FSPMS 10.10 and FSAUA on Debian 6.0 - default fsavupd problem

I have instlled FSPMS 10.10 on Linux Debian 6.0

The automatic update agent doesn't work as instended.

 

in /etc/crontab I have this line :

*/30 * * * * fspms /opt/f-secure/fspms/bin/fsavupd

It doesn't seem to work.


so now I tried to launch it manually to see what went wrong

 

su fspms

/opt/f-secure/fsaua/bin/fsauasc -vv -m pms -u -t /etc/opt/f-secure/fspms/fspms-fsauasc.conf -d /var/opt/f-secure/fspms/logs/fspms-fsauasc.state

 

 

 

here is the output

avmisc seems to be non extract
Couldn't connect AUA

 

 

 

So I tied with another user : fsaua

su fsaua  -s /bin/bash

/opt/f-secure/fsaua/bin/fsauasc -vv -m pms -u -t /etc/opt/f-secure/fspms/fspms-fsauasc.conf -d /var/opt/f-secure/fspms/logs/fspms-fsauasc.state


 then it works

 

avmisc seems to be non extract
Sending registeration
Asking latest segmentation rules
Sending update request for avmisc version 0
Sending update request for BLENG version 0
Sending update request for gemdb version 0
Sending update request for hipscfg version 0
Sending update request for idsdb version 0
Sending update request for SCDB3 version 0
Sending update request for SCDB31 version 0
Sending update request for hydrawin version 0
Sending update request for hydralinux version 0
...

 8: -q
Failed
Download complete for hydralinux version 1367322229, OK
Republishing update...running /opt/f-secure/fsaus/bin/bwadmin with args:
 0: /opt/f-secure/fsaus/bin/bwadmin
 1: addsubchannel
 2: -name
 3: DB Updates
 4: -q
running /opt/f-secure/fsaus/bin/bwadmin with args:
 0: /opt/f-secure/fsaus/bin/bwadmin
 1: addexpgroup
 2: -scname
 3: DB Updates
 4: -name
 5: Main
 6: -q
running /opt/f-secure/fsaus/bin/bwadmin with args:
 0: /opt/f-secure/fsaus/bin/bwadmin
 1: set_segrules
 2: -path
 3: /tmp/fsauasc_7ee2_segrules
 4: -q
running /opt/f-secure/fsaus/bin/bwadmin with args:
 0: /opt/f-secure/fsaus/bin/bwadmin
 1: add_prs
 2: -scname
 3: DB Updates
 4: -egname
 5: Main
 6: -localdir
 7: /tmp/fsauasc_7ee2
 8: -q
Failed
Last AUA status code: 0
All finished, 23 new updates
[email protected]:/home/toto$ echo $?
0


 

So, something must be wrong somewhere in the fsavupd script ?

 

Is this script still supposed to be launched by the user fspms , if this is the case what can be wrong in my installation ? Some files/directories  ownerships ?

If now it shoud be executed by the user fsaua then the fsavupd script is wrong and so is the crontab command

 

does anybody has the same thing ? or a workaround ?

 

 

my packages versions are :

f-secure-automatic-update-agent_8.26.5592_i386.deb
f-secure-policy-manager-server_10.10.45186_amd64.deb

 

 

Best Answer

  • FRAKFRAK Posts: 4
    Accepted Answer

    I think I found my problem.

    It was actually a permission problem. I remember thet I once executed fsauasc... (the command executed bu fsavupd) as root user !! which worked, but this is BAD! bbecause it did change some file permissions.

    To see what was wrong, I ran a strace on fsavupd to see what was the cause of

     

     

    >ls -al /var/opt/f-secure/fspms/logs/fspms-fsauasc.state

                 -->  -rw------- 1 root root 442  6 mai   06:05 /var/opt/f-secure/fspms/logs/fspms-fsauasc.state

     

    it was root.root so I made a change :

    >chown fspms  /var/opt/f-secure/fspms/logs/fspms-fsauasc.state

     

    and because of the AUA connect error, I checked this

    >ls -al /var/opt/f-secure/fsaua//run/fsaua_socket

                 -->   srw-rw-rw- 1 fsaua fsc 0 30 avril 13:59 /var/opt/f-secure/fsaua//run/fsaua_socket

     

    so I added a group fsc to the user fspms ... (not sure it is compulsory) ?

    >usermod -a -G fsc fspms

     

    Since then it seems to work flawlessly




     

    Could you please let me know who should be member of the group fsc ? fsaua , fspms, both

    Because after my installation, only fsaua has fsc as its primary group , no other member to fsc (is this the expected behaviour ?)

     

    Best regards.

     

     

Answers

  • PeterPeter Posts: 186

    Hi,

     

    Looks like an issue with missing permissions and AUA or the Automatic Update Agent fails to start because it's unable to access the files it needs. Please verify /var/opt/f-secure/fsaua folder is owned by the user: fsaua, group:fsc (fsaua.fsc) and if needed, adjust these using chown.

     

    Once done, try stopping/starting the fsaua daemon:

     

    # /etc/init.d/fsaua stop

    # /etc/init.d/fsaua start

     

    If this fails to resolve the issue, I'd recommend creating a support ticket, so we can have a closer look at the system.

     

  • FRAKFRAK Posts: 4

    Important Note :

     

    In my first post, I said that when I execute fsavupd as user fsaua it works. BUT this was a mistake, it only download the latest virus definitions but it doesn't ditribute it to the fspms clients.

    The permissions change indicated in my latest post was the right solution.

     

     

  • ChrissyChrissy Posts: 439

    Hi FRAK!

     

    Thanks for updating us on how you solved your problem!

     

    Did you still require some information from us, or is everything now clear?

     

    // Chrissy

    F-Secure Community Manager

  • FRAKFRAK Posts: 4

    Hi Chrissy_T,

     

    I just checked and everything is working well untill now.

    My system checks the virus definitions updates regularily.

     

    Just a little follow-up you may help me on :

    on fspmc (linux debian) connected to fspms (debian ) , I can't see the virus definition version on the server (il always show up in red as N/D ), is there a solution for that ?

     

     

    fspmc-def-on-server.png

     

    Best regards.

     

     

     

  • PeterPeter Posts: 186

    If Policy Manager Console indicates virus updates are not available (N/A), something is still wrong in that if the updates are downloaded, they are not being published to the Automatic Update Server for whatever reason.


    1. Verify updates are being downloaded by Automatic Update Agent by checking the relevant logfile: /var/opt/f-secure/fsaua/fsaua.log

     

    2. If AUA is downloading updates, try republishing the updates manually using the following command and paste the output of /tmp/fsavupd.log to this thread:

    # sudo -u fspms /opt/f-secure/fspms/bin/fsavupd --debug &> /tmp/fsavupd.log

    Related to previous item, you should have an entry for executing fsavupd every x minutes in /etc/crontab:

     

    */30 * * * * fspms /opt/f-secure/fspms/bin/fsavupd



This discussion has been closed.