kindlyops / lambda-clamav-layer Goto Github PK
View Code? Open in Web Editor NEWan AWS Lambda Layer with clamav binaries
License: Apache License 2.0
an AWS Lambda Layer with clamav binaries
License: Apache License 2.0
we used your build to create lambda clamav layer, this layer works well when using runtime python 3.7.
However, AWS recently retired runtime python3.7.
when using runtime 3.8/3.9/3.10/3.11, I am receiving the following errors when calling freshclam.
the error is:
/opt/bin/freshclam: error while loading shared libraries: libidn.so.11: cannot open shared object file: No such file or directory
I called in an aws support for this, they have confirmed that this is a compatibility issue with runtime, the layer needs to be rebuild for newer version of runtime. Please advise if there is a new build.sh we should use for the newer version of runtime of python.
Thank you.
Hi,
I was integrating the Version 0.7.0 (ZIP file ~23MB) as a layer into my lambda function. Unfortunately the lambda function is now exceeding the overall allowed size of (250MB).
I figured that the zip file from version 0.4.0 is only 3.7M.
Seems that there has been added a lot since version 0.4.0. The question is, does clamscan need all of the libraries?
I hope my question makes sense.
Thanks a million!
http://mirror.centos.org/centos/7/os/x86_64/Packages/glibc-2.17-307.el7.1.x86_64.rpm is dead
i replaced it with https://linuxsoft.cern.ch/cern/centos/7/updates/x86_64/Packages/Packages/glibc-2.17-307.el7.1.x86_64.rpm
suggesting local rpm files being added through docker build as a replacement to the curls
It looks like clamscan
is working as expected but freshclam
is complaining about glibc library versions
To reproduce it, run ./dockerbuild.sh
and then run the following command
Note: I'm exporting LD_LIBRARY_PATH
in order to link the libraries that have been downloaded
docker run --rm -ti \
-v $(pwd)/build:/opt/app \
amazonlinux:2 \
sh -c "export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/app/lib && /opt/app/bin/freshclam"
it will output the following
/opt/app/bin/freshclam: /opt/app/lib/libc.so.6: version `GLIBC_2.18' not found (required by /usr/lib64/libstdc++.so.6)
/opt/app/bin/freshclam: /opt/app/lib/libc.so.6: version `GLIBC_2.26' not found (required by /usr/lib64/libp11-kit.so.0)
/opt/app/bin/freshclam: /opt/app/lib/libc.so.6: version `GLIBC_2.25' not found (required by /usr/lib64/libcrypt.so.1)
I've tried to revert to the previous exact version of glibc
before my PR but it still failing (cc @sethsacher)
When trying to build this, yumdownloader
is not able to find any of the packages:
57 packages excluded due to repository priority protections
No Match for argument clamav
No Match for argument clamav-lib
No Match for argument clamav-update
No Match for argument json-c
No Match for argument pcre2
No Match for argument libxml2
No Match for argument bzip2-libs
No Match for argument libtool-ltdl
No Match for argument xz-libs
No Match for argument libprelude
No Match for argument gnutls
No Match for argument nettle
No Match for argument libcurl
No Match for argument libnghttp2
No Match for argument libidn2
No Match for argument libssh2
No Match for argument openldap
No Match for argument libffi
No Match for argument krb5-libs
No Match for argument keyutils-libs
No Match for argument libunistring
No Match for argument cyrus-sasl-lib
No Match for argument nss
No Match for argument nspr
No Match for argument libselinux
No Match for argument openssl-libs
No Match for argument libcrypt
Nothing to download
Any thoughts?
Hello All...
We have an error while trying to call fresh clam from a lambda function. The error is shown below.
/var/task/bin/freshclam: relocation error: /var/task/bin/freshclam: symbol print_version, version FRESHCLAM_PRIVATE not defined in file libfreshclam.so.2 with link time reference
Thank you,
Ahmed Shalan
{
"errorMessage": "Error: Runtime exited with error: signal: segmentation fault (core dumped)",
"errorType": "Runtime.ExitError"
}
Node: 12.18.3
I know I'm hitting the binary itself -- however it's throwing an immediate core dump fault when it gets there. I've increased memory for the lambda itself to max and timeout.
Any thoughts?
I notice when a layer is installed the folder structure is /opt/ then whatever files are in the layer so in this case clamscan is in /opt/bin/clamscan.
However when i run the virus scan via an aws lambda is throws and error not with reading the file that could potentially be infected but by being unable to find its own directory in /var/lib/clamav - can you offer any guidance.
I would very much appreciate it.
The most recent tagged release includes ClamAV v101, which is incompatible with the latest virus definition files picked up by freshclam. I ran the build script and created a new layer with the resulting ClamAV v102 package , but I'm running into a series of dependency issues (libprelude, libcurl, and libssh2 are a few of them). Requesting an updated version of the script to build a valid ClamAV v102 package.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.