Difference between revisions of "Clamav:freshclam update"
RayMitchell (talk | contribs) m (headings amended) |
|||
(32 intermediate revisions by 5 users not shown) | |||
Line 1: | Line 1: | ||
− | + | ==Method 1 - Freshclam update== | |
+ | |||
+ | === '''Problem''' === | ||
+ | On occasion there can be errors with clamav which can relate to the download of update files as shown below. In some instances, the admin account can be flooded by emails when clamav tries to update its database, this can occur several times a day. | ||
freshclam: Update failed | freshclam: Update failed | ||
Line 11: | Line 14: | ||
2013-03-02 22:58:52.561968500 Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check http://www.clamav.net/support/mirror-problem for possible reasons. | 2013-03-02 22:58:52.561968500 Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check http://www.clamav.net/support/mirror-problem for possible reasons. | ||
− | This is a workaround to | + | === '''Solution''' === |
+ | {{Tip box|msg= As a result of [[bugzilla:8107]] and [[bugzilla:8108]] a script to refresh clamav is now included in your SME Server}} | ||
+ | |||
+ | To run this script and refresh clamav, open a terminal (logged as root) and issue the following command: | ||
+ | /usr/bin/refreshclam | ||
+ | then press "enter" . The script will take a few minutes to complete. All steps will be displayed, ending up with the following WARNING : "Clamd was NOT notified : Can't connect to clamd through /var/clamav/clamd.socket connect(): No such file or directory. This warning can be ignored, it is expected as a number of processes were stopped during execution of the script. | ||
+ | |||
+ | '''All other scripts below are deprecated. They are here for documentation purposes only.''' | ||
+ | |||
+ | == Method 2 - Deprecated == | ||
+ | {{Note box|This method is deprecated. | ||
+ | Please use the Freshclam update default script ie refreshclam - see Freshclam update - https://wiki.contribs.org/Clamav:freshclam_update#Freshclam_update}} | ||
+ | |||
+ | See http://bugs.contribs.org/show_bug.cgi?id=7406#c32 for the source of this script, thanks chris. | ||
+ | |||
+ | Also check http://bugs.contribs.org/show_bug.cgi?id=8107 and http://bugs.contribs.org/show_bug.cgi?id=8108 | ||
+ | |||
+ | nano /usr/bin/refreshclam | ||
+ | paste this content. | ||
+ | #!/bin/bash | ||
+ | echo ---------------------- | ||
+ | echo Stop qpsmtpd/sqpsmtpd: | ||
+ | echo ---------------------- | ||
+ | /usr/local/bin/svc -d /service/qpsmtpd/ | ||
+ | /usr/local/bin/svc -d /service/sqpsmtpd/ | ||
+ | echo --------------------- | ||
+ | echo Stop freshclam/clamd: | ||
+ | echo --------------------- | ||
+ | /usr/local/bin/svc -d /service/freshclam/ | ||
+ | /usr/local/bin/svc -d /service/clamd/ | ||
+ | echo ------------------------ | ||
+ | echo Delete all clamav files: | ||
+ | echo ------------------------ | ||
+ | rm -f /var/clamav/* | ||
+ | echo ---------------------- | ||
+ | echo Update clamAV database | ||
+ | echo ---------------------- | ||
+ | echo | ||
+ | freshclam -v | ||
+ | echo ----------------------- | ||
+ | echo Restart freshclam/clamd | ||
+ | echo ----------------------- | ||
+ | /usr/local/bin/svc -u /service/freshclam/ | ||
+ | /usr/local/bin/svc -u /service/clamd/ | ||
+ | echo ------------------------ | ||
+ | echo Restart qpsmtpd/sqpsmtpd | ||
+ | echo ------------------------ | ||
+ | /usr/local/bin/svc -u /service/qpsmtpd/ | ||
+ | /usr/local/bin/svc -u /service/sqpsmtpd/ | ||
+ | echo -------------- | ||
+ | echo Check services | ||
+ | echo -------------- | ||
+ | echo | ||
+ | service clamd status | ||
+ | service freshclam status | ||
+ | service qpsmtpd status | ||
+ | service sqpsmtpd status | ||
+ | echo | ||
+ | echo ---------- | ||
+ | echo check logs | ||
+ | echo ---------- | ||
+ | echo | ||
+ | tail -25 /var/log/freshclam/current | tai64nlocal | ||
+ | echo | ||
+ | echo ----------------- | ||
+ | echo check directories | ||
+ | echo ----------------- | ||
+ | echo | ||
+ | ls -lah /var/clamav/ | ||
+ | echo | ||
+ | echo ----------------------------------------------------------------------------- | ||
+ | echo To check freshclam, start a new instance of the supervised freshclam service: | ||
+ | echo ----------------------------------------------------------------------------- | ||
+ | echo | ||
+ | sv t /service/freshclam | ||
+ | tail -5 /var/log/freshclam/current | tai64nlocal | ||
+ | |||
+ | save by ctrl+x | ||
+ | chmod +x /usr/bin/refreshclam | ||
+ | to launch the script | ||
+ | refreshclam | ||
+ | |||
+ | == Method 3 - Deprecated == | ||
+ | {{Note box|This method is deprecated. | ||
+ | Please use the Freshclam update default script ie refreshclam - see Freshclam update - https://wiki.contribs.org/Clamav:freshclam_update#Freshclam_update}} | ||
+ | |||
+ | {{Tip box|This is a workaround to create a new database solving the error condition of clamav. Use a root terminal to perform these commands.}} | ||
Shutdown clam so clamd.socket file is removed | Shutdown clam so clamd.socket file is removed | ||
Line 19: | Line 108: | ||
cd /var/clamav | cd /var/clamav | ||
− | Remove ALL files from folder to provide clean slate for update process | + | which showes just 5 files in the /var/clamav folder: |
+ | |||
+ | ls -la /var/clamav | ||
+ | -rw-r--r-- 1 clamav clamav 60125 Feb 17 12:11 bytecode.cvd | ||
+ | srw-rw-rw- 1 clamav clamav 0 Feb 24 14:27 clamd.socket | ||
+ | -rw-r--r-- 1 clamav clamav 52101120 Feb 24 11:46 daily.cld | ||
+ | -rw-r--r-- 1 clamav clamav 30750647 Oct 11 2011 main.cvd | ||
+ | -rw------- 1 clamav clamav 104 Feb 24 14:46 mirrors.dat | ||
+ | |||
+ | {{Warning box|if you have limited bandwidth or on a slow connection '''then don't delete''' main.cvd}} | ||
+ | |||
+ | Remove ALL files from folder to provide a clean slate for update process | ||
rm -f /var/clamav/* (you could skip the -f & confirm every file delete for safety) | rm -f /var/clamav/* (you could skip the -f & confirm every file delete for safety) | ||
Line 27: | Line 127: | ||
clamav-0.97.6-1.el5.rf | clamav-0.97.6-1.el5.rf | ||
− | Update clamav to latest version if required '''it will Not | + | Update clamav to latest version if required '''it will Not download clamav-db''' |
yum update clamav | yum update clamav | ||
Line 34: | Line 134: | ||
Update signatures | Update signatures | ||
− | freshclam -v (--no-dns can be used if just -v fails | + | freshclam -v (--no-dns can be used if just -v fails) |
− | + | Check output from freshclam to make sure update completes sucessfully. | |
Current working dir is /var/clamav | Current working dir is /var/clamav | ||
Line 51: | Line 151: | ||
bytecode.cvd version from DNS: 214 | bytecode.cvd version from DNS: 214 | ||
bytecode.cvd is up to date (version: 214, sigs: 41, f-level: 63, builder: neo) | bytecode.cvd is up to date (version: 214, sigs: 41, f-level: 63, builder: neo) | ||
+ | |||
+ | Finally & to be absolutely sure signal-event post-update; signal-event reboot, then go through the logs post reboot to make sure everything started correctly. This is not necessary for this procedure but doesn't hurt. | ||
+ | |||
+ | == Method 4 - Deprecated== | ||
+ | {{Note box|This method is deprecated. | ||
+ | Please use the Freshclam update default script ie refreshclam - see Freshclam update - https://wiki.contribs.org/Clamav:freshclam_update#Freshclam_update}} | ||
+ | |||
+ | This is another method that you can find in [[bugzilla:7406]] | ||
+ | |||
+ | ===The symptom=== | ||
+ | Freshclam update failed | ||
+ | 2013-02-25 08:53:52.875633500 ClamAV update process started at Mon Feb 25 08:53:52 2013 | ||
+ | 2013-02-25 08:53:52.876036500 main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven) | ||
+ | 2013-02-25 08:53:53.880007500 WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net | ||
+ | 2013-02-25 08:53:53.880742500 WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net | ||
+ | 2013-02-25 08:53:53.881457500 WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net | ||
+ | 2013-02-25 08:53:53.882180500 WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net | ||
+ | 2013-02-25 08:53:53.882920500 WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net | ||
+ | 2013-02-25 08:53:53.883667500 ERROR: getpatch: Can't download daily-16682.cdiff from database.clamav.net | ||
+ | 2013-02-25 08:53:53.914071500 WARNING: Incremental update failed, trying to download daily.cvd | ||
+ | 2013-02-25 08:53:53.914962500 ERROR: Can't download daily.cvd from database.clamav.net | ||
+ | 2013-02-25 08:53:53.915120500 Giving up on database.clamav.net... | ||
+ | 2013-02-25 08:53:53.915137500 Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check http://www.clamav.net/support/mirror-problem for possible reasons. | ||
+ | ===The howTO=== | ||
+ | *Stop qpsmtpd/sqpsmtpd: | ||
+ | /usr/local/bin/svc -d /service/qpsmtpd/ | ||
+ | /usr/local/bin/svc -d /service/sqpsmtpd/ | ||
+ | |||
+ | *Stop clamAV: | ||
+ | /usr/local/bin/svc -d /service/freshclam/ | ||
+ | /usr/local/bin/svc -d /service/clamd/ | ||
+ | |||
+ | *Delete all: | ||
+ | cd /var/clamav | ||
+ | rm -f /var/clamav/* | ||
+ | |||
+ | *Update clamAV database | ||
+ | freshclam -v | ||
− | + | *Restart qpsmtpd/sqpsmtpd & clamAV: | |
+ | /usr/local/bin/svc -u /service/freshclam/ | ||
+ | /usr/local/bin/svc -u /service/clamd/ | ||
+ | /usr/local/bin/svc -u /service/qpsmtpd/ | ||
+ | /usr/local/bin/svc -u /service/sqpsmtpd/ | ||
+ | |||
+ | ===Verify services === | ||
+ | |||
+ | *Check services | ||
+ | service clamd status | ||
+ | service freshclam status | ||
+ | service qpsmtpd status | ||
+ | service sqpsmtpd status | ||
+ | |||
+ | *Check logs | ||
+ | tail -25 /var/log/freshclam/current | tai64nlocal | ||
+ | |||
+ | *Check directories | ||
+ | ls -lah /var/clamav/ | ||
+ | |||
+ | |||
+ | *To check freshclam when services are running, start a new instance of the supervised freshclam service: | ||
+ | sv t /service/freshclam | ||
+ | tail -5 /var/log/freshclam/current | tai64nlocal | ||
+ | |||
+ | == Method 5 - Deprecated== | ||
+ | {{Note box|This method is deprecated. | ||
+ | Please use the Freshclam update default script ie refreshclam - see Freshclam update - https://wiki.contribs.org/Clamav:freshclam_update#Freshclam_update}} | ||
+ | |||
+ | ===a script to launch=== | ||
− | + | nano /root/clamav-update | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | + | past this content | |
+ | #!/bin/bash | ||
+ | |||
+ | service clamd stop | ||
+ | rm -f /var/clamav/mirrors.dat | ||
+ | rm -f /var/clamav/daily.cld | ||
+ | freshclam -v | ||
+ | service clamd start | ||
− | + | save it by ctrl+x | |
− | [[Category:Howto]] | + | chmod +x /root/clamav-update |
+ | If you want to launch it | ||
+ | /root/clamav-update | ||
+ | |||
+ | [[Category:Howto]] |
Latest revision as of 15:53, 10 January 2018
Method 1 - Freshclam update
Problem
On occasion there can be errors with clamav which can relate to the download of update files as shown below. In some instances, the admin account can be flooded by emails when clamav tries to update its database, this can occur several times a day.
freshclam: Update failed
2013-03-02 22:57:11.757539500 ClamAV update process started at Sat Mar 2 22:57:11 2013 2013-03-02 22:57:31.922779500 WARNING: Can't query current.cvd.clamav.net 2013-03-02 22:57:31.922783500 WARNING: Invalid DNS reply. Falling back to HTTP mode. 2013-03-02 22:57:31.923493500 Reading CVD header (main.cvd): ERROR: Can't get information about database.clamav.net: Temporary failure in name resolution 2013-03-02 22:58:52.561344500 WARNING: Can't read main.cvd header from database.clamav.net (IP: ) 2013-03-02 22:58:52.561855500 Giving up on database.clamav.net... 2013-03-02 22:58:52.561968500 Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check http://www.clamav.net/support/mirror-problem for possible reasons.
Solution
To run this script and refresh clamav, open a terminal (logged as root) and issue the following command:
/usr/bin/refreshclam
then press "enter" . The script will take a few minutes to complete. All steps will be displayed, ending up with the following WARNING : "Clamd was NOT notified : Can't connect to clamd through /var/clamav/clamd.socket connect(): No such file or directory. This warning can be ignored, it is expected as a number of processes were stopped during execution of the script.
All other scripts below are deprecated. They are here for documentation purposes only.
Method 2 - Deprecated
See http://bugs.contribs.org/show_bug.cgi?id=7406#c32 for the source of this script, thanks chris.
Also check http://bugs.contribs.org/show_bug.cgi?id=8107 and http://bugs.contribs.org/show_bug.cgi?id=8108
nano /usr/bin/refreshclam
paste this content.
#!/bin/bash echo ---------------------- echo Stop qpsmtpd/sqpsmtpd: echo ---------------------- /usr/local/bin/svc -d /service/qpsmtpd/ /usr/local/bin/svc -d /service/sqpsmtpd/ echo --------------------- echo Stop freshclam/clamd: echo --------------------- /usr/local/bin/svc -d /service/freshclam/ /usr/local/bin/svc -d /service/clamd/ echo ------------------------ echo Delete all clamav files: echo ------------------------ rm -f /var/clamav/* echo ---------------------- echo Update clamAV database echo ---------------------- echo freshclam -v echo ----------------------- echo Restart freshclam/clamd echo ----------------------- /usr/local/bin/svc -u /service/freshclam/ /usr/local/bin/svc -u /service/clamd/ echo ------------------------ echo Restart qpsmtpd/sqpsmtpd echo ------------------------ /usr/local/bin/svc -u /service/qpsmtpd/ /usr/local/bin/svc -u /service/sqpsmtpd/ echo -------------- echo Check services echo -------------- echo service clamd status service freshclam status service qpsmtpd status service sqpsmtpd status echo echo ---------- echo check logs echo ---------- echo tail -25 /var/log/freshclam/current | tai64nlocal echo echo ----------------- echo check directories echo ----------------- echo ls -lah /var/clamav/ echo echo ----------------------------------------------------------------------------- echo To check freshclam, start a new instance of the supervised freshclam service: echo ----------------------------------------------------------------------------- echo sv t /service/freshclam tail -5 /var/log/freshclam/current | tai64nlocal
save by ctrl+x
chmod +x /usr/bin/refreshclam
to launch the script
refreshclam
Method 3 - Deprecated
Shutdown clam so clamd.socket file is removed
service clamd stop
Navigate to clamav folder
cd /var/clamav
which showes just 5 files in the /var/clamav folder:
ls -la /var/clamav -rw-r--r-- 1 clamav clamav 60125 Feb 17 12:11 bytecode.cvd srw-rw-rw- 1 clamav clamav 0 Feb 24 14:27 clamd.socket -rw-r--r-- 1 clamav clamav 52101120 Feb 24 11:46 daily.cld -rw-r--r-- 1 clamav clamav 30750647 Oct 11 2011 main.cvd -rw------- 1 clamav clamav 104 Feb 24 14:46 mirrors.dat
Remove ALL files from folder to provide a clean slate for update process
rm -f /var/clamav/* (you could skip the -f & confirm every file delete for safety)
Current Clamav version is clamav-0.97.6
rpm -q clamav clamav-0.97.6-1.el5.rf
Update clamav to latest version if required it will Not download clamav-db
yum update clamav
Restart clamd
service clamd start
Update signatures
freshclam -v (--no-dns can be used if just -v fails)
Check output from freshclam to make sure update completes sucessfully.
Current working dir is /var/clamav Max retries == 6 ClamAV update process started at Sun Feb 24 15:14:02 2013 Using IPv6 aware code Querying current.cvd.clamav.net TTL: 900 Software version from DNS: 0.97.6 main.cvd version from DNS: 54 main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven) daily.cvd version from DNS: 16731 daily.cld is up to date (version: 16731, sigs: 829102, f-level: 63, builder: guitar) bytecode.cvd version from DNS: 214 bytecode.cvd is up to date (version: 214, sigs: 41, f-level: 63, builder: neo)
Finally & to be absolutely sure signal-event post-update; signal-event reboot, then go through the logs post reboot to make sure everything started correctly. This is not necessary for this procedure but doesn't hurt.
Method 4 - Deprecated
This is another method that you can find in bugzilla:7406
The symptom
Freshclam update failed 2013-02-25 08:53:52.875633500 ClamAV update process started at Mon Feb 25 08:53:52 2013 2013-02-25 08:53:52.876036500 main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven) 2013-02-25 08:53:53.880007500 WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net 2013-02-25 08:53:53.880742500 WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net 2013-02-25 08:53:53.881457500 WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net 2013-02-25 08:53:53.882180500 WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net 2013-02-25 08:53:53.882920500 WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net 2013-02-25 08:53:53.883667500 ERROR: getpatch: Can't download daily-16682.cdiff from database.clamav.net 2013-02-25 08:53:53.914071500 WARNING: Incremental update failed, trying to download daily.cvd 2013-02-25 08:53:53.914962500 ERROR: Can't download daily.cvd from database.clamav.net 2013-02-25 08:53:53.915120500 Giving up on database.clamav.net... 2013-02-25 08:53:53.915137500 Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check http://www.clamav.net/support/mirror-problem for possible reasons.
The howTO
- Stop qpsmtpd/sqpsmtpd:
/usr/local/bin/svc -d /service/qpsmtpd/ /usr/local/bin/svc -d /service/sqpsmtpd/
- Stop clamAV:
/usr/local/bin/svc -d /service/freshclam/ /usr/local/bin/svc -d /service/clamd/
- Delete all:
cd /var/clamav rm -f /var/clamav/*
- Update clamAV database
freshclam -v
- Restart qpsmtpd/sqpsmtpd & clamAV:
/usr/local/bin/svc -u /service/freshclam/ /usr/local/bin/svc -u /service/clamd/ /usr/local/bin/svc -u /service/qpsmtpd/ /usr/local/bin/svc -u /service/sqpsmtpd/
Verify services
- Check services
service clamd status service freshclam status service qpsmtpd status service sqpsmtpd status
- Check logs
tail -25 /var/log/freshclam/current | tai64nlocal
- Check directories
ls -lah /var/clamav/
- To check freshclam when services are running, start a new instance of the supervised freshclam service:
sv t /service/freshclam tail -5 /var/log/freshclam/current | tai64nlocal
Method 5 - Deprecated
a script to launch
nano /root/clamav-update
past this content
#!/bin/bash service clamd stop rm -f /var/clamav/mirrors.dat rm -f /var/clamav/daily.cld freshclam -v service clamd start
save it by ctrl+x
chmod +x /root/clamav-update
If you want to launch it
/root/clamav-update