Clamav:freshclam update
Sometime you can have clamav errors who ask to download some files as below, The admin account can receive a lot of emails when clamav try to update its database.
2013-03-02 22:57:11.757539500 ClamAV update process started at Sat Mar 2 22:57:11 2013 2013-03-02 22:57:31.922779500 WARNING: Can't query current.cvd.clamav.net 2013-03-02 22:57:31.922783500 WARNING: Invalid DNS reply. Falling back to HTTP mode. 2013-03-02 22:57:31.923493500 Reading CVD header (main.cvd): ERROR: Can't get information about database.clamav.net: Temporary failure in name resolution 2013-03-02 22:58:52.561344500 WARNING: Can't read main.cvd header from database.clamav.net (IP: ) 2013-03-02 22:58:52.561855500 Giving up on database.clamav.net... 2013-03-02 22:58:52.561968500 Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check http://www.clamav.net/support/mirror-problem for possible reasons.
This is a workaround to have a new database without complaints of clamav. use a root terminal to perform these commands.
Shutdown clam so clamd.socket file is removed
service clamd stop
Navigate to clamav folder
cd /var/clamav
Remove ALL files from folder to provide clean slate for update process
rm -f /var/clamav/* (you could skip the -f & confirm every file delete for safety)
Current Clamav version is clamav-0.97.6
rpm -q clamav clamav-0.97.6-1.el5.rf
Update clamav to latest version if required it will Not downloading clamav-db
yum update clamav
Restart clamd
service clamd start
Update signatures
freshclam -v (--no-dns can be used if just -v fails tho I haven't struck this issue)
Check output from freshclam to make sure update completes sucessfully.
Current working dir is /var/clamav Max retries == 6 ClamAV update process started at Sun Feb 24 15:14:02 2013 Using IPv6 aware code Querying current.cvd.clamav.net TTL: 900 Software version from DNS: 0.97.6 main.cvd version from DNS: 54 main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven) daily.cvd version from DNS: 16731 daily.cld is up to date (version: 16731, sigs: 829102, f-level: 63, builder: guitar) bytecode.cvd version from DNS: 214 bytecode.cvd is up to date (version: 214, sigs: 41, f-level: 63, builder: neo)
which showed as just 5 files in the /var/clamav folder:
ls -la /var/clamav -rw-r--r-- 1 clamav clamav 60125 Feb 17 12:11 bytecode.cvd srw-rw-rw- 1 clamav clamav 0 Feb 24 14:27 clamd.socket -rw-r--r-- 1 clamav clamav 52101120 Feb 24 11:46 daily.cld -rw-r--r-- 1 clamav clamav 30750647 Oct 11 2011 main.cvd -rw------- 1 clamav clamav 104 Feb 24 14:46 mirrors.dat
For completeness & to be absolutely sure signal-event post-update; signal-event reboot, then go through the logs post reboot to make sure everything started correctly. This is not necessary for this procedure but doesn't hurt.