Clamav:freshclam update

From SME Server
Revision as of 15:53, 10 January 2018 by RayMitchell (talk | contribs) (headings amended)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Method 1 - Freshclam update


On occasion there can be errors with clamav which can relate to the download of update files as shown below. In some instances, the admin account can be flooded by emails when clamav tries to update its database, this can occur several times a day.

freshclam: Update failed
2013-03-02 22:57:11.757539500 ClamAV update process started at Sat Mar  2 22:57:11 2013
2013-03-02 22:57:31.922779500 WARNING: Can't query
2013-03-02 22:57:31.922783500 WARNING: Invalid DNS reply. Falling back to HTTP mode.
2013-03-02 22:57:31.923493500 Reading CVD header (main.cvd): ERROR: Can't get information about Temporary failure in name resolution
2013-03-02 22:58:52.561344500 WARNING: Can't read main.cvd header from (IP: )
2013-03-02 22:58:52.561855500 Giving up on
2013-03-02 22:58:52.561968500 Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check for possible reasons.


As a result of bugzilla:8107 and bugzilla:8108 a script to refresh clamav is now included in your SME Server

To run this script and refresh clamav, open a terminal (logged as root) and issue the following command:


then press "enter" . The script will take a few minutes to complete. All steps will be displayed, ending up with the following WARNING : "Clamd was NOT notified : Can't connect to clamd through /var/clamav/clamd.socket connect(): No such file or directory. This warning can be ignored, it is expected as a number of processes were stopped during execution of the script.

All other scripts below are deprecated. They are here for documentation purposes only.

Method 2 - Deprecated

This method is deprecated.

Please use the Freshclam update default script ie refreshclam - see Freshclam update -

See for the source of this script, thanks chris.

Also check and

nano /usr/bin/refreshclam

paste this content.

echo ----------------------
echo Stop qpsmtpd/sqpsmtpd:
echo ----------------------
/usr/local/bin/svc -d /service/qpsmtpd/ 
/usr/local/bin/svc -d /service/sqpsmtpd/
echo ---------------------
echo Stop freshclam/clamd:
echo ---------------------
/usr/local/bin/svc -d /service/freshclam/ 
/usr/local/bin/svc -d /service/clamd/ 
echo ------------------------
echo Delete all clamav files:
echo ------------------------
rm -f /var/clamav/*
echo ----------------------
echo Update clamAV database
echo ----------------------
freshclam -v
echo -----------------------
echo Restart freshclam/clamd
echo -----------------------
/usr/local/bin/svc -u /service/freshclam/ 
/usr/local/bin/svc -u /service/clamd/ 
echo ------------------------
echo Restart qpsmtpd/sqpsmtpd
echo ------------------------
/usr/local/bin/svc -u /service/qpsmtpd/ 
/usr/local/bin/svc -u /service/sqpsmtpd/ 
echo --------------
echo Check services
echo --------------
service clamd status
service freshclam status
service qpsmtpd status
service sqpsmtpd status
echo ----------
echo check logs
echo ----------
tail -25 /var/log/freshclam/current | tai64nlocal 
echo -----------------
echo check directories
echo -----------------
ls -lah /var/clamav/
echo -----------------------------------------------------------------------------
echo To check freshclam, start a new instance of the supervised freshclam service:
echo -----------------------------------------------------------------------------
sv t /service/freshclam
tail -5 /var/log/freshclam/current | tai64nlocal

save by ctrl+x

chmod +x /usr/bin/refreshclam

to launch the script


Method 3 - Deprecated

This method is deprecated.

Please use the Freshclam update default script ie refreshclam - see Freshclam update -

This is a workaround to create a new database solving the error condition of clamav. Use a root terminal to perform these commands.

Shutdown clam so clamd.socket file is removed

service clamd stop

Navigate to clamav folder

cd /var/clamav

which showes just 5 files in the /var/clamav folder:

ls -la /var/clamav
-rw-r--r--  1 clamav clamav    60125 Feb 17 12:11 bytecode.cvd
srw-rw-rw-  1 clamav clamav        0 Feb 24 14:27 clamd.socket
-rw-r--r--  1 clamav clamav 52101120 Feb 24 11:46 daily.cld
-rw-r--r--  1 clamav clamav 30750647 Oct 11  2011 main.cvd
-rw-------  1 clamav clamav      104 Feb 24 14:46 mirrors.dat

if you have limited bandwidth or on a slow connection then don't delete main.cvd

Remove ALL files from folder to provide a clean slate for update process

rm -f /var/clamav/* (you could skip the -f & confirm every file delete for safety)

Current Clamav version is clamav-0.97.6

rpm -q clamav


Update clamav to latest version if required it will Not download clamav-db

yum update clamav

Restart clamd

service clamd start

Update signatures

freshclam -v (--no-dns can be used if just -v fails)

Check output from freshclam to make sure update completes sucessfully.

Current working dir is /var/clamav
Max retries == 6
ClamAV update process started at Sun Feb 24 15:14:02 2013
Using IPv6 aware code
TTL: 900
Software version from DNS: 0.97.6
main.cvd version from DNS: 54
main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)
daily.cvd version from DNS: 16731
daily.cld is up to date (version: 16731, sigs: 829102, f-level: 63, builder: guitar)
bytecode.cvd version from DNS: 214
bytecode.cvd is up to date (version: 214, sigs: 41, f-level: 63, builder: neo)

Finally & to be absolutely sure signal-event post-update; signal-event reboot, then go through the logs post reboot to make sure everything started correctly. This is not necessary for this procedure but doesn't hurt.

Method 4 - Deprecated

This method is deprecated.

Please use the Freshclam update default script ie refreshclam - see Freshclam update -

This is another method that you can find in bugzilla:7406

The symptom

Freshclam update failed
2013-02-25 08:53:52.875633500 ClamAV update process started at Mon Feb 25 08:53:52 2013
2013-02-25 08:53:52.876036500 main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60, builder: sven)
2013-02-25 08:53:53.880007500 WARNING: getpatch: Can't download daily-16682.cdiff from
2013-02-25 08:53:53.880742500 WARNING: getpatch: Can't download daily-16682.cdiff from
2013-02-25 08:53:53.881457500 WARNING: getpatch: Can't download daily-16682.cdiff from
2013-02-25 08:53:53.882180500 WARNING: getpatch: Can't download daily-16682.cdiff from
2013-02-25 08:53:53.882920500 WARNING: getpatch: Can't download daily-16682.cdiff from
2013-02-25 08:53:53.883667500 ERROR: getpatch: Can't download daily-16682.cdiff from
2013-02-25 08:53:53.914071500 WARNING: Incremental update failed, trying to download daily.cvd
2013-02-25 08:53:53.914962500 ERROR: Can't download daily.cvd from
2013-02-25 08:53:53.915120500 Giving up on
2013-02-25 08:53:53.915137500 Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check for possible reasons.

The howTO

  • Stop qpsmtpd/sqpsmtpd:
/usr/local/bin/svc -d /service/qpsmtpd/ 
/usr/local/bin/svc -d /service/sqpsmtpd/
  • Stop clamAV:
/usr/local/bin/svc -d /service/freshclam/ 
/usr/local/bin/svc -d /service/clamd/ 
  • Delete all:
cd /var/clamav
rm -f /var/clamav/*
  • Update clamAV database
freshclam -v

  • Restart qpsmtpd/sqpsmtpd & clamAV:
/usr/local/bin/svc -u /service/freshclam/ 
/usr/local/bin/svc -u /service/clamd/ 
/usr/local/bin/svc -u /service/qpsmtpd/ 
/usr/local/bin/svc -u /service/sqpsmtpd/

Verify services

  • Check services
service clamd status
service freshclam status
service qpsmtpd status
service sqpsmtpd status
  • Check logs
tail -25 /var/log/freshclam/current | tai64nlocal 
  • Check directories
ls -lah /var/clamav/

  • To check freshclam when services are running, start a new instance of the supervised freshclam service:
sv t /service/freshclam
tail -5 /var/log/freshclam/current | tai64nlocal

Method 5 - Deprecated

This method is deprecated.

Please use the Freshclam update default script ie refreshclam - see Freshclam update -

a script to launch

nano /root/clamav-update

past this content


service clamd stop
rm -f /var/clamav/mirrors.dat
rm -f /var/clamav/daily.cld
freshclam -v
service clamd start

save it by ctrl+x

chmod +x /root/clamav-update

If you want to launch it
