Dansguardian-2.12.0.3_2 problems



  • Hello everyone:

    I just installed the 2.1.2 version of pfSense yesterday, and I have a major problem:
    Dansguardian simply won't work.  I tried to install version 2.12.0.3_1 and still nothing.

    In pfSense 2.0.3 and 2.1.0, it always worked.

    And when I try to run the dansguardian script, I get these errors:

    
    Starting DansGuardian
    Error opening/creating log file (check ownership and access rights).
    I am running as nobody and I am trying to open /var/log//access.log
    /usr/local/etc/rc.d/dansguardianL WARNING: failed to start dansguardian
    
    

    What is going on? Should I just install pfSense 2.0.3 and not upgrade to the latest version of pfSense?

    I also figured that DansGuardian 2.12.0.3_2 is in beta, which is what is going wrong.  I had to install clamav in order to get freshclam to work (freshclam was missing, as was the clamav package).



  • That's strange that it's trying to use /var/log/access.log. Do you have a custom configuration directive for that or is this a fresh install?



  • @pfSense2User:

    Hello everyone:

    I just installed the 2.1.2 version of pfSense yesterday, and I have a major problem:
    Dansguardian simply won't work.  I tried to install version 2.12.0.3_1 and still nothing.

    In pfSense 2.0.3 and 2.1.0, it always worked.

    And when I try to run the dansguardian script, I get these errors:

    
    Starting DansGuardian
    Error opening/creating log file (check ownership and access rights).
    I am running as nobody and I am trying to open /var/log//access.log
    /usr/local/etc/rc.d/dansguardianL WARNING: failed to start dansguardian
    
    

    What is going on? Should I just install pfSense 2.0.3 and not upgrade to the latest version of pfSense?

    I also figured that DansGuardian 2.12.0.3_2 is in beta, which is what is going wrong.  I had to install clamav in order to get freshclam to work (freshclam was missing, as was the clamav package).

    Issues in 2.12.0.3_2 have been addressed in several recent threads… For example

    https://forum.pfsense.org/index.php?topic=75068.msg409617#msg409617
    https://forum.pfsense.org/index.php?topic=75005.msg409326#msg409326
    https://forum.pfsense.org/index.php?topic=75243.msg410708#msg410708



  • Tried every solution in those threads, and still no luck. Tried installing version 2.12.0.2, no luck.

    When I reinstalled the janky version of DansGuardian, the link to configure DG shows up, and when I click on it, the link makes like my facial hair and disappears.



  • I'm trying to push e2guardian(dansguardian fork) to freebsd and then to pfsense. This may fix a lot of issues with no more updated dansguardian.

    Keep in mind that it may take time until freebsd guys aprove the port.



  • @pfSense2User:

    Tried every solution in those threads, and still no luck. Tried installing version 2.12.0.2, no luck.

    When I reinstalled the janky version of DansGuardian, the link to configure DG shows up, and when I click on it, the link makes like my facial hair and disappears.

    Please describe what you are doing if you want more specific help… I can confirm - because I've done it multiple times - that the following high-level steps work...

    1.) Install squid3
    2.) Install latest DG
    3.) Manually replace DG with the old 2.12.0.3 version from Marcello's repository
    4.) Manually overwrite the DG executable with the one from Marcello's repository (that fixes the web upload issue).
    5.) Manually fix the symbolic links for the content scanner config files
    6.) Reboot the box
    7.) Update the blacklist download URL
    8.) Download blacklists
    9.) Reboot the box
    10.) check that squid and DG started ok

    I've done this so many times that I have it all automated in an install script and I also just replace a version of the config.xml file with my pre-created DG settings... It's a hassle, but it works fine...



  • @rjcrowder:

    @pfSense2User:

    Tried every solution in those threads, and still no luck. Tried installing version 2.12.0.2, no luck.

    When I reinstalled the janky version of DansGuardian, the link to configure DG shows up, and when I click on it, the link makes like my facial hair and disappears.

    Please describe what you are doing if you want more specific help… I can confirm - because I've done it multiple times - that the following high-level steps work...

    1.) Install squid3
    2.) Install latest DG
    3.) Manually replace DG with the old 2.12.0.3 version from Marcello's repository
    4.) Manually overwrite the DG executable with the one from Marcello's repository (that fixes the web upload issue).
    5.) Manually fix the symbolic links for the content scanner config files
    6.) Reboot the box
    7.) Update the blacklist download URL
    8.) Download blacklists
    9.) Reboot the box
    10.) check that squid and DG started ok

    I've done this so many times that I have it all automated in an install script and I also just replace a version of the config.xml file with my pre-created DG settings... It's a hassle, but it works fine...

    How do I manually fix the symbolic links for the content scanner config files?  I did steps 1-4 with no problems, just stuck on Step 5.



  • See this post https://forum.pfsense.org/index.php?topic=75068.msg411253#msg411253

    Obviously… make sure you have the problem first. For me, the links did not exist.



  • Alright, I did repeat the steps after re-installing pfSense 2.1.0, did all of the steps, and DansGuardian still won't start, but Squid starts without issues.

    I ran the clamav-clamd, clamav-freshclam, and dansguardian script files and these are the errors I have:

    clamav-clamd

    
    Starting clamav_clamd.
    ERROR: Can't open /var/log/clamav/clamd.log in append mode (check permissions!).
    ERROR: Can't initialize the internal logger
    /usr/local/etc/rc.d/clamav-clamd: WARNING: failed to start clamav_clamd
    
    

    clamav-freshclam

    
    Starting clamav_freshclam.
    ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!).
    ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
    /usr/local/etc/rc.d/clamav-freshclam: WARNING: failed to start clamav_freshclam
    
    

    dansguardian

    
    Starting dansguardian.
    Error opening/creating log file. (check ownership and access rights).
    I am running as clamav and I am trying to open /var/log/dansguardian/access.log
    /usr/local/etc/rc.d/dansguardian: WARNING: failed to start dansguardian
    
    

    dansguardian.sh

    
    kern.ipc.somaxconn: 16384 -> 16384
    kern.maxfiles: 131072 -> 131072
    kern.maxfilesperproc: 104856 -> 104856
    kern.threads.max_threads_per_proc: 4096 -> 4096
    Starting dansguardian.
    Error opening/creating log file. (check ownership and access rights).
    I am running as clamav and I am trying to open /var/log/dansguardian/access.log
    /usr/local/etc/rc.d/dansguardian.sh: WARNING: failed to start dansguardian
    
    

    I used the following commands to check for the permissions for the user and group:

    
    [2.1-RELEASE][root@pfsense.loc]/var/log (21): ls -al
    drw-rw-rw-   2 clamav  clamav     512 Apr 28 17:19 clamav
    drw-rw-rw-   3 clamav  clamav     512 Apr 28 16:30 dansguardian
    [2.1-RELEASE][root@pfsense.loc]/var/log (22): ls -al dansguardian
    -rw-rw-rw-  1 clamav  clamav     0 Apr 28 16:29 access.log
    drwxr-xr-x  2 clamav  clamav   512 Apr 26 00:27 stats
    [2.1-RELEASE][root@pfsense.loc]/var/log(30): ls -al clamav
    -rw-rw-rw-  1 clamav  clamav     0 Apr 28 18:51 clamd.log
    -rw-rw-rw-  1 clamav  clamav     0 Apr 28 18:51 freshclam.log
    
    


  • Unfortunately I at out of town all week, so I can't look at my box. It doesn't seem right to me that clamav is the owner and group on the log directories though… Obviously there is either an incorrect owner/group or rights on those directories or files. Perhaps someone else could check their setup and post back?



  • @pfSense2User

    I think you need to enable 'execute' permissions on both the clamav and dansguardian directories. Try this:

    chmod u+x /var/log/clamav /var/log/dansguardian
    


  • @torsurfer:

    @pfSense2User

    I think you need to enable 'execute' permissions on both the clamav and dansguardian directories. Try this:

    chmod u+x /var/log/clamav /var/log/dansguardian
    

    I made a script to chmod the entire /var/log directory called perms.sh in the /usr/local/etc/rc.d folder:

    
    #!/bin/sh
    
    /bin/chmod -R 777 /var/log
    
    

    Then, I used the chmod +x perms.sh to make the file as an executable for everyone; lo and behold, it runs!

    Thank you kindly!