Closed madman2012 closed 6 months ago
I'm getting this error frequently (but for .zip files) on a fresh AIO install.
Try to check this file directly in ClamAV and check the error, for example, timeout.
I've run into the same error message and started to debug the files_antivirus plugin.
First, I scanned the file on the console using clamscan which worked as expected:
root@nextcloud-vm:/var/www/nextcloud# clamscan /opt/nextcloud/data/admin/files/testfile.zip
Loading: 14s, ETA: 0s [========================>] 8.68M/8.68M sigs
Compiling: 4s, ETA: 0s [========================>] 41/41 tasks
/opt/nextcloud/data/admin/files/testfile.zip: OK
----------- SCAN SUMMARY -----------
Known viruses: 8680175
Engine version: 1.0.3
Scanned directories: 0
Scanned files: 1
Infected files: 0
Data scanned: 76.54 MB
Data read: 18.31 MB (ratio 4.18:1)
Time: 101.229 sec (1 m 41 s)
Start Date: 2023:12:08 15:41:46
End Date: 2023:12:08 15:43:27
Now let's do the same thing using the occ command as it will be run from the background scan cronjob while tracking the script runtime:
root@nextcloud-vm:/var/www/nextcloud# time sudo -u www-data php occ files_antivirus:scan /admin/files/testfile.zip
/admin/files/testfile.zip couldn't be scanned: No matching rule for response []. Please check antivirus rules configuration.
real 1m0,391s
user 0m0,001s
sys 0m0,009s
It takes almost exactly one minute to fail. Well, that's kind of suspicious. Digging around in the PHP documentation, I found out that default_socket_timeout may apply.
root@nextcloud-vm:/var/www/nextcloud# cat /etc/php/8.1/cli/php.ini | grep socket_timeout
default_socket_timeout = 60
Bingo. It's set to 60s by default. Let's try 10 minutes.
root@nextcloud-vm:/var/www/nextcloud# vi /etc/php/8.1/cli/php.ini
root@nextcloud-vm:/var/www/nextcloud# cat /etc/php/8.1/cli/php.ini | grep socket_timeout
default_socket_timeout = 600
... and check again:
root@nextcloud-vm:/var/www/nextcloud# time sudo -u www-data php occ files_antivirus:scan /admin/files/testfile.zip
/admin/files/testfile.zip is clean
real 1m3,900s
user 0m0,004s
sys 0m0,004s
Nice - it does not time out anymore.
I would suggest catching the timeout if possible and throw a more accurate error message. Also it might be possible to modify the timeout during script runtime using stream_set_timeout()?
I hope this information is helpful to fix the problem.
I would suggest catching the timeout if possible and throw a more accurate error message. Also it might be possible to modify the timeout during script runtime using stream_set_timeout()?
sounds great! cc @ArtificialOwl @icewind1991
I no longer get the error message Not Checked. No matching rules. Please check antivirus rules
but instead Not Checked. Socket timed out while scanning File: ****.xlsx
is displayed in my logs almost every minute.
Can the problem be solved with the same approach?
Steps to reproduce
Expected behavior
Actual behavior
[files_antivirus] Error: Not Checked. No matching rule for response []. Please check antivirus rules configuration. File: 35659 Account: admin Path: /admin/files/@Documents to sort/Forward Curves v1.xlsx
Host OS
Unraid
Nextcloud AIO version
25.0.2
Current channel
latest
Other valuable info