 

 

 

So I tied with another user : fsaua

su fsaua  -s /bin/bash

/opt/f-secure/fsaua/bin/fsauasc -vv -m pms -u -t /etc/opt/f-secure/fspms/fspms-fsauasc.conf -d /var/opt/f-secure/fspms/logs/fspms-fsauasc.state

 then it works

 

avmisc seems to be non extract
Sending registeration
Asking latest segmentation rules
Sending update request for avmisc version 0
Sending update request for BLENG version 0
Sending update request for gemdb version 0
Sending update request for hipscfg version 0
Sending update request for idsdb version 0
Sending update request for SCDB3 version 0
Sending update request for SCDB31 version 0
Sending update request for hydrawin version 0
Sending update request for hydralinux version 0
...

 8: -q
Failed
Download complete for hydralinux version 1367322229, OK
Republishing update...running /opt/f-secure/fsaus/bin/bwadmin with args:
 0: /opt/f-secure/fsaus/bin/bwadmin
 1: addsubchannel
 2: -name
 3: DB Updates
 4: -q
running /opt/f-secure/fsaus/bin/bwadmin with args:
 0: /opt/f-secure/fsaus/bin/bwadmin
 1: addexpgroup
 2: -scname
 3: DB Updates
 4: -name
 5: Main
 6: -q
running /opt/f-secure/fsaus/bin/bwadmin with args:
 0: /opt/f-secure/fsaus/bin/bwadmin
 1: set_segrules
 2: -path
 3: /tmp/fsauasc_7ee2_segrules
 4: -q
running /opt/f-secure/fsaus/bin/bwadmin with args:
 0: /opt/f-secure/fsaus/bin/bwadmin
 1: add_prs
 2: -scname
 3: DB Updates
 4: -egname
 5: Main
 6: -localdir
 7: /tmp/fsauasc_7ee2
 8: -q
Failed
Last AUA status code: 0
All finished, 23 new updates
fsaua@fspms1:/home/toto$ echo $?
0

 

So, something must be wrong somewhere in the fsavupd script ?

 

Is this script still supposed to be launched by the user fspms , if this is the case what can be wrong in my installation ? Some files/directories  ownerships ?

If now it shoud be executed by the user fsaua then the fsavupd script is wrong and so is the crontab command

 

does anybody has the same thing ? or a workaround ?

 

 

my packages versions are :

f-secure-automatic-update-agent_8.26.5592_i386.deb
f-secure-policy-manager-server_10.10.45186_amd64.deb

 

 

Peter

Hi,

 

Looks like an issue with missing permissions and AUA or the Automatic Update Agent fails to start because it's unable to access the files it needs. Please verify /var/opt/f-secure/fsaua folder is owned by the user: fsaua, group:fsc (fsaua.fsc) and if needed, adjust these using chown.

 

Once done, try stopping/starting the fsaua daemon:

 

# /etc/init.d/fsaua stop

# /etc/init.d/fsaua start

 

If this fails to resolve the issue, I'd recommend creating a support ticket, so we can have a closer look at the system.

 

FRAK

I think I found my problem.

It was actually a permission problem. I remember thet I once executed fsauasc... (the command executed bu fsavupd) as root user !! which worked, but this is BAD! bbecause it did change some file permissions.

To see what was wrong, I ran a strace on fsavupd to see what was the cause of

 

 

>ls -al /var/opt/f-secure/fspms/logs/fspms-fsauasc.state

             -->  -rw------- 1 root root 442  6 mai   06:05 /var/opt/f-secure/fspms/logs/fspms-fsauasc.state

 

it was root.root so I made a change :

>chown fspms  /var/opt/f-secure/fspms/logs/fspms-fsauasc.state

 

and because of the AUA connect error, I checked this

>ls -al /var/opt/f-secure/fsaua//run/fsaua_socket

             -->   srw-rw-rw- 1 fsaua fsc 0 30 avril 13:59 /var/opt/f-secure/fsaua//run/fsaua_socket

 

so I added a group fsc to the user fspms ... (not sure it is compulsory) ?

>usermod -a -G fsc fspms

 

Since then it seems to work flawlessly

 

Could you please let me know who should be member of the group fsc ? fsaua , fspms, both

Because after my installation, only fsaua has fsc as its primary group , no other member to fsc (is this the expected behaviour ?)

 

Best regards.

 

 

FRAK

Important Note :

 

In my first post, I said that when I execute fsavupd as user fsaua it works. BUT this was a mistake, it only download the latest virus definitions but it doesn't ditribute it to the fspms clients.

The permissions change indicated in my latest post was the right solution.

 

 

Chrissy

Hi FRAK!

 

Thanks for updating us on how you solved your problem!

 

Did you still require some information from us, or is everything now clear?

 

// Chrissy

F-Secure Community Manager

FRAK

Hi Chrissy_T,

 

I just checked and everything is working well untill now.

My system checks the virus definitions updates regularily.

 

Just a little follow-up you may help me on :

on fspmc (linux debian) connected to fspms (debian ) , I can't see the virus definition version on the server (il always show up in red as N/D ), is there a solution for that ?

 

 

 

Best regards.

 

 

 

Peter

If Policy Manager Console indicates virus updates are not available (N/A), something is still wrong in that if the updates are downloaded, they are not being published to the Automatic Update Server for whatever reason.

1. Verify updates are being downloaded by Automatic Update Agent by checking the relevant logfile: /var/opt/f-secure/fsaua/fsaua.log

 

2. If AUA is downloading updates, try republishing the updates manually using the following command and paste the output of /tmp/fsavupd.log to this thread:

# sudo -u fspms /opt/f-secure/fspms/bin/fsavupd --debug &> /tmp/fsavupd.log

Related to previous item, you should have an entry for executing fsavupd every x minutes in /etc/crontab:

 

*/30 * * * * fspms /opt/f-secure/fspms/bin/fsavupd