Install and Use ClamAV Antivirus - Zorin OS 17 Core

[MikeWalsh]

Thank you for your response.
This is a dumb question. Nautilus is my File Manager. Where do I enter "pkexec nautilus" to get into root?

Please advise.

Quite simply, you open a terminal. You type in

pkexec nautilus

....then hit 'Enter'. This will open Nautilus as user /root.

sudo nautilus

.....should work just as effectively.

I know some are now preferring to use "pkexec", but I would hesitate to take that advice from someone that's just recently joined and appears to be advocating use of this wholesale. "Sudo" has been the default command for years.....I fail to see the need to suddenly change that.


Mike.

 

[GatorsFan]

Thank you for your response.
This is a dumb question. Nautilus is my File Manager. Where do I enter "pkexec nautilus" to get into root?

Please advise.

terminal

 

[GatorsFan]

Quite simply, you open a terminal. You type in

pkexec nautilus

....then hit 'Enter'. This will open Nautilus as user /root.

sudo nautilus

.....should work just as effectively.

I know some are now preferring to use "pkexec", but I would hesitate to take that advice from someone that's just recently joined and appears to be advocating use of this wholesale. "Sudo" has been the default command for years.....I fail to see the need to suddenly change that.


Mike.

That is simply the way I have done for the last 10 or 12 years now or I use the right click function in Nemo or I create it in Thunar
or add nautilus-admin to Nautilus just because I may be new this forum does not constitute any lack of knowledge - if this forum makes fun of people because they are new maybe I should go somewhere else

 

[MikeWalsh]

@GatorsFan :-

Oh, I wouldn't take too much notice of ME. I talk out of my arse much of the time.....most folks here know by now to take anything I say with a sackful of salt!!

The general tone is one of tolerance; everybody's welcome, everybody is listened to, nobody will make fun of you. I'm just an old, crotchety bugger who's got to the stage where he just doesn't care any more! Why they put up with me remains a mystery.....

EDIT:- Ah, I think I see the reason now. I had to research it, because we don't use any of this in Puppy.......and tend to run-as-root most of the time anyway.


Mike.

 

[osprey]

That is simply the way I have done for the last 10 or 12 years now or I use the right click function in Nemo or I create it in Thunar
or add nautilus-admin to Nautilus just because I may be new this forum does not constitute any lack of knowledge - if this forum makes fun of people because they are new maybe I should go somewhere else

There is a difference between running pkexec and sudo to open GUIs.

If one has installed a fully featured Desktop Environment (DE) with a policykit authentication agent that is installed with it, that agent will usually have a default configuration that "just works". The pkexec command will then work seamlessly.

If, however, one installs a boutique arrangement without a standard fully featured DE, say an installation with either one or more discrete window managers, the default policykit configuration will not necessarily be installed, so the pkexec command may not work and the following sort of output is produced:

[tom@min ~/configs]$ pkexec gpick
==== AUTHENTICATING FOR org.freedesktop.policykit.exec ====
Authentication is needed to run `/usr/bin/gpick' as the super user
Authenticating as: ,,, (tom)
Password:
polkit-agent-helper-1: error response to PolicyKit daemon: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: No session for cookie
==== AUTHENTICATION FAILED ====
Error executing command as another user: Not authorized

This incident has been reported.

Despite the correct password being entered, the pkexec command fails to open the GUI application. In this case that application is the gpick program.

However, if one uses the sudo command, the program will open as root after entering the correct password which sudo requests. Where pkexc fails, sudo succeeds.

The solution to the problem of getting pkexec to work without having to install a DE is simply to install a policykit authentication agent of which there are many, and pretty much any one of them will do. In this machine the policykit authentication agent is: lxpolkit, from the package: lxpolkit. Once that authentication agent is installed, one can start it at boot or at any time in a terminal, and then run the relevant GUI program with the pkexec command, and the user will then be able to enter the password and run the GUI as root. The sudo command then is not needed of course.

 

[KGIII]

Reminder:

If we take all the rules at this site, they can be distilled into one word.

That word is civility.

I'd like to think that that's all I need to point out. I am an optimist!

Seriously, be kind and respectful. It's not always easy, but it's an obligation.

 

[WillingToLearn777]

I am sure someone will have that info on hand.

However....for what it is worth, I have used linux since (approx) 2014.

In that time, I too installed clamav

Approx a week after installing it, I purged it from my system.

Reasoning for that action? It discovered an absolute truckfull of false negatives. It slowed the pc down alarmingly.

After talking to and listening to the rest of the far more experienced folk here and on other Linux sites, I declared it to be a waste of time and resources......and unnecessary.

It is possible that as the number of people using Linux grows and perhaps becomes slightly more attractive to malware nasties, eventually an AV my become necessary.....but.....for the time being I still feel quite safe, and well taken care of by Linux's built in ability to repel malware and the like.

I would usually err on the side of caution....that is my nature.

That time has not arrived, yet.

You can be quite certain and sure that if that time does start to approach, the good people on Linux.org will give you ample warning to "harden the defences"

In the meantime, take a long slow look at your browser ....if anything is going to cause you any sort of grief, it will come to you via your browser.
If you practise safe browsing habits you are over 80% of the way there....probably over 90% in fact

Avoiding scam sites and dodgy links is something that an AV will not protect you from.

Only you can do that

Thank you for your response and advice.

 

[WillingToLearn777]

There is a difference between running pkexec and sudo to open GUIs.

If one has installed a fully featured Desktop Environment (DE) with a policykit authentication agent that is installed with it, that agent will usually have a default configuration that "just works". The pkexec command will then work seamlessly.

If, however, one installs a boutique arrangement without a standard fully featured DE, say an installation with either one or more discrete window managers, the default policykit configuration will not necessarily be installed, so the pkexec command may not work and the following sort of output is produced:

[tom@min ~/configs]$ pkexec gpick
==== AUTHENTICATING FOR org.freedesktop.policykit.exec ====
Authentication is needed to run `/usr/bin/gpick' as the super user
Authenticating as: ,,, (tom)
Password:
polkit-agent-helper-1: error response to PolicyKit daemon: GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: No session for cookie
==== AUTHENTICATION FAILED ====
Error executing command as another user: Not authorized

This incident has been reported.

Despite the correct password being entered, the pkexec command fails to open the GUI application. In this case that application is the gpick program.

However, if one uses the sudo command, the program will open as root after entering the correct password which sudo requests. Where pkexc fails, sudo succeeds.

The solution to the problem of getting pkexec to work without having to install a DE is simply to install a policykit authentication agent of which there are many, and pretty much any one of them will do. In this machine the policykit authentication agent is: lxpolkit, from the package: lxpolkit. Once that authentication agent is installed, one can start it at boot or at any time in a terminal, and then run the relevant GUI program with the pkexec command, and the user will then be able to enter the password and run the GUI as root. The sudo command then is not needed of course.

Thank you for your response. As Newbie I will have to unpack what you have said.

 

[WillingToLearn777]

That is simply the way I have done for the last 10 or 12 years now or I use the right click function in Nemo or I create it in Thunar
or add nautilus-admin to Nautilus just because I may be new this forum does not constitute any lack of knowledge - if this forum makes fun of people because they are new maybe I should go somewhere else

Thanks for your response. With the sudo nautilus command I was able to rename both the files by removing .sample.

 

[MikeWalsh]

Reminder:

If we take all the rules at this site, they can be distilled into one word.

That word is civility.

I'd like to think that that's all I need to point out. I am an optimist!

Seriously, be kind and respectful. It's not always easy, but it's an obligation.

@KGIII :-

Like I said, I don't know WHY y'all put up with me..!

No, but seriously; after my wee cardiac incident a few years ago, I seem to get days when I wake up just feeling all "bloody-minded" (and it continues to show throughout the day). If I had any sense, I would restrain myself from posting on such days, but......sheesh; I can't help myself.....this is just such a great community.

Have pity on a grouchy old sod, willya? (ducks...)


Mike.

 

[WillingToLearn777]

That is simply the way I have done for the last 10 or 12 years now or I use the right click function in Nemo or I create it in Thunar
or add nautilus-admin to Nautilus just because I may be new this forum does not constitute any lack of knowledge - if this forum makes fun of people because they are new maybe I should go somewhere else

Sir Gator,
Thanks for your support. As mentioned earlier I managed to change the name of the two ClamAV .config files.
Still cannot process a clean run of CLamAV. I have logged a query GitHub as follows:
Linux Ubuntu Zorin 17 OS - Install ClamAV via APT on Ubuntu - Error Message #1157

Trying to install ClamAV via APT on Ubuntu with:

sudo apt install clamav clamav-daemon

Receive the following Error Message:

[sudo] password for guy:
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
clamav-daemon is already the newest version (0.103.11+dfsg-0ubuntu0.22.04.1).
clamav is already the newest version (1.2.1-1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] Y
Setting up clamav-daemon (0.103.11+dfsg-0ubuntu0.22.04.1) ...
touch: cannot touch '/var/log/clamav/clamav.log': No such file or directory
dpkg: error processing package clamav-daemon (--configure):
installed clamav-daemon package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
clamav-daemon
E: Sub-process /usr/bin/dpkg returned an error code (1)

Output below from the ClamAV command - clamconf -n

Version: 1.2.1
Optional features supported: MEMPOOL AUTOIT_EA06 BZIP2 LIBXML2 PCRE2 ICONV JSON RAR

Database information​

Database directory: /usr/local/share/clamav
print_dbs: Can't open directory /usr/local/share/clamav

Platform information​

uname: Linux 6.5.0-15-generic #15~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Jan 12 18:54:30 UTC 2 x86_64
OS: Linux, ARCH: x86_64, CPU: x86_64
Full OS version: Zorin OS 17
zlib version: 1.3 (1.3), compile flags: a9
platform id: 0x0a21bfbf0800000000070500

Build information​

GNU C: 7.5.0 (7.5.0)
sizeof(void*) = 8
Engine flevel: 191, dconf: 191

Please advise. Should I uninstall the following Clam packages and restart my system and then reinstall the packages to see if I can get a clean process run with no errors.

 

[GatorsFan]

cannot touch '/var/log/clamav/clamav.log': No such file or directory

Try

sudo touch /var/log/clamav/freshclam.log

There is a couple more things you need to check on the freshclam.conf file

so it looks like the lines with the red line I am pretty sure both lines have a hastag in front you need to remove them both and where it says DatabaseOwner clamav change the clamav to root then save the file

now try

sudo freshclam

and see if it updates

You then should see the updates

user@debian:~$ sudo freshclam
ClamAV update process started at Mon Jan 29 23:14:00 2024
daily database available for download (remote version: 27169)
Time: 5.5s, ETA: 0.0s [========================>] 59.80MiB/59.80MiB
Testing database: '/var/lib/clamav/tmp.1a9b312024/clamav-9fe94fdaeb1c300de77f5151ce88da10.tmp-daily.cvd' ...
Database test passed.
daily.cvd updated (version: 27169, sigs: 2051840, f-level: 90, builder: raynman)
main database available for download (remote version: 62)
Time: 13.9s, ETA: 0.0s [========================>] 162.58MiB/162.58MiB
Testing database: '/var/lib/clamav/tmp.1a9b312024/clamav-2efa31ddfe14b36370fa7f22a24560ce.tmp-main.cvd' ...
Database test passed.

 

[WillingToLearn777]

Try

There is a couple more things you need to check on the freshclam.conf file
View attachment 18039
View attachment 18040

so it looks like the lines with the red line I am pretty sure both lines have a hastag in front you need to remove them both and where it says DatabaseOwner clamav change the clamav to root then save the file

now try

and see if it updates

You then should see the updates

user@debian:~$ sudo freshclam
ClamAV update process started at Mon Jan 29 23:14:00 2024
daily database available for download (remote version: 27169)
Time: 5.5s, ETA: 0.0s [========================>] 59.80MiB/59.80MiB
Testing database: '/var/lib/clamav/tmp.1a9b312024/clamav-9fe94fdaeb1c300de77f5151ce88da10.tmp-daily.cvd' ...
Database test passed.
daily.cvd updated (version: 27169, sigs: 2051840, f-level: 90, builder: raynman)
main database available for download (remote version: 62)
Time: 13.9s, ETA: 0.0s [========================>] 162.58MiB/162.58MiB
Testing database: '/var/lib/clamav/tmp.1a9b312024/clamav-2efa31ddfe14b36370fa7f22a24560ce.tmp-main.cvd' ...
Database test passed.

Thanks for your response. I entered the following command in he Terminal:
sudo touch /var/log/clamav/freshclam.log

See Terminal screenshot:
uy@guy-Aspire-A515-52:~$ sudo touch /var/log/clamav/freshclam.log
[sudo] password for guy:
touch: cannot touch '/var/log/clamav/freshclam.log': No such file or directory
guy@guy-Aspire-A515-52:~$

Please advise.

 

[GatorsFan]

Thanks for your response. I entered the following command in he Terminal:
sudo touch /var/log/clamav/freshclam.log

See Terminal screenshot:
uy@guy-Aspire-A515-52:~$ sudo touch /var/log/clamav/freshclam.log
[sudo] password for guy:
touch: cannot touch '/var/log/clamav/freshclam.log': No such file or directory
guy@guy-Aspire-A515-52:~$

Please advise.

Looks to me it is looking at the wrong location - look at the freshclam.conf again
look for this section (below) and check the location - this is mine

# Path to the log file (make sure it has proper permissions)
# Default: disabled
UpdateLogFile /var/log/freshclam.log

 

[GatorsFan]

There is a difference between running pkexec and sudo to open GUIs.

I know that - I only use pkexec to open the file manager and I always make sure policykit-1 is installed along with pkexec and polkitd and since I only use Debian - policykit-1-gnome as well

 

[WillingToLearn777]

Looks to me it is looking at the wrong location - look at the freshclam.conf again
look for this section (below) and check the location - this is mine

# Path to the log file (make sure it has proper permissions)
# Default: disabled
UpdateLogFile /var/log/freshclam.log

Thank you for your response. As Admin I was able to remove the # and change the file location to read
the same as yours. See highlighted below:

# Path to the log file (make sure it has proper permissions)
# Default: disabled
UpdateLogFile /var/log/freshclam.log

Please advise further.

 

[WillingToLearn777]

Looks to me it is looking at the wrong location - look at the freshclam.conf again
look for this section (below) and check the location - this is mine

# Path to the log file (make sure it has proper permissions)
# Default: disabled
UpdateLogFile /var/log/freshclam.log

Reference to my recent reply. As Admin I was able to remove the # on both and save them.
See details below:

# Path to the database directory.
# WARNING: It must match clamd.conf's directive!
# Default: hardcoded (depends on installation options)
DatabaseDirectory /var/lib/clamav

# Path to the log file (make sure it has proper permissions)
# Default: disabled
UpdateLogFile /var/log/freshclam.log

Please advise futher.

 

[WillingToLearn777]

Looks to me it is looking at the wrong location - look at the freshclam.conf again
look for this section (below) and check the location - this is mine

# Path to the log file (make sure it has proper permissions)
# Default: disabled
UpdateLogFile /var/log/freshclam.log

Thank you for your support. With your help we are making progress.
What I forgot to do is execute the command "sudo freshclam" once I made the two file location changes stated in my recent reply.

In the Terminal I executed "sudo freshclam" - result is the following error message:

guy@guy-Aspire-A515-52:~$ sudo freshclam
[sudo] password for guy:
ERROR: Can't open /var/log/freshclam.log in append mode (check permissions!).
ERROR: Problem with internal logger (UpdateLogFile = /var/log/freshclam.log).
ERROR: initialize: libfreshclam init failed.
ERROR: Initialization error!
guy@guy-Aspire-A515-52:~$

Please advise further.

 

[GatorsFan]

ERROR: Can't open /ERROR: Can't open /var/log/freshclam.log in append mode (check permissions!).var/log/freshclam.log in append mode (check permissions!).

Looks like a permissions issue try

sudo chgrp USERNAME /var/log/freshclam.log

Where USERNAME is your user name

Reboot and recheck it - if that does not work it might need to be set to root - mine is set to root

 

[WillingToLearn777]

Looks like a permissions issue try


Where USERNAME is your user name

Reboot and recheck it - if that does not work it might need to be set to root - mine is set to root

View attachment 18044

Thank you for your response. I attempted to enter the following command. Not sure if it is correct.
sudo chgrp guy@guy-Aspire-A515-52: /var/log/freshclam.log

This is the result:

guy@guy-Aspire-A515-52:~$ sudo chgrp guy@guy-Aspire-A515-52:/var/log/freshclam.log
[sudo] password for guy:
chgrp: missing operand after ‘guy@guy-Aspire-A515-52:/var/log/freshclam.log’
Try 'chgrp --help' for more information.

Please advise further.