Page 1 of 1

How to reinstall clamav?

Posted: Fri Jul 10, 2015 7:17 pm
by benz1
My clamd kept failing so my host reinstalled clamav but then got permission errors:

/etc/cron.hourly/freshclam:
ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!).

I then found the following on the ASL Wiki:
clamav
ASL will install clamav on your system with the latest version of clamav, and will manage clamav for you. ASL is not supported with third party sources for clamav. Do not install clamav from third party sources.
If you have any third party software of this nature installed, and have issues using or installing ASL, you will need to uninstall this third party software or disable these features in those products.

The host has now uninstalled clamav but how do I reinstall clamav via ASL?

Thanks,
Benz1

Re: How to reinstall clamav?

Posted: Fri Jul 10, 2015 7:33 pm
by mikeshinn
yum -y reinstall clamav clamd clamav-db

Re: How to reinstall clamav?

Posted: Fri Jul 10, 2015 7:37 pm
by benz1
Thanks for the fast reply. Will pass this onto my host, presumably they will know what to do with it (I assume it's just an SSH command)?

Thanks,
Benz1

Re: How to reinstall clamav?

Posted: Sat Jul 11, 2015 12:19 pm
by mikeshinn
That is a shell command they would need to run as the root user.

Re: How to reinstall clamav?

Posted: Sat Jul 11, 2015 6:57 pm
by benz1
Thanks, my host have successfully reinstalled clamav.

Looking through the ASL prerequisites I see there is other software that should not be installed from third part sources:
OSSEC
rkhunter
modsecurity
ConfigServer
third party firewall management tools, such as CSF, APF, Parallels Firewall tools, the iptables service, firewalld, and any other firewall management tools

Is there any way of telling if this software has been installed via ASL or independently? Since moving to a new server a few months ago I have had ongoing issues with rkhunter, receiving warning notifications every day. I suspect this may be due to it having been installed after ASL. If I remove rkhunter is there another shell command to reinstall it via ASL?

Thanks.

Re: How to reinstall clamav?

Posted: Mon Jul 13, 2015 9:19 am
by scott
You can use the rpm -qi <packagename> command to identify the source of an RPM installation. IE:

rpm -qi ossec-hids

and that will indicate the packager:

Packager : Atomicorp <support@atomicorp.com>

Re: How to reinstall clamav?

Posted: Tue Jul 14, 2015 4:56 am
by benz1
Thanks, I ran rpm -qi rkhunter. Packager is Scott R. Shinn <scott@atomicrocketturtle.com> but the Build Host is loggerhead.atomicorp.com. Does this mean it was installed via ASL or independently? If the latter, is there a shell command to reinstall it via ASL?

Thanks.

Re: How to reinstall clamav?

Posted: Wed Jul 15, 2015 5:01 pm
by scott
Yup, there sure is:

yum reinstall <packagename>

Re: How to reinstall clamav?

Posted: Thu Jul 16, 2015 6:30 am
by benz1
Thanks but can you please confirm if based on the above info, rkhunter needs to be reinstalled via ASL?

Thanks.

Re: How to reinstall clamav?

Posted: Fri Jul 17, 2015 2:17 pm
by CRServers
I just found out that we have the Interworx version of Clamav installed (clamav.x86_64 3:0.98.4-100.rhe6x.iworx)

We want to install ASL version instead.
When trying to "yum erase clamav.x86_64 3:0.98.4-100.rhe6x.iworx" to uninstall it, it asks for erasing a bunch of dependencies which are important to Interworx.

How can I swap to the ASL version of ClamAV without breaking Interworx CP ?

Thanks for all your help.

Rodrigo

Re: How to reinstall clamav?

Posted: Fri Jul 24, 2015 9:40 am
by scott
Only way I can think of to do that is to remove their packages with rpm --nodeps flag.