Every time CentOS has an update for ClamAV I have problems with it. It usually takes me 3-4 days to sort it out - not desirable - but this time (on CentOS 6) I don't seem to be able to get it right. It's been almost two weeks now without a valid update. Here are some of the symptoms:
Error messages such as
No updates detected in the log for the freshclam daemon (the ClamAV update process). If the freshclam daemon is not running, you may need to restart it.
LibClamAV Warning: ************************************************** LibClamAV Warning: *** The virus database is older than 7 days! *** LibClamAV Warning: *** Please update it as soon as possible. *** LibClamAV Warning: **************************************************
[root@borg2 ~]# freshclam ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!). ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
/etc/cron.daily/freshclam:
ERROR: Can't create temporary directory /var/lib/clamav/clamav-8759a1379e6d384daf0b0501402a5769 ERROR: Can't create temporary directory /var/lib/clamav/clamav-7547ad2e1fa170c8b059a8dea6dd9ce9
[root@borg2 ~]# rpm -qi clamav Name : clamav Relocations: (not relocatable) Version : 0.97.3 Vendor: Fedora Project
cat clamd.log Sun Jan 8 14:52:16 2012 -> SelfCheck: Database status OK. Sun Jan 8 15:01:33 2012 -> ERROR: Can't unlink the pid file /var/run/clamav/clamd.pid Sun Jan 8 15:01:33 2012 -> --- Stopped at Sun Jan 8 15:01:33 2012 Sun Jan 8 15:01:33 2012 -> ERROR: Can't unlink the socket file /var/run/clamav/clamd.sock
I found that "LogFileUnlock yes" was commented out in clamd.conf and corrected that, but that doesn't seem to address these two issues.
ls -ld /var/lib/clamav drwxr-xr-x 2 clam clam 4096 Jan 10 09:43 /var/lib/clamav
SELinux is disabled.
I also got the message (which I've seen in earlier updated versions) about duplicate databases - i.e. /var/lib/clamav contained pairs of files, daily.cld and daily.cvd, main.cld and main.cvd. I checked datestampes and renamed the older one of the pair. That error message hasn't surfaced since then.
The last version ran as clamav and all the relevant files were owned clamav:clamav. According to clamd.conf it is now running as clam, and so I changed the ownership of all necessary (so far as I know) files and directories to clam:clam.
Any ideas? I'm getting pretty desperate now.
Anne
On 14/01/12 17:09, Kevin Kofler wrote:
Anne Wilson wrote:
Every time CentOS has an update for ClamAV I have problems with it.
This has absolutely nothing to do with Fedora nor KDE and is totally off topic here. Please ask on a CentOS or EPEL mailing list.
How can a Fedora package have nothing whatsoever to do with Fedora?
Anne
On Sat, 2012-01-14 at 17:31 +0000, Anne Wilson wrote:
On 14/01/12 17:09, Kevin Kofler wrote:
Anne Wilson wrote:
Every time CentOS has an update for ClamAV I have problems with it.
This has absolutely nothing to do with Fedora nor KDE and is totally off topic here. Please ask on a CentOS or EPEL mailing list.
How can a Fedora package have nothing whatsoever to do with Fedora?
Anne, your post was totally about using Clamav on CentOS, which is not Fedora. I don't know if CentOS has a different Clamav package from the Fedora one, but that might be the place to start.
poc
On 14/01/12 17:41, Patrick O'Callaghan wrote:
On Sat, 2012-01-14 at 17:31 +0000, Anne Wilson wrote:
On 14/01/12 17:09, Kevin Kofler wrote:
Anne Wilson wrote:
Every time CentOS has an update for ClamAV I have problems with it.
This has absolutely nothing to do with Fedora nor KDE and is totally off topic here. Please ask on a CentOS or EPEL mailing list.
How can a Fedora package have nothing whatsoever to do with Fedora?
Anne, your post was totally about using Clamav on CentOS, which is not Fedora. I don't know if CentOS has a different Clamav package from the Fedora one, but that might be the place to start.
Patrick, as I explained, it is indeed a Fedora package. It seemed reasonable, then, that someone connected with Fedora might know the expected structure and ownership issues, and be able to give me a pointer. As you can see from the original message, I've not taken the lazy route.
Anne
Anne Wilson wrote:
Patrick, as I explained, it is indeed a Fedora package.
It is an EPEL package: https://fedoraproject.org/wiki/EPEL
Kevin Kofler
On 14/01/12 17:41, Patrick O'Callaghan wrote:
On Sat, 2012-01-14 at 17:31 +0000, Anne Wilson wrote:
On 14/01/12 17:09, Kevin Kofler wrote:
Anne Wilson wrote:
Every time CentOS has an update for ClamAV I have problems with it.
This has absolutely nothing to do with Fedora nor KDE and is totally off topic here. Please ask on a CentOS or EPEL mailing list.
How can a Fedora package have nothing whatsoever to do with Fedora?
Anne, your post was totally about using Clamav on CentOS, which is not Fedora. I don't know if CentOS has a different Clamav package from the Fedora one, but that might be the place to start.
Since "rpm -qi" said it originated from Fedora, I had assumed it was a Fedora package. Apparently things are not as simple as that.
Anyway, in case someone turns this up in the archives - the problem is solved. I had been advised to change my repo priorities, and doing so had resulted in a mixture of packages from epel and rpmforge. Once that was recognised the situation could be resolved.
Anne
Anne Wilson wrote:
Anyway, in case someone turns this up in the archives - the problem is solved. I had been advised to change my repo priorities, and doing so had resulted in a mixture of packages from epel and rpmforge. Once that was recognised the situation could be resolved.
How does one change repo priorities, as a matter of interest? I thought yum just installed the latest version of a package, regardless of which repo it is in.
Incidentally, I get many (too many) messages about Clamav every day in my logwatch, eg today --------------------- clam-update Begin ------------------------
Last ClamAV update process started at Mon Jan 2 04:02:09 2012
Last Status: main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven) daily.cld is up to date (version: 14222, sigs: 59336, f-level: 63, builder: guitar) bytecode.cld is up to date (version: 159, sigs: 38, f-level: 63, builder: edwin) [LibClamAV] Detected duplicate databases /var/lib/clamav/main.cvd and /var/lib/clamav/main.cld, please manually remove one of them
---------------------- clam-update End -------------------------
Some programs seem to feel they have to tell you how they are doing! Well, I suppose I should remove one of those databases ...
Hallo Anne
(Again personal direct as the list may be not appropriate).
Are you really sure you have disabled SE-Linux?
Check which user the clamd proces is running at (ps aux | grep clamd) and if this is the same as the owner of the named folders.
I use clamAV with CentOS 5 and ScientificLinux 6 without any problem (EPEL and rpmforge package). Why don't you use one of this package lists?
Regards Martin
Am 14.01.2012 17:58, schrieb Anne Wilson:
Every time CentOS has an update for ClamAV I have problems with it. It usually takes me 3-4 days to sort it out - not desirable - but this time (on CentOS 6) I don't seem to be able to get it right. It's been almost two weeks now without a valid update. Here are some of the symptoms:
Error messages such as
No updates detected in the log for the freshclam daemon (the ClamAV update process). If the freshclam daemon is not running, you may need to restart it.
LibClamAV Warning: ************************************************** LibClamAV Warning: *** The virus database is older than 7 days! *** LibClamAV Warning: *** Please update it as soon as possible. *** LibClamAV Warning: **************************************************
[root@borg2 ~]# freshclam ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!). ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
/etc/cron.daily/freshclam:
ERROR: Can't create temporary directory /var/lib/clamav/clamav-8759a1379e6d384daf0b0501402a5769 ERROR: Can't create temporary directory /var/lib/clamav/clamav-7547ad2e1fa170c8b059a8dea6dd9ce9
[root@borg2 ~]# rpm -qi clamav Name : clamav Relocations: (not relocatable) Version : 0.97.3 Vendor: Fedora Project
cat clamd.log Sun Jan 8 14:52:16 2012 -> SelfCheck: Database status OK. Sun Jan 8 15:01:33 2012 -> ERROR: Can't unlink the pid file /var/run/clamav/clamd.pid Sun Jan 8 15:01:33 2012 -> --- Stopped at Sun Jan 8 15:01:33 2012 Sun Jan 8 15:01:33 2012 -> ERROR: Can't unlink the socket file /var/run/clamav/clamd.sock
I found that "LogFileUnlock yes" was commented out in clamd.conf and corrected that, but that doesn't seem to address these two issues.
ls -ld /var/lib/clamav drwxr-xr-x 2 clam clam 4096 Jan 10 09:43 /var/lib/clamav
SELinux is disabled.
I also got the message (which I've seen in earlier updated versions) about duplicate databases - i.e. /var/lib/clamav contained pairs of files, daily.cld and daily.cvd, main.cld and main.cvd. I checked datestampes and renamed the older one of the pair. That error message hasn't surfaced since then.
The last version ran as clamav and all the relevant files were owned clamav:clamav. According to clamd.conf it is now running as clam, and so I changed the ownership of all necessary (so far as I know) files and directories to clam:clam.
Any ideas? I'm getting pretty desperate now.
Anne
kde mailing list kde@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/kde New to KDE4? - get help from http://userbase.kde.org
On 01/14/2012 05:58 PM, Martin (KDE) wrote:
Hallo Anne
(Again personal direct as the list may be not appropriate).
Are you really sure you have disabled SE-Linux?
Check which user the clamd proces is running at (ps aux | grep clamd) and if this is the same as the owner of the named folders.
I use clamAV with CentOS 5 and ScientificLinux 6 without any problem (EPEL and rpmforge package). Why don't you use one of this package lists?
Regards Martin
And I have been using the builds from ATrpms, for CentOS 5 and SL 6, and Fedoras maybe since RH 6.2, without problems. dl.atrpms.net
John P
On 14/01/12 21:36, John Pilkington wrote:
On 01/14/2012 05:58 PM, Martin (KDE) wrote:
Hallo Anne
(Again personal direct as the list may be not appropriate).
Are you really sure you have disabled SE-Linux?
Check which user the clamd proces is running at (ps aux | grep clamd) and if this is the same as the owner of the named folders.
I use clamAV with CentOS 5 and ScientificLinux 6 without any problem (EPEL and rpmforge package). Why don't you use one of this package lists?
Regards Martin
And I have been using the builds from ATrpms, for CentOS 5 and SL 6, and Fedoras maybe since RH 6.2, without problems. dl.atrpms.net
It looks as thought the problem could be related to changes I made recently to priorities. I'll test the theory today.
Anne
-
Anne Wilson -
John Pilkington -
Kevin Kofler -
Martin (KDE) -
Patrick O'Callaghan -
Timothy Murphy