[CentOS] new clamav update miss 'clamav' user/group creation/update

Mon Jul 3 09:04:18 UTC 2006
J.J.Garcia <stigmatedbrain at gmail.com>

Hi folks,

Just updating clamav 'bundle' from old 'clamav-server' (i think the just
previous) and i noticed that the 'clamav' user/group for this pkg is not created
by default by the rpm pkg.

At the same time, the /var/log/clamav is not updated/created with clamav.clamav
ownership,

Don't know if it is my actual config (previous one untouched anyway), but this
is what i did to get it up and running in a CentOs 4.3 host

Thanks for your ideas

Jose

--------

[root at sparkbox ~]# yum update
<...>

Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Package clamav.i386 0:0.88.3-1.el4.rf set to be updated
---> Package clamav-db.i386 0:0.88.3-1.el4.rf set to be updated
---> Package clamd.i386 0:0.88.3-1.el4.rf set to be updated
--> Running transaction check

Dependencies Resolved

=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Installing:
 clamav                  i386       0.88.3-1.el4.rf  rpmforge          724 k
     replacing  clamav-lib.i386 0.88.2-2.el4.kb

 clamav-db               i386       0.88.3-1.el4.rf  rpmforge          5.1 M
     replacing  clamav-update.i386 0.88.2-2.el4.kb

 clamd                   i386       0.88.3-1.el4.rf  rpmforge           64 k
     replacing  clamav-server.i386 0.88.2-2.el4.kb


Transaction Summary
=============================================================================
Install      3 Package(s)
Update       0 Package(s)
Remove       0 Package(s)
Total download size: 5.9 M
Is this ok [y/N]: y
Downloading Packages:
(1/3): clamav-0.88.3-1.el 100% |=========================| 724 kB    00:01
(2/3): clamav-db-0.88.3-1 100% |=========================| 5.1 MB    00:11
(3/3): clamd-0.88.3-1.el4 100% |=========================|  64 kB    00:00
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing: clamav-db                    ######################### [1/8]
  Installing: clamav
[2/8]warning: /etc/freshclam.conf created as /etc/freshclam.conf.rpmnew
  Installing: clamav                       ######################### [2/8]
  Installing: clamd                        ######################### [3/8]
  Cleanup   : clamav                       ######################### [4/8]
  Removing  : clamav-lib                   ######################### [5/8]
warning: /etc/sysconfig/freshclam saved as /etc/sysconfig/freshclam.rpmsave
warning: /etc/cron.d/clamav-update saved as /etc/cron.d/clamav-update.rpmsave
  Removing  : clamav-update                ######################### [6/8]
warning: /var/lib/clamav/main.cvd saved as /var/lib/clamav/main.cvd.rpmsave
warning: /var/lib/clamav/daily.cvd saved as /var/lib/clamav/daily.cvd.rpmsave
  Removing  : clamav-data                  ######################### [7/8]
  Removing  : clamav-server                ######################### [8/8]

Installed: clamav.i386 0:0.88.3-1.el4.rf clamav-db.i386 0:0.88.3-1.el4.rf
clamd.i386 0:0.88.3-1.el4.rf
Replaced: clamav-data.i386 0:0.88.2-2.el4.kb clamav-lib.i386 0:0.88.2-2.el4.kb
clamav-server.i386 0:0.88.2-2.el4.kb clamav-update.i386 0:0.88.2-2.el4.kb
Complete!


[root at sparkbox ~]# service clamd start
Starting Clam AntiVirus Daemon: ERROR: Can't get information about user clamav.

[FALLÓ]
[root at sparkbox ~]# cp /etc/freshclam.conf /etc/freshclam.conf.old
[root at sparkbox ~]# cp /etc/freshclam.conf.rpmnew /etc/freshclam.conf
cp: ¿sobreescribir «/etc/freshclam.conf»? (s/n) s
[root at sparkbox ~]# groupadd clamav
[root at sparkbox ~]# useradd -g clamav -s /sbin/nologin -c "Clam AntiVirus" clamav
[root at sparkbox ~]# service clamd start
Starting Clam AntiVirus Daemon:                                                [
 OK  ]

[root at smarteyebox yum.repos.d]# freshclam -v
ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!).
ERROR: Problem with internal logger.

[root at sparkbox ~]# l /var/log/clamav/
drwxr-xr-x   2      104      105 4,0K jul  3 10:32 clamav/
<...>

[root at sparkbox ~]# chown -R clamav.clamav /var/log/clamav/

[root at sparkbox ~]# freshclam -v
Current working dir is /var/clamav
Max retries == 3
ClamAV update process started at Mon Jul  3 10:47:04 2006
Querying current.cvd.clamav.net
TTL: 103
Software version from DNS: 0.88.3
main.cvd version from DNS: 39
main.cvd is up to date (version: 39, sigs: 58116, f-level: 8, builder: tkojm)
daily.cvd version from DNS: 1579
daily.cvd is up to date (version: 1579, sigs: 2627, f-level: 8, builder: sven)
Freeing option list...done


[root at sparkbox ~]# clamscan
/root/.xauthv1YQ7D: OK
/root/.rpmmacros: OK
/root/.festival_history: OK
/root/.bash_history: OK
/root/.xauthyIE3tF: OK
/root/.gtkrc-1.2-gnome2: OK
/root/.xauthrr5vmv: OK
/root/.bash_profile: OK
<...>
----------- SCAN SUMMARY -----------
Known viruses: 60743
Engine version: 0.88.3
Scanned directories: 1
Scanned files: 54
Infected files: 0
Data scanned: 0.18 MB
Time: 2.030 sec (0 m 2 s)


[sm0ketst at sparkbox ~]$ clamscan
/home/sm0ketst/.signature.tag: OK
/home/sm0ketst/.rpmmacros: OK
/home/sm0ketst/soundconverter.log: OK
<...>