Anti-virus scanning on uploads

Zenario can scan uploaded files for viruses, using the ClamaV open source free anti-virus tool.

Administrators can upload Document content items, and folder-based Documents, and in certain site configurations extranet users may do this too; so virus scanning is critical for good security.

sudo apt update
sudo apt install clamav clamav-base clamav-daemon clamav-freshclam

Ensure ClamAV is not blocked by Apparmor, so edit /etc/apparmor.d/local/usr.sbin.clamd

sudo vim /etc/apparmor.d/local/usr.sbin.clamd

and add the lines:

  /var/www/clients/ r,
  /var/www/clients/** r,
  /var/www/zenario-source/ r,
  /var/www/zenario-source/** r,
  /tmp/ r,
  /tmp/** r,

Edit /etc/apparmor.d/usr.sbin.clamd

sudo vim /etc/apparmor.d/usr.sbin.clamd

and ensure it contains the line:

  capability chown,

Edit /etc/apparmor.d/usr.sbin.clamd

vim /etc/apparmor.d/usr.sbin.clamd

and uncomment the line:

  include <local/usr.sbin.clamd>

Then restart Apparmor and ClamAV:

sudo service apparmor restart
sudo service clamav-daemon start
sudo service clamav-freshclam start

When starting the clamav programs you may find the CPU is busy, as it updates its database of virus signatures.

Now enable virus scanning in Zenario. Go to your Organizer, Configuration and locate the "Other server programs" setting. 

You should select the path to clamdscan as per your installation, and click Test. Follow instructions to fix any errors.