Skip to main content

Imunify360 PermissionError (Python Traceback)

Comments

3 comments

  • Oleksandr Parubochyi

    Hi,

    First, make sure user-initiated scans are permitted: https://docs.imunifyav.com/faq_and_known_issues/#how-to-enable-disable-the-start-scanning-button-for-imunifyav-av

    This will make the "Start scanning" button appear in end-user Imunify UI as per https://docs.imunifyav.com/imunifyav/#files-2 

    P.S. From the logs I can see you are using ImunifyAV

    0
  • saifcoder

    @... Thank you for your response, we are interested in CLI, can we scan a file using non root user? I saw you links and I did as root : 

    # imunify-antivirus config update '{"PERMISSIONS": {"allow_malware_scan": true}}'

    Output

    {'ADMIN_CONTACTS': {'emails': []}, 'AUTO_WHITELIST': {'after_unblock_timeout': 1440, 'timeout': 1440}, 'BACKUP_RESTORE': {'cl_backup_allowed': True, 'cl_on_premise_backup_allowed': False, 'max_days_in_backup': 90}, 'BLOCKED_PORTS': {'default_mode': 'allowed'}, 'CAPTCHA': {'cert_refresh_timeout': 3600}, 'CAPTCHA_DOS': {'enabled': True, 'max_count': 100, 'time_frame': 21600, 'timeout': 864000}, 'CSF_INTEGRATION': {'catch_lfd_events': False}, 'DOS': {'default_limit': 250, 'enabled': False, 'interval': 30, 'port_limits': {}}, 'ERROR_REPORTING': {'enable': True}, 'FIREWALL': {'TCP_IN_IPv4': ['20', '21', '22', '25', '53', '80', '110', '143', '443', '465', '587', '993', '995', '2077-2080', '2082-2083', '2086-2087', '2095', '2096'], 'TCP_OUT_IPv4': ['20', '21', '22', '25', '37', '43', '53', '80', '110', '113', '443', '587', '873', '993', '995', '2073', '2086-2087', '2089', '2195', '2703', '6277', '24441'], 'UDP_IN_IPv4': ['20', '21', '53', '443'], 'UDP_OUT_IPv4': ['20', '21', '53', '113', '123', '873', '6277', '24441'], 'port_blocking_mode': 'ALLOW'}, 'INCIDENT_LOGGING': {'limit': 100000, 'min_log_level': 4, 'num_days': 100, 'ui_autorefresh_timeout': 10}, 'KERNELCARE': {'edf': False}, 'LOGGER': {'backup_count': 5, 'max_log_file_size': 62914560}, 'MALWARE_CLEANUP': {'keep_original_files_days': 14, 'trim_file_instead_of_removal': True}, 'MALWARE_SCANNING': {'cloud_assisted_scan': True, 'default_action': 'notify', 'detect_elf': True, 'enable_scan_inotify': False, 'enable_scan_modsec': True, 'enable_scan_pure_ftpd': True, 'max_cloudscan_size_to_scan': 10485760, 'max_mrs_upload_file': 10485760, 'max_signature_size_to_scan': 1048576, 'notify_on_detect': False, 'optimize_realtime_scan': True, 'rapid_scan': True, 'rapid_scan_rescan_unchanging_files_frequency': None, 'scan_modified_files': None, 'sends_file_for_analysis': True, 'try_restore_from_backup_first': False}, 'MALWARE_SCAN_INTENSITY': {'cpu': 2, 'io': 2, 'ram': 2048, 'user_scan_cpu': 2, 'user_scan_io': 2, 'user_scan_ram': 1024}, 'MALWARE_SCAN_SCHEDULE': {'day_of_month': 8, 'day_of_week': 0, 'hour': 3, 'interval': 'month'}, 'MOD_SEC': {'app_specific_ruleset': True, 'cms_account_compromise_prevention': False, 'prev_settings': '', 'ruleset': 'FULL'}, 'MOD_SEC_BLOCK_BY_CUSTOM_RULE': {'33332': {'check_period': 120, 'max_incidents': 10}, '33339': {'check_period': 120, 'max_incidents': 10}}, 'MOD_SEC_BLOCK_BY_SEVERITY': {'check_period': 120, 'denied_num_limit': 2, 'enable': True, 'max_incidents': 2, 'severity_limit': 2}, 'NETWORK_INTERFACE': {'eth6_device': None, 'eth_device': None, 'eth_device_skip': []}, 'OSSEC': {'active_response': False}, 'PAM': {'enable': False, 'exim_dovecot_protection': False, 'ftp_protection': False}, 'PERMISSIONS': {'advisor': True, 'allow_malware_scan': True, 'support_form': True, 'upgrade_button': True, 'user_ignore_list': True}, 'PROACTIVE_DEFENCE': {'blamer': True, 'mode': 'LOG', 'php_immunity': False}, 'RESOURCE_MANAGEMENT': {'cpu_limit': 2, 'io_limit': 2, 'ram_limit': 500}, 'SEND_ADDITIONAL_DATA': {'enable': True}, 'SMTP_BLOCKING': {'allow_groups': ['mail'], 'allow_local': False, 'allow_users': [], 'enable': False, 'ports': [25, 587, 465], 'redirect': False}, 'STOP_MANAGING': {'modsec_directives': False}, 'WEBSHIELD': {'captcha_secret_key': '', 'captcha_site_key': '', 'enable': True, 'known_proxies_support': True, 'splash_screen': False}, 'WEB_SERVICES': {'http_ports': [], 'https_ports': []}}

    Thank you

    0
  • Oleksandr Parubochyi

    Hi,

    Unfortunately, regular (end) users do not have access to the command line (execution of the binary file) and therefore cannot use it.

    0

Please sign in to leave a comment.