After updating to clamd rules published sometime tonight (CET) clamd is broken.
Starting Clam AntiVirus Daemon: LibClamAV Error: cli_load(): Can't open file /var/clamav/ASL-securiteinfo.hdb
LibClamAV Error: cli_loaddbdir(): error loading database /var/clamav/ASL-securiteinfo.hdb
ERROR: Can't open file or directory
Removing ASL-securiteinfo.hdb fixes the problem. But after running aum -uf the error is back and no mail is sent/recieved.
bug alert in latest ASL clamd rules
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: bug alert in latest ASL clamd rules
We're not able to reproduce this. So that tells us that theres either something wrong with the local systems filesystem (out of space, our of inodes, corrupt file system, something preventing the signature db from being copied in), something on the system is corrupting the update or clamd isnt configured to run as the right user. What version of ASL are you using?
And can you check your filesystem for space and inodes, as well as paste the ls -l on ASL-securiteinfo.hdb?
And can you check your filesystem for space and inodes, as well as paste the ls -l on ASL-securiteinfo.hdb?
Re: bug alert in latest ASL clamd rules
Filesystem looks ok:
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_server15-lv_root
119G 55G 58G 49% /
tmpfs 12G 12K 12G 1% /dev/shm
/dev/sda1 485M 112M 348M 25% /boot
/dev/mapper/vg_server15-lv_home
25G 1,2G 23G 5% /home
Inodes:
df -ih
Filesystem Inodes IUsed IFree IUse% Mounted on
/dev/mapper/vg_server15-lv_root
7,5M 732K 6,8M 10% /
tmpfs 3,0M 2 3,0M 1% /dev/shm
/dev/sda1 126K 52 125K 1% /boot
/dev/mapper/vg_server15-lv_home
1,6M 4,7K 1,6M 1% /home
md5sum /var/clamav/ASL-securiteinfo.hdb
fbdab70e14daa8c5fb842f3809cb0a8c /var/clamav/ASL-securiteinfo.hdb
ls -l /var/clamav/ASL-securiteinfo.hdb
-rw------- 1 root root 22979816 8 okt 17.18 /var/clamav/ASL-securiteinfo.hdb
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_server15-lv_root
119G 55G 58G 49% /
tmpfs 12G 12K 12G 1% /dev/shm
/dev/sda1 485M 112M 348M 25% /boot
/dev/mapper/vg_server15-lv_home
25G 1,2G 23G 5% /home
Inodes:
df -ih
Filesystem Inodes IUsed IFree IUse% Mounted on
/dev/mapper/vg_server15-lv_root
7,5M 732K 6,8M 10% /
tmpfs 3,0M 2 3,0M 1% /dev/shm
/dev/sda1 126K 52 125K 1% /boot
/dev/mapper/vg_server15-lv_home
1,6M 4,7K 1,6M 1% /home
md5sum /var/clamav/ASL-securiteinfo.hdb
fbdab70e14daa8c5fb842f3809cb0a8c /var/clamav/ASL-securiteinfo.hdb
ls -l /var/clamav/ASL-securiteinfo.hdb
-rw------- 1 root root 22979816 8 okt 17.18 /var/clamav/ASL-securiteinfo.hdb
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: bug alert in latest ASL clamd rules
What user is clamd configured to run as?
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
Re: bug alert in latest ASL clamd rules
It was setup to run as qscand...
Running asl -s -f changed it to root. After running aum -uf it now works. The problem, as faris stated the other day, is that qmail-scanner-reconfigure resets it to qscand.
This morning, CET, when the email wasn't working, I ran asl -s -f which didn't help. I then run qmail-scanner-reconfigure, this probably changed the user to scand, and aum -uf. qscand was then set as user in clamd.conf. Now it has been reset by another asl -s -f and it works. Strange thing it broke this night...
Running asl -s -f changed it to root. After running aum -uf it now works. The problem, as faris stated the other day, is that qmail-scanner-reconfigure resets it to qscand.
This morning, CET, when the email wasn't working, I ran asl -s -f which didn't help. I then run qmail-scanner-reconfigure, this probably changed the user to scand, and aum -uf. qscand was then set as user in clamd.conf. Now it has been reset by another asl -s -f and it works. Strange thing it broke this night...