Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
16
Installation and Upgrades / Re: Zentyal 6.1: clamAV does not work due to missing /var/run/clamav/clamd.ctl
« on: April 15, 2020, 12:26:22 pm »
It happened again:
ClamAV 0.102.2/25782/Tue Apr 14 13:57:42 2020 and kernel 5.3.0-46-generic.
Could be something related to the update of clamav that require a restart?
The system has just the root user and is mainly used as Web server. During the night, the system load is high/maximum, but with low priority (BOINC research project).
Code: [Select]
sudo ausearch -k clamAV
----
time->Tue Apr 14 01:00:34 2020
type=PROCTITLE msg=audit(1586818834.021:294025): proctitle=2F7573722F7362696E2F636C616D64002D2D666F726567726F756E643D74727565
type=PATH msg=audit(1586818834.021:294025): item=1 name="/var/run/clamav/clamd.pid" inode=1484 dev=00:18 mode=0100664 ouid=0 ogid=0 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PATH msg=audit(1586818834.021:294025): item=0 name="/var/run/clamav/" inode=1469 dev=00:18 mode=040755 ouid=0 ogid=0 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=CWD msg=audit(1586818834.021:294025): cwd="/"
type=SYSCALL msg=audit(1586818834.021:294025): arch=c000003e syscall=87 success=yes exit=0 a0=55c79c599c50 a1=55c79c03d694 a2=1 a3=ffffffe0 items=2 ppid=1 pid=1781 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="clamd" exe="/usr/sbin/clamd" key="clamAVpid"
type=CONFIG_CHANGE msg=audit(1586818834.021:294025): auid=4294967295 ses=4294967295op=updated_rules path="/var/run/clamav/clamd.pid" key="clamAVpid" list=4 res=1
----
time->Tue Apr 14 01:00:34 2020
type=PROCTITLE msg=audit(1586818834.021:294026): proctitle=2F7573722F7362696E2F636C616D64002D2D666F726567726F756E643D74727565
type=PATH msg=audit(1586818834.021:294026): item=1 name="/var/run/clamav/clamd.ctl" inode=1483 dev=00:18 mode=0140666 ouid=0 ogid=0 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PATH msg=audit(1586818834.021:294026): item=0 name="/var/run/clamav/" inode=1469 dev=00:18 mode=040755 ouid=0 ogid=0 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=CWD msg=audit(1586818834.021:294026): cwd="/"
type=SYSCALL msg=audit(1586818834.021:294026): arch=c000003e syscall=87 success=yes exit=0 a0=55c79c5987c0 a1=55c79c03d726 a2=b a3=ffffffe6 items=2 ppid=1 pid=1781 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="clamd" exe="/usr/sbin/clamd" key="clamAV"
type=CONFIG_CHANGE msg=audit(1586818834.021:294026): auid=4294967295 ses=4294967295op=updated_rules path="/var/run/clamav/clamd.ctl" key="clamAV" list=4 res=1ClamAV 0.102.2/25782/Tue Apr 14 13:57:42 2020 and kernel 5.3.0-46-generic.
Could be something related to the update of clamav that require a restart?
The system has just the root user and is mainly used as Web server. During the night, the system load is high/maximum, but with low priority (BOINC research project).
17
Installation and Upgrades / Re: Zentyal 6.1: clamAV does not work due to missing /var/run/clamav/clamd.ctl
« on: April 03, 2020, 07:13:21 pm »
I read the link that you reported. I added the following lines to the file /etc/clamav/clamd.conf as described into the link.
I have ClamAV 0.102.2/25769/Wed Apr 1 14:53:49 2020, curl 7.58.0 and kernel 5.3.0-45-generic.
When I installed zentyal 6.0 on July 2019 the problem was not present. Then it started to appear after the upgrade to zentyal 6.1. I cannot figure out if it is related to some change on clamAV (I think so, maybe 0.102+ version), zentyal or other components.
Code: [Select]
OnAccessIncludePath /home/
OnAccessExcludeUname root ## versions >= 0.102
OnAccessPrevention yes
OnAccessDisableDDD yesI have ClamAV 0.102.2/25769/Wed Apr 1 14:53:49 2020, curl 7.58.0 and kernel 5.3.0-45-generic.
When I installed zentyal 6.0 on July 2019 the problem was not present. Then it started to appear after the upgrade to zentyal 6.1. I cannot figure out if it is related to some change on clamAV (I think so, maybe 0.102+ version), zentyal or other components.
18
Installation and Upgrades / Re: Zentyal 6.1: clamAV does not work due to missing /var/run/clamav/clamd.ctl
« on: April 01, 2020, 03:40:06 pm »
Today, it happened again, the files were deleted again /var/run/clamav/clamd.ctl /var/run/clamav/clamd.pid
The script reported in my first message is executed at the same time:
00 01 * * * /srv/clamscan.sh
I do not understand why it works well for many days and suddenly it maybe delete the files...
Code: [Select]
sudo auditctl -l
-w /var/run/clamav/clamd.ctl -p rwxa -k clamAV
-w /var/run/clamav/clamd.pid -p rwxa -k clamAVpid
sudo ausearch -k clamAV
----
time->Wed Apr 1 01:00:32 2020
type=PROCTITLE msg=audit(1585695632.463:314468): proctitle=2F7573722F7362696E2F636C616D64002D2D666F726567726F756E643D74727565
type=PATH msg=audit(1585695632.463:314468): item=1 name="/var/run/clamav/clamd.pid" inode=1472 dev=00:18 mode=0100664 ouid=0 ogid=0 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PATH msg=audit(1585695632.463:314468): item=0 name="/var/run/clamav/" inode=1469 dev=00:18 mode=040755 ouid=0 ogid=0 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=CWD msg=audit(1585695632.463:314468): cwd="/"
type=SYSCALL msg=audit(1585695632.463:314468): arch=c000003e syscall=87 success=yes exit=0 a0=55a5d3b82c50 a1=55a5d20b9694 a2=1 a3=ffffffe0 items=2 ppid=1 pid=1819 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="clamd" exe="/usr/sbin/clamd" key="clamAVpid"
type=CONFIG_CHANGE msg=audit(1585695632.463:314468): auid=4294967295 ses=4294967295op=updated_rules path="/var/run/clamav/clamd.pid" key="clamAVpid" list=4 res=1
----
time->Wed Apr 1 01:00:32 2020
type=PROCTITLE msg=audit(1585695632.463:314469): proctitle=2F7573722F7362696E2F636C616D64002D2D666F726567726F756E643D74727565
type=PATH msg=audit(1585695632.463:314469): item=1 name="/var/run/clamav/clamd.ctl" inode=926 dev=00:18 mode=0140666 ouid=0 ogid=0 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PATH msg=audit(1585695632.463:314469): item=0 name="/var/run/clamav/" inode=1469 dev=00:18 mode=040755 ouid=0 ogid=0 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=CWD msg=audit(1585695632.463:314469): cwd="/"
type=SYSCALL msg=audit(1585695632.463:314469): arch=c000003e syscall=87 success=yes exit=0 a0=55a5d3b817c0 a1=55a5d20b9726 a2=b a3=ffffffe6 items=2 ppid=1 pid=1819 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="clamd" exe="/usr/sbin/clamd" key="clamAV"
type=CONFIG_CHANGE msg=audit(1585695632.463:314469): auid=4294967295 ses=4294967295op=updated_rules path="/var/run/clamav/clamd.ctl" key="clamAV" list=4 res=1
sudo ausearch -k clamAVpid
----
time->Wed Apr 1 01:00:32 2020
type=PROCTITLE msg=audit(1585695632.463:314468): proctitle=2F7573722F7362696E2F636C616D64002D2D666F726567726F756E643D74727565
type=PATH msg=audit(1585695632.463:314468): item=1 name="/var/run/clamav/clamd.pid" inode=1472 dev=00:18 mode=0100664 ouid=0 ogid=0 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PATH msg=audit(1585695632.463:314468): item=0 name="/var/run/clamav/" inode=1469 dev=00:18 mode=040755 ouid=0 ogid=0 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=CWD msg=audit(1585695632.463:314468): cwd="/"
type=SYSCALL msg=audit(1585695632.463:314468): arch=c000003e syscall=87 success=yes exit=0 a0=55a5d3b82c50 a1=55a5d20b9694 a2=1 a3=ffffffe0 items=2 ppid=1 pid=1819 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="clamd" exe="/usr/sbin/clamd" key="clamAVpid"
type=CONFIG_CHANGE msg=audit(1585695632.463:314468): auid=4294967295 ses=4294967295op=updated_rules path="/var/run/clamav/clamd.pid" key="clamAVpid" list=4 res=1
The script reported in my first message is executed at the same time:
00 01 * * * /srv/clamscan.sh
I do not understand why it works well for many days and suddenly it maybe delete the files...
19
Installation and Upgrades / Re: Zentyal 6.1: clamAV does not work due to missing /var/run/clamav/clamd.ctl
« on: March 22, 2020, 12:25:01 pm »
Hi,
I finally caught the modification:
This is the log file.
Any suggestion?
I finally caught the modification:
Code: [Select]
sudo auditctl -l
-w /var/run/clamav/clamd.ctl -p wa -k clamAVThis is the log file.
Code: [Select]
sudo ausearch -k clamAV
----
time->Sat Mar 21 01:00:32 2020
type=PROCTITLE msg=audit(1584748832.856:154963): proctitle=2F7573722F7362696E2F636C616D64002D2D666F726567726F756E643D74727565
type=PATH msg=audit(1584748832.856:154963): item=1 name="/var/run/clamav/clamd.ctl" inode=1485 dev=00:18 mode=0140666 ouid=0 ogid=0 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=PATH msg=audit(1584748832.856:154963): item=0 name="/var/run/clamav/" inode=1469 dev=00:18 mode=040755 ouid=0 ogid=0 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
type=CWD msg=audit(1584748832.856:154963): cwd="/"
type=SYSCALL msg=audit(1584748832.856:154963): arch=c000003e syscall=87 success=yes exit=0 a0=55bd566e47c0 a1=55bd55923726 a2=b a3=ffffffe6 items=2 ppid=1 pid=1807 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="clamd" exe="/usr/sbin/clamd" key="clamAV"
type=CONFIG_CHANGE msg=audit(1584748832.856:154963): auid=4294967295 ses=4294967295op=updated_rules path="/var/run/clamav/clamd.ctl" key="clamAV" list=4 res=1Any suggestion?
20
Installation and Upgrades / Re: Zentyal 6.1: clamAV does not work due to missing /var/run/clamav/clamd.ctl
« on: March 05, 2020, 08:08:18 am »
I would use auditd to know who is killing the socket.
https://linux.die.net/man/8/auditctl
Cheers!
Thank you for your reply, I did not know about this useful software. Up to now I'm not still able to track which process is deleting the file. I installed auditd and I configured it as describe https://www.techrepublic.com/article/how-to-monitor-events-on-your-linux-data-center-servers-with-auditd/.
This my /etc/audit/rules.d/audit.rules:
Code: [Select]
## First rule - delete all
-D
## Increase the buffers to survive stress events.
## Make this bigger for busy systems
-b 8192
## This determine how long to wait in burst of events
--backlog_wait_time 0
## Set failure mode to syslog
-f 1
-w /var/run/clamav/clamd.ctl -p wa -k clamAVThe monitor works well if I'm not reboot the server.Code: [Select]
sudo auditctl -l
-w /var/run/clamav/clamd.ctl -p wa -k clamAVAfter reboot, I have to manually restart the service in order to see the rules.Code: [Select]
sudo auditctl -l
No rules
sudo systemctl restart auditd
sudo auditctl -l
-w /var/run/clamav/clamd.ctl -p wa -k clamAVThe service is enabled and it start:Code: [Select]
sudo systemctl list-units | grep auditd
auditd.service loaded active running Security Auditing Service
sudo systemctl status auditd
● auditd.service - Security Auditing Service
Loaded: loaded (/lib/systemd/system/auditd.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2020-03-04 18:58:59 CET; 2min 9s ago
Docs: man:auditd(8)
https://github.com/linux-audit/audit-documentation
Main PID: 753 (auditd)
Tasks: 2 (limit: 4915)
CGroup: /system.slice/auditd.service
└─753 /sbin/auditdAny idea?
21
Installation and Upgrades / [SOLVED] Zentyal 6.1: clamAV does not work, missing /var/run/clamav/clamd.ctl
« on: February 18, 2020, 04:25:03 pm »
Hi,
I have a problem with zentyal community edition 6.1. I have clamAV that can be reached by the other processes via unix socket domain (/var/run/clamav/clamd.ctl). ClamAV works well for a while, then the file clamd.ctl disappears from the previous path and I need to manually create it or to restart the system. After boot, the file is automatically created.
I already tried with sudo apt-get install clamav-daemon.
This is my file /etc/clamav/clamd.conf
This is a script run with crontab
Any idea?
I have a problem with zentyal community edition 6.1. I have clamAV that can be reached by the other processes via unix socket domain (/var/run/clamav/clamd.ctl). ClamAV works well for a while, then the file clamd.ctl disappears from the previous path and I need to manually create it or to restart the system. After boot, the file is automatically created.
I already tried with sudo apt-get install clamav-daemon.
This is my file /etc/clamav/clamd.conf
Code: [Select]
LocalSocket /var/run/clamav/clamd.ctl
FixStaleSocket true
# TemporaryDirectory is not set to its default /tmp here to make overriding
# the default with environment variables TMPDIR/TMP/TEMP possible
User root
ScanMail true
ScanArchive true
ArchiveBlockEncrypted false
MaxDirectoryRecursion 15
FollowDirectorySymlinks false
FollowFileSymlinks false
ReadTimeout 180
MaxThreads 12
MaxConnectionQueueLength 15
StreamMaxLength 10M
LogFileMaxSize 0
LogSyslog false
LogFacility LOG_LOCAL6This is a script run with crontab
Code: [Select]
#!/bin/bash
# update
#freshclam
FILETODOWNLOAD="main.cvd daily.cvd bytecode.cvd";
for F in ${FILETODOWNLOAD}; do
sudo rm -f /var/lib/clamav/$F
wget http://database.clamav.net/$F -P /var/lib/clamav
sudo chown clamav:clamav /var/lib/clamav/$F
sudo chmod 644 /var/lib/clamav/$F
done
# scan
LOGFILE="/var/log/clamav/clamav-$(date +'%Y-%m-%d').log";
#EMAIL_MSG="Please see the log file attached.";
#EMAIL_FROM="clamav-daily@domain";
#EMAIL_TO="webmaster@domain";
DIRTOSCAN="/var/www /home/master/";
for D in ${DIRTOSCAN}; do
DIRSIZE=$(du -sh "$D" 2>/dev/null | cut -f1);
echo "Starting a daily scan of "$D" directory.
Amount of data to be scanned is "$DIRSIZE".";
clamscan -ri "$D" >> "$LOGFILE";
# get the value of "Infected lines"
MALWARE=$(tail "$LOGFILE"|grep Infected|cut -d" " -f3);
doneAny idea?
22
Installation and Upgrades / Re: Clamav does not update
« on: September 20, 2019, 10:58:24 am »Code: [Select]
/var/log/syslog.1:Sep 20 00:03:35 servermeteo kernel: [110493.016384] zentyal-firewall drop IN= OUT=eth0 SRC=93.187.29.77 DST=104.16.218.84 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=23792 DF PROTO=TCP SPT=40100 DPT=80 WINDOW=12386 RES=0x00 ACK FIN URGP=0 MARK=0x1
/var/log/syslog.1:Sep 20 00:04:04 servermeteo kernel: [110521.432479] zentyal-firewall drop IN= OUT=eth0 SRC=93.187.29.77 DST=104.16.218.84 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=23793 DF PROTO=TCP SPT=40100 DPT=80 WINDOW=12386 RES=0x00 ACK FIN URGP=0 MARK=0x1Code: [Select]
sudo freshclam --list-mirrors
Mirror #1
IP: 104.16.219.84
Successes: 2
Failures: 21
Last access: Fri Sep 20 01:07:58 2019
Ignore: No
-------------------------------------
Mirror #2
IP: 104.16.218.84
Successes: 0
Failures: 19
Last access: Fri Sep 20 01:07:14 2019
Ignore: No
At the moment I solved with this script and crontab:
Code: [Select]
#!/bin/bash
# update
#freshclam
FILES="main.cvd daily.cvd bytecode.cvd";
for F in ${FILES}; do
sudo rm -f /var/lib/clamav/$F
wget http://database.clamav.net/$F -P /var/lib/clamav
sudo chown clamav:clamav /var/lib/clamav/$F
sudo chmod 644 /var/lib/clamav/$F
doneNow the clamav-daemon run again properly.
23
Installation and Upgrades / Clamav does not update
« on: September 18, 2019, 06:54:36 pm »
Hi,
I'm using zentyal 6.0.1 (ubuntu 18.04.3) and I installed clamav (0.100.3+dfsg-0ubuntu0.18.04.1) and clamtk (5.25-1), but I'm not able to update the clamav signature with freshclam as usual.
The process is repeated many times without success. I can only update the signature manually by downloading them from clamav Web site via wget (the same url present in /etc/clamav/freshclam).
I tried with a fresh install of zentyal 6.0.1 and the behaviour is the same. All works well under ubuntu 18.04.3 64 bit.
Moreover, the freshclam service does not start:
Any idea about this? Could be a bug?
Thank you in advance
I'm using zentyal 6.0.1 (ubuntu 18.04.3) and I installed clamav (0.100.3+dfsg-0ubuntu0.18.04.1) and clamtk (5.25-1), but I'm not able to update the clamav signature with freshclam as usual.
Code: [Select]
Wed Sep 18 18:46:20 2019 -> ClamAV update process started at Wed Sep 18 18:46:20 2019
Wed Sep 18 18:46:20 2019 -> ^Your ClamAV installation is OUTDATED!
Wed Sep 18 18:46:20 2019 -> ^Local version: 0.100.3 Recommended version: 0.101.4
Wed Sep 18 18:46:20 2019 -> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Wed Sep 18 18:46:20 2019 -> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Wed Sep 18 18:46:25 2019 -> ^getfile: daily-25478.cdiff not found on db.local.clamav.net (IP: 104.16.219.84)
Wed Sep 18 18:46:25 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:25 2019 -> *Can't query daily.25478.93.0.0.6810DB54.ping.clamav.net
Wed Sep 18 18:46:26 2019 -> ^getfile: daily-25478.cdiff not found on db.local.clamav.net (IP: 104.16.218.84)
Wed Sep 18 18:46:26 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:26 2019 -> *Can't query daily.25478.93.0.0.6810DA54.ping.clamav.net
Wed Sep 18 18:46:26 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:27 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:27 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:27 2019 -> ^Incremental update failed, trying to download daily.cvd
Wed Sep 18 18:47:42 2019 -> nonblock_recv: recv timing out (30 secs)
Wed Sep 18 18:47:42 2019 -> ^getfile: Download interrupted: Operation now in progress (IP: 104.16.219.84)
Wed Sep 18 18:47:42 2019 -> ^Can't download daily.cvd from db.local.clamav.net
Wed Sep 18 18:47:42 2019 -> *Can't query daily.0.93.0.0.6810DB54.ping.clamav.net
Wed Sep 18 18:47:42 2019 -> Trying again in 5 secs...
Wed Sep 18 18:47:47 2019 -> ClamAV update process started at Wed Sep 18 18:47:47 2019
Wed Sep 18 18:47:48 2019 -> ^Your ClamAV installation is OUTDATED!
Wed Sep 18 18:47:48 2019 -> ^Local version: 0.100.3 Recommended version: 0.101.4
Wed Sep 18 18:47:48 2019 -> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Wed Sep 18 18:47:48 2019 -> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Wed Sep 18 18:47:51 2019 -> ^getfile: daily-25478.cdiff not found on db.local.clamav.net (IP: 104.16.218.84)
Wed Sep 18 18:47:51 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:51 2019 -> *Can't query daily.25478.93.0.0.6810DA54.ping.clamav.net
Wed Sep 18 18:47:51 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:52 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:52 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:52 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:52 2019 -> ^Incremental update failed, trying to download daily.cvd
Downloading daily.cvd [100%]The process is repeated many times without success. I can only update the signature manually by downloading them from clamav Web site via wget (the same url present in /etc/clamav/freshclam).
I tried with a fresh install of zentyal 6.0.1 and the behaviour is the same. All works well under ubuntu 18.04.3 64 bit.
Moreover, the freshclam service does not start:
Code: [Select]
sudo systemctl status clamav-freshclam
● clamav-freshclam.service - ClamAV virus database updater
Loaded: loaded (/lib/systemd/system/clamav-freshclam.service; disabled; vendo
Active: inactive (dead)
Docs: man:freshclam(1)
man:freshclam.conf(5)
https://www.clamav.net/documents
lines 1-6/6 (END)...skipping... Any idea about this? Could be a bug?
Thank you in advance
24
Installation and Upgrades / Re: Zentyal 6.0: installing Web server and virtual hosting
« on: July 03, 2019, 08:01:48 am »
Hi,
I solved, but the solutions is very strange. I have to change firewall rules on "Filtering rules from internal network to Zentyal" instead "Filtering rules from external network to Zentyal" without any port forwarding.
Now, with firewall enabled from an external machine.
I solved, but the solutions is very strange. I have to change firewall rules on "Filtering rules from internal network to Zentyal" instead "Filtering rules from external network to Zentyal" without any port forwarding.
Now, with firewall enabled from an external machine.
Code: [Select]
sudo nmap -sT -O -Pn myURL
Starting Nmap 7.01 ( https://nmap.org ) at 2019-07-03 07:59 CEST
Nmap scan report for myURL (myIP)
Host is up (0.062s latency).
Not shown: 994 filtered ports
PORT STATE SERVICE
21/tcp closed ftp
22/tcp open ssh
53/tcp open domain
80/tcp open http
443/tcp open https
5900/tcp closed vnc
Aggressive OS guesses: Linux 3.10 - 3.19 (94%), Linux 3.18 (90%), Linux 3.2 - 4.0 (90%), Linux 3.13 (90%), Asus RT-AC66U WAP (90%), Linux 3.10 (89%), Linux 3.11 - 3.12 (89%), Crestron XPanel control system (88%), HP P2000 G3 NAS device (88%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (87%)
No exact OS matches for host (test conditions non-ideal).
OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 13.63 seconds
25
Installation and Upgrades / Re: Zentyal 6.0: installing Web server and virtual hosting
« on: July 01, 2019, 11:02:39 am »
Hi,
I made further test and I'm sure that the problem is on firewall. If I disabled it, I'm able to surf my Web site both with HTTP and HTTPS. Whereas with firewall enabled I can only connect to GUI interface and via SSH.
The nmap command executed from the zentyal server:
Finally, the same nmap command executed from a different machine with zentyal firewall disabled:
So the Web server ports (80-443) are not open. I configured port forwarding from the zentyal firewall GUI and it seem quite straightforward. I do not see any error.
I made further test and I'm sure that the problem is on firewall. If I disabled it, I'm able to surf my Web site both with HTTP and HTTPS. Whereas with firewall enabled I can only connect to GUI interface and via SSH.
The nmap command executed from the zentyal server:
Code: [Select]
sudo nmap -sT -O -Pn myURL
Starting Nmap 7.60 ( https://nmap.org ) at 2019-07-01 10:50 CEST
Nmap scan report for myURL (myIP)
Host is up (0.00011s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
80/tcp open http
443/tcp open https
8443/tcp open https-alt
Device type: general purpose
Running: Linux 3.X|4.X
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4
OS details: Linux 3.8 - 4.9
Network Distance: 0 hopswhile the same nmap command executed from a different machine:Code: [Select]
sudo nmap -sT -O -Pn myURL
Starting Nmap 7.01 ( https://nmap.org ) at 2019-07-01 10:52 CEST
Nmap scan report for myURL (myIP)
Host is up (0.070s latency).
Not shown: 931 filtered ports, 66 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
8443/tcp open https-alt
Device type: general purpose|WAP|specialized|storage-misc|printer
Running (JUST GUESSING): Linux 3.X|4.X|2.6.X (94%), Asus embedded (90%), Crestron 2-Series (89%), HP embedded (89%), Ubiquiti embedded (88%)
OS CPE: cpe:/o:linux:linux_kernel:3 cpe:/o:linux:linux_kernel:4 cpe:/o:linux:linux_kernel cpe:/h:asus:rt-ac66u cpe:/o:crestron:2_series cpe:/h:hp:p2000_g3 cpe:/o:linux:linux_kernel:2.6.32 cpe:/h:ubnt:airmax_nanostation
Aggressive OS guesses: Linux 3.10 - 3.19 (94%), Linux 3.2 - 4.0 (91%), Linux 3.13 (90%), Asus RT-AC66U WAP (90%), Linux 3.10 (90%), Linux 3.11 - 3.12 (90%), Linux 3.18 (90%), Crestron XPanel control system (89%), HP P2000 G3 NAS device (89%), Linux 2.6.32 (88%)
No exact OS matches for host (test conditions non-ideal).Finally, the same nmap command executed from a different machine with zentyal firewall disabled:
Code: [Select]
sudo nmap -sT -O -Pn myURL
Starting Nmap 7.01 ( https://nmap.org ) at 2019-07-01 10:53 CEST
Nmap scan report for myURL (myIP)
Host is up (0.059s latency).
Not shown: 994 closed ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
80/tcp open http
135/tcp filtered msrpc
443/tcp open https
8443/tcp open https-alt
Aggressive OS guesses: Linux 3.10 - 3.19 (95%), Linux 3.18 (93%), Linux 3.2 - 4.0 (93%), Linux 3.13 (92%), Asus RT-AC66U WAP (92%), Linux 3.10 (92%), Linux 3.11 - 3.12 (92%), HP P2000 G3 NAS device (91%), OpenWrt Kamikaze 7.09 (Linux 2.6.22) (90%), Linux 2.6.18 - 2.6.22 (90%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 15 hops
OS detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 13.56 seconds
So the Web server ports (80-443) are not open. I configured port forwarding from the zentyal firewall GUI and it seem quite straightforward. I do not see any error.
Code: [Select]
sudo iptables -t nat -v -x -n -L
Chain PREROUTING (policy ACCEPT 6911 packets, 417031 bytes)
pkts bytes target prot opt in out source destination
7036 424495 premodules all -- * * 0.0.0.0/0 0.0.0.0/0
29 1740 DNAT tcp -- eth0 * 0.0.0.0/0 myIP tcp dpt:443 to:myIP
96 5724 DNAT tcp -- eth0 * 0.0.0.0/0 myIP tcp dpt:80 to:myIP
Chain INPUT (policy ACCEPT 338 packets, 20208 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 1307 packets, 80122 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 1307 packets, 80122 bytes)
pkts bytes target prot opt in out source destination
1307 80122 postmodules all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 SNAT tcp -- * * 0.0.0.0/0 myIP tcp dpt:443 ctstate DNAT to:myIP
0 0 SNAT tcp -- * * 0.0.0.0/0 myIP tcp dpt:80 ctstate DNAT to:myIP
Chain postmodules (1 references)
pkts bytes target prot opt in out source destination
Chain premodules (1 references)
pkts bytes target prot opt in out source destination
Code: [Select]
sudo iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
preinput all -- anywhere anywhere
idrop all -- anywhere anywhere state INVALID
iaccept all -- anywhere anywhere state RELATED,ESTABLISHED
inospoof all -- anywhere anywhere
iexternalmodules all -- anywhere anywhere
iexternal all -- anywhere anywhere
inoexternal all -- anywhere anywhere
imodules all -- anywhere anywhere
iglobal all -- anywhere anywhere
iaccept icmp !f anywhere anywhere icmp echo-request state NEW
iaccept icmp !f anywhere anywhere icmp echo-reply state NEW
iaccept icmp !f anywhere anywhere icmp destination-unreachable state NEW
iaccept icmp !f anywhere anywhere icmp source-quench state NEW
iaccept icmp !f anywhere anywhere icmp time-exceeded state NEW
iaccept icmp !f anywhere anywhere icmp parameter-problem state NEW
idrop all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
preforward all -- anywhere anywhere
fdrop all -- anywhere anywhere state INVALID
faccept all -- anywhere anywhere state RELATED,ESTABLISHED
fnospoof all -- anywhere anywhere
fredirects all -- anywhere anywhere
fmodules all -- anywhere anywhere
ffwdrules all -- anywhere anywhere
fnoexternal all -- anywhere anywhere
fdns all -- anywhere anywhere
fglobal all -- anywhere anywhere
faccept icmp !f anywhere anywhere icmp echo-request state NEW
faccept icmp !f anywhere anywhere icmp echo-reply state NEW
faccept icmp !f anywhere anywhere icmp destination-unreachable state NEW
faccept icmp !f anywhere anywhere icmp source-quench state NEW
faccept icmp !f anywhere anywhere icmp time-exceeded state NEW
faccept icmp !f anywhere anywhere icmp parameter-problem state NEW
fdrop all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
preoutput all -- anywhere anywhere
odrop all -- anywhere anywhere state INVALID
oaccept all -- anywhere anywhere state RELATED,ESTABLISHED
ointernal all -- anywhere anywhere
omodules all -- anywhere anywhere
oglobal all -- anywhere anywhere
oaccept icmp !f anywhere anywhere icmp echo-request state NEW
oaccept icmp !f anywhere anywhere icmp echo-reply state NEW
oaccept icmp !f anywhere anywhere icmp destination-unreachable state NEW
oaccept icmp !f anywhere anywhere icmp source-quench state NEW
oaccept icmp !f anywhere anywhere icmp time-exceeded state NEW
oaccept icmp !f anywhere anywhere icmp parameter-problem state NEW
odrop all -- anywhere anywhere
Chain drop (5 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 50/min burst 10 LOG level debug prefix "zentyal-firewall drop "
DROP all -- anywhere anywhere
Chain faccept (12 references)
target prot opt source destination
NFQUEUE all -- anywhere anywhere NFQUEUE num 0
ACCEPT all -- anywhere anywhere
Chain fdns (1 references)
target prot opt source destination
faccept udp -- anywhere one.one.one.one state NEW udp dpt:domain
faccept tcp -- anywhere one.one.one.one state NEW tcp dpt:domain
Chain fdrop (4 references)
target prot opt source destination
drop all -- anywhere anywhere
Chain ffwdrules (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fglobal (1 references)
target prot opt source destination
faccept all -- anywhere anywhere
Chain fmodules (1 references)
target prot opt source destination
Chain fnoexternal (1 references)
target prot opt source destination
Chain fnospoof (1 references)
target prot opt source destination
fnospoofmodules all -- anywhere anywhere
fdrop all -- myIPNetwork/24 anywhere
Chain fnospoofmodules (1 references)
target prot opt source destination
Chain fredirects (1 references)
target prot opt source destination
LOG tcp -- anywhere myURL state NEW tcp dpt:https limit: avg 50/min burst 10 LOG level debug prefix "zentyal-firewall redirect "
faccept tcp -- anywhere myURL state NEW tcp dpt:https
LOG tcp -- anywhere myURL state NEW tcp dpt:http limit: avg 50/min burst 10 LOG level debug prefix "zentyal-firewall redirect "
faccept tcp -- anywhere myURL state NEW tcp dpt:http
Chain ftoexternalonly (0 references)
target prot opt source destination
fdrop all -- anywhere anywhere
Chain iaccept (34 references)
target prot opt source destination
NFQUEUE all -- anywhere anywhere NFQUEUE num 0
ACCEPT all -- anywhere anywhere
Chain idrop (3 references)
target prot opt source destination
drop all -- anywhere anywhere
Chain iexternal (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
iaccept tcp -- anywhere anywhere tcp dpt:ssh state NEW
iaccept tcp -- anywhere anywhere tcp dpt:https state NEW
iaccept tcp -- anywhere anywhere tcp dpt:http state NEW
drop tcp -- anywhere anywhere tcp dpt:5900 state NEW
drop tcp -- anywhere anywhere tcp dpt:6900 state NEW
Chain iexternalmodules (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain iglobal (1 references)
target prot opt source destination
iaccept udp -- anywhere anywhere udp dpt:kerberos state NEW
iaccept tcp -- anywhere anywhere tcp dpt:kerberos state NEW
iaccept tcp -- anywhere anywhere tcp dpt:loc-srv state NEW
iaccept udp -- anywhere anywhere udp dpt:netbios-ns state NEW
iaccept udp -- anywhere anywhere udp dpt:netbios-dgm state NEW
iaccept tcp -- anywhere anywhere tcp dpt:netbios-ssn state NEW
iaccept udp -- anywhere anywhere udp dpt:ldap state NEW
iaccept tcp -- anywhere anywhere tcp dpt:ldap state NEW
iaccept tcp -- anywhere anywhere tcp dpt:microsoft-ds state NEW
iaccept udp -- anywhere anywhere udp dpt:kpasswd state NEW
iaccept tcp -- anywhere anywhere tcp dpt:kpasswd state NEW
iaccept tcp -- anywhere anywhere tcp dpt:ldaps state NEW
iaccept tcp -- anywhere anywhere tcp dpt:3268 state NEW
iaccept tcp -- anywhere anywhere tcp dpt:3269 state NEW
iaccept tcp -- anywhere anywhere tcp dpts:49152:65535 state NEW
iaccept udp -- anywhere anywhere udp dpt:ntp state NEW
iaccept udp -- anywhere anywhere udp dpt:domain state NEW
iaccept tcp -- anywhere anywhere tcp dpt:domain state NEW
iaccept tcp -- anywhere anywhere tcp dpt:5900 state NEW
iaccept tcp -- anywhere anywhere tcp dpt:6900 state NEW
iaccept tcp -- anywhere anywhere tcp dpt:ssh state NEW
iaccept tcp -- anywhere anywhere tcp dpt:8443 state NEW
iaccept tcp -- anywhere anywhere tcp dpt:ftp-data state NEW
iaccept tcp -- anywhere anywhere tcp dpt:ftp state NEW
Chain imodules (1 references)
target prot opt source destination
Chain inoexternal (1 references)
target prot opt source destination
Chain inointernal (0 references)
target prot opt source destination
Chain inospoof (1 references)
target prot opt source destination
inospoofmodules all -- anywhere anywhere
idrop all -- myIPNetwork/24 anywhere
Chain inospoofmodules (1 references)
target prot opt source destination
Chain log (0 references)
target prot opt source destination
LOG all -- anywhere anywhere limit: avg 50/min burst 10 LOG level debug prefix "zentyal-firewall log "
RETURN all -- anywhere anywhere
Chain oaccept (11 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain odrop (2 references)
target prot opt source destination
drop all -- anywhere anywhere
Chain oglobal (1 references)
target prot opt source destination
oaccept all -- anywhere anywhere state NEW
Chain ointernal (1 references)
target prot opt source destination
oaccept udp -- anywhere one.one.one.one state NEW udp dpt:domain
oaccept tcp -- anywhere one.one.one.one state NEW tcp dpt:domain
Chain omodules (1 references)
target prot opt source destination
oaccept tcp -- anywhere anywhere tcp dpt:http
Chain preforward (1 references)
target prot opt source destination
Chain preinput (1 references)
target prot opt source destination
Chain preoutput (1 references)
target prot opt source destination
26
Installation and Upgrades / Re: Zentyal 6.0: installing Web server and virtual hosting
« on: June 28, 2019, 06:14:56 pm »
Hi,
yes of course. I enabled under network->services->any source port, 80 and 443 destination ports for HTTP & HTTPS then under firewall->packet filter->rules from external networks to Zentyal->Accept and any source for both HTTP & HTTPS. Finally, under firewall->port forwarding->two rules for HTTP and HTTPS (interface->eth0, original destination->Zentyal, protocol->tcp, original destination port->80 and 443, destination IP->myIP, port->same, replace source address->yes ).
I did not set up any rule for UDP since Web traffic uses TCP. At the moment the Web sites are using HTTP and virtual hosting. If I connect to URL (a due to /etc/hosts rows) or localhost both the Web sites work well from the server machine.
Finally, my zentyal machine has only one interface eth0.
yes of course. I enabled under network->services->any source port, 80 and 443 destination ports for HTTP & HTTPS then under firewall->packet filter->rules from external networks to Zentyal->Accept and any source for both HTTP & HTTPS. Finally, under firewall->port forwarding->two rules for HTTP and HTTPS (interface->eth0, original destination->Zentyal, protocol->tcp, original destination port->80 and 443, destination IP->myIP, port->same, replace source address->yes ).
I did not set up any rule for UDP since Web traffic uses TCP. At the moment the Web sites are using HTTP and virtual hosting. If I connect to URL (a due to /etc/hosts rows) or localhost both the Web sites work well from the server machine.
Finally, my zentyal machine has only one interface eth0.
27
Installation and Upgrades / Re: Zentyal 6.0: installing Web server and virtual hosting
« on: June 28, 2019, 12:57:26 pm »
Hi,
of course, this is what I did. However, it does not work.
The traffic is arriving to the Web server.
and iptables
The system can surf Internet and locally the Web servers work well. What could be the problem?
Thank you
of course, this is what I did. However, it does not work.
The traffic is arriving to the Web server.
Code: [Select]
sudo tcpdump -n -tttt -i eth0 port 80
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
2019-06-28 12:42:21.008986 IP externalIP.54154 > myIP.80: Flags [S], seq 4266973636, win 14000, options [mss 1310,nop,wscale 8,nop,nop,sackOK], length 0
The port for HTTP traffic is open.Code: [Select]
nmap myIP
Starting Nmap 7.60 ( https://nmap.org ) at 2019-06-28 12:47 CEST
Nmap scan report for myURL (myIP)
Host is up (0.00011s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
21/tcp open ftp
22/tcp open ssh
53/tcp open domain
80/tcp open http
8443/tcp open https-altand iptables
Code: [Select]
sudo iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
premodules all -- anywhere anywhere
DNAT tcp -- anywhere myURL to:myIP
DNAT tcp -- anywhere myURL tcp dpt:http to:myIP
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
postmodules all -- anywhere anywhere
SNAT tcp -- anywhere myURL ctstate DNAT to:myIP
SNAT tcp -- anywhere myURL tcp dpt:http ctstate DNAT to:myIP
Chain postmodules (1 references)
target prot opt source destination
Chain premodules (1 references)
target prot opt source destination The system can surf Internet and locally the Web servers work well. What could be the problem?
Thank you
28
Installation and Upgrades / Re: Zentyal 6.0: installing Web server and virtual hosting
« on: June 21, 2019, 09:35:43 am »
Hi,
I finally managed to restore the Web server configuration https://wiki.zentyal.org/wiki/Apache_web_server with virtual hosting of my previous zentyal 3.4.
My Web server has a static IP address provided by the ISP and I have an external DNS services that associated that static IP to the corresponding URL. I changed the configuration into the Web interface for static interface and the gateway even if not all the changes are reflected in the file
Now I'm facing the last issue. If I manually change the file
Thank you
I finally managed to restore the Web server configuration https://wiki.zentyal.org/wiki/Apache_web_server with virtual hosting of my previous zentyal 3.4.
My Web server has a static IP address provided by the ISP and I have an external DNS services that associated that static IP to the corresponding URL. I changed the configuration into the Web interface for static interface and the gateway even if not all the changes are reflected in the file
Code: [Select]
/etc/network/interfaces (gateway is not added, why?).Now I'm facing the last issue. If I manually change the file
Code: [Select]
/etc/hosts and I add a line with IP and URL, I will reach my Web sites. However, is this the right way or is better to install DNS server on zentyal and configure it for this purpose as described here https://www.tecmint.com/install-and-configure-web-services-on-zentyal/?Thank you
29
Installation and Upgrades / Re: Upgrading from 3.4 to 6.0
« on: June 19, 2019, 04:04:43 pm »
Hi,
I tried again and then I decided to give up. Now I'm reconfiguring from scratch a new server with zentyal 6.0.
Thank you
I tried again and then I decided to give up. Now I'm reconfiguring from scratch a new server with zentyal 6.0.
Thank you
30
Installation and Upgrades / Re: Upgrading from 3.4 to 6.0
« on: June 18, 2019, 09:38:17 am »
Hi,
The commands sudo apt-get update and sudo apt-get upgrade do not allow to upgrade any package.
lNow if I try to reinstall a zentyal package e.g. zentyal-ca, I get:
Is it possible to restore the old version? Have I to change other files that /etc/apt/sources.list?
Thank you
Code: [Select]
dpkg -l |egrep -v '^(ii|rc)'I removed all the broken packages (zentyal-*.*). Then I reverted the file /etc/apt/sources.list to the following one:Code: [Select]
cat /etc/apt/sources.list
#
# deb cdrom:[Ubuntu-Server 13.10 _Saucy Salamander_ - Release amd64 (20131016)]/ saucy extras main restricted
#deb cdrom:[Ubuntu-Server 13.10 _Saucy Salamander_ - Release amd64 (20131016)]/ saucy extras main restricted
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
#deb http://old-release.ubuntu.com/ubuntu/ saucy main restricted
#deb-src http://old-release.ubuntu.com/ubuntu/ saucy main restricted
## Major bug fix updates produced after the final release of the
## distribution.
#deb http://old-release.ubuntu.com/ubuntu/ saucy-updates main restricted
#deb-src http://old-release.ubuntu.com/ubuntu/ saucy-updates main restricted
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
#deb http://old-release.ubuntu.com/ubuntu/ saucy universe
#deb-src http://old-release.ubuntu.com/ubuntu/ saucy universe
#deb http://old-release.ubuntu.com/ubuntu/ saucy-updates universe
#deb-src http://old-release.ubuntu.com/ubuntu/ saucy-updates universe
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
#deb http://old-release.ubuntu.com/ubuntu/ saucy multiverse
#deb-src http://old-release.ubuntu.com/ubuntu/ saucy multiverse
#deb http://old-release.ubuntu.com/ubuntu/ saucy-updates multiverse
#deb-src http://old-release.ubuntu.com/ubuntu/ saucy-updates multiverse
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
#deb http://old-release.ubuntu.com/ubuntu/ saucy-backports main restricted universe multiverse
#deb-src http://old-release.ubuntu.com/ubuntu/ saucy-backports main restricted universe multiverse
deb http://archive.zentyal.org/zentyal 3.4 main extra
#deb http://security.ubuntu.com/ubuntu saucy-security main restricted
#deb-src http://security.ubuntu.com/ubuntu saucy-security main restricted
#deb http://security.ubuntu.com/ubuntu saucy-security universe
#deb-src http://security.ubuntu.com/ubuntu saucy-security universe
#deb http://security.ubuntu.com/ubuntu saucy-security multiverse
#deb-src http://security.ubuntu.com/ubuntu saucy-security multiverse
## Uncomment the following two lines to add software from Canonical's
## 'partner' repository.
## This software is not part of Ubuntu, but is offered by Canonical and the
## respective vendors as a service to Ubuntu users.
# deb http://archive.canonical.com/ubuntu saucy partner
# deb-src http://archive.canonical.com/ubuntu saucy partner
## Uncomment the following two lines to add software from Ubuntu's
## 'extras' repository.
## This software is not part of Ubuntu, but is offered by third-party
## developers who want to ship their latest software.
# deb http://extras.ubuntu.com/ubuntu saucy main
# deb-src http://extras.ubuntu.com/ubuntu saucy main
deb http://old-releases.ubuntu.com/ubuntu/ saucy main universe restricted multiverse
#deb-src http://old-releases.ubuntu.com/ubuntu/ saucy main universe restricted multiverse
deb http://old-releases.ubuntu.com/ubuntu/ saucy-security main universe restricted multiverse
#deb-src http://old-releases.ubuntu.com/ubuntu/ saucy-security main universe restricted multiverse
deb http://old-releases.ubuntu.com/ubuntu/ saucy-updates main universe restricted multiverse
#deb-src http://old-releases.ubuntu.com/ubuntu/ saucy-updates main universe restricted multiverse
deb http://old-releases.ubuntu.com/ubuntu/ saucy-backports main restricted universe multiverse
#deb-src http://old-releases.ubuntu.com/ubuntu/ saucy-backports main restricted universe multiverse
deb http://old-releases.ubuntu.com/ubuntu/ saucy-proposed main restricted universe multiverse
#deb-src http://old-releases.ubuntu.com/ubuntu/ saucy-proposed main restricted universe multiverse
deb http://ppa.launchpad.net/ubuntu-mozilla-security/ppa/ubuntu saucy main The commands sudo apt-get update and sudo apt-get upgrade do not allow to upgrade any package.
lNow if I try to reinstall a zentyal package e.g. zentyal-ca, I get:
Code: [Select]
sudo apt-get install zentyal-core zentyal-ca
Reading list of packages... Done
Dependency tree generation
Reading status information... Done
Some packages cannot be installed. This may mean
that an impossible situation has been requested or, if you are in the process of
using a distribution in development, that some required packages
have not yet been created or removed by Incoming.
The following information can help you resolve the situation:
The following packages have unsatisfied dependencies:
zentyal-core : Depends: zentyal-common (< 3.5) version 3.5 is about to be installed
E: Unable to fix problems, there are damaged packages blocked.Is it possible to restore the old version? Have I to change other files that /etc/apt/sources.list?
Thank you