ClamAV 0.93.1 is out

Forum for getting help with Project Gamera, Spamassassin, Clamav, qmail-scanner and other anti-spam tools.
breun
Long Time Forum Regular
Long Time Forum Regular
Posts: 2813
Joined: Sat Aug 20, 2005 9:30 am
Location: The Netherlands

ClamAV 0.93.1 is out

Unread post by breun »

The subject says it all.
Lemonbit Internet Dedicated Server Management
breun
Long Time Forum Regular
Long Time Forum Regular
Posts: 2813
Joined: Sat Aug 20, 2005 9:30 am
Location: The Netherlands

Unread post by breun »

I updated a box to ClamAV 0.93.1, but noticed freshclam didn't work afterwards. I had to chown -R qscand:qscand /var/clamav.
Lemonbit Internet Dedicated Server Management
Galactic Zero
Forum Regular
Forum Regular
Posts: 471
Joined: Mon Dec 06, 2004 10:43 pm

Unread post by Galactic Zero »

and you got the RPM's from??? I looked at Dag's stuff and am not sure that Scott is still using those and I didn't see that version in atomic testing.

Thanks.
Franklyn Halamka
Still learning my way around Linux Security.
http://www.galacticzero.net
breun
Long Time Forum Regular
Long Time Forum Regular
Posts: 2813
Joined: Sat Aug 20, 2005 9:30 am
Location: The Netherlands

Unread post by breun »

From the ASL yum channel.
Lemonbit Internet Dedicated Server Management
Kalimari
Forum Regular
Forum Regular
Posts: 526
Joined: Wed Jan 02, 2008 3:21 pm
Location: United Kingdom

Unread post by Kalimari »

I normally have to do the following (on RHEL4) after running an update to clamav:

1. Ensure any new .conf files are included (back up old versions first):

Code: Select all

mv /etc/freshclam.conf /etc/freshclam.conf.bak
mv /etc/clamd.conf /etc/clamd.conf.bak
mv /etc/logrotate.d/clamav /etc/logrotate.d/clamav.bak (check for existence of clamav.rpmnew first)

mv /etc/freshclam.conf.rpmnew /etc/freshclam.conf
mv /etc/clamd.conf.rpmnew /etc/clamd.conf
mv /etc/logrotate.d/clamav.rpmnew /etc/logrotate.d/clamav (see above note)
2. Check for correct user in conf:

Code: Select all

vi /etc/clamd.conf
User qscand

vi /etc/freshclam.conf
DatabaseOwner qscand
3. Ensure system user matches:

Code: Select all

chown -R qscand:qscand /var/clamav
chown -R qscand:qscand /var/log/clamav
chown -R qscand:qscand /var/run/clamav
4. Update system to use new settings:

Code: Select all

/etc/init.d/clamd restart
5. Run freshclam to pull in db updates and ensure all settings are correct (it'll throw warnings if not):

Code: Select all

freshclam
6. Ensure qmail-scanner pulls in changes:

Code: Select all

qmail-scanner-reconfigure
7. If all OK, remove old files (keep system tidy ;-) ):

Code: Select all

rm /etc/freshclam.conf.bak
rm /etc/clamd.conf.bak
rm /etc/logrotate.d/clamav.bak (see above note)
This is a useful command to run and watch for a while after an update (just to ensure all is well):

Code: Select all

tail -f /usr/local/psa/var/log/maillog /var/spool/qscan/qmail-queue.log /var/spool/qscan/quarantine.log /var/log/clamav/clamd.log /var/log/clamav/freshclam.log
Hopefully this'll help others with problems after a clamav update...
Last edited by Kalimari on Thu Aug 28, 2008 9:18 am, edited 1 time in total.
breun
Long Time Forum Regular
Long Time Forum Regular
Posts: 2813
Joined: Sat Aug 20, 2005 9:30 am
Location: The Netherlands

Unread post by breun »

I know the way to fix these things, but I report them here so the rpms can be fixed to take care of these things themselves.
Lemonbit Internet Dedicated Server Management
Kalimari
Forum Regular
Forum Regular
Posts: 526
Joined: Wed Jan 02, 2008 3:21 pm
Location: United Kingdom

Unread post by Kalimari »

I have reported them here also... In the mean time this is what I do to get clam updates running quickly!
faris
Long Time Forum Regular
Long Time Forum Regular
Posts: 2321
Joined: Thu Dec 09, 2004 11:19 am

Unread post by faris »

I've just checked a default install and the default user/database owner always seems to be clamav

But that works for me ... e.g. the log file is owned by clamav:clamav.

I have seen things go wrong when upgrading from one version to another -- only a few days ago in fact.

I cured the problem by brute force by removing clamav and clamd using yum then re-installing.

This resulted in the log file being clamav:clamav again but it was and is working, as is freshclam.

But now I know where to look for which user clamav and freshclam needs those files to be be owned by I'm a lot happier and less mystified. Thanks Kalamari!

Faris.
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
modom46
Forum Regular
Forum Regular
Posts: 259
Joined: Mon May 22, 2006 9:52 pm

Unread post by modom46 »

I normally have to do the following (on RHEL4) after running an update to clamav:
Thanks Kalimari! This helped me a lot!
stormlord
Forum User
Forum User
Posts: 22
Joined: Sun Mar 23, 2008 12:54 pm

Unread post by stormlord »

yess thanks , its work perfect.
Post Reply