Hi Anne, I have many servers running clamav, simply use the dag repos http://dag.wieers.com/rpm/ and install it via yum "yum install clamav clamd" then run freshclam, thats it. I presume your configuration is not properly done.
On Friday 20 June 2008 06:13, Martin Garcia wrote:
Hi Anne, I have many servers running clamav, simply use the dag repos http://dag.wieers.com/rpm/ and install it via yum "yum install clamav clamd" then run freshclam, thats it. I presume your configuration is not properly done.
It turned out to be not exactly a clamav problem, but a clamtk problem. I am using Dag's package, and logwatch has been telling me that everything is updating. The problem showed up when I tried the context menu scan of a file, which clamtk provides. I contacted the clamtk developer who has been very helpful. This morning I have confirmed to him that the problem is fixed.
For the sake of the archives, this is what he said: <quote> Ok, so it dawned on me what the problem likely is... ClamAV has several methods for signatures it uses: daily.info folder, daily and main.cvd, daily and main.cld. So, I'm thinking you have more than one of those in your signatures directory.
If you open up a terminal window and type "ls /var/clamav" (without quotes of course), I'm betting you'll see a variety of files and/or directories in there. If you're up for it, as root type rm /var/clamav/* -rf which will remove all the signatures. Don't worry, you'll get them back in the next step. As root, type freshclam -v And that will download all the necessary signatures again.
The problem I have is there are a variety of ways the linux distros package ClamAV, and I have to decide which ones to gather the information from... I thought I had it right, but your email is making me reconsider. :) </quote>
I do wonder if something changed in clamav since I first installed it. I remember that an update installed, and I did, for a couple of days, get a message that the database could not be notified of updated signatures. I can't remember how that one got resolved. Perhaps /var/clamav was left with an old version and a new version of the database, and was reading the old one.
Anne
On Friday 20 June 2008 09:45:16 Anne Wilson wrote:
On Friday 20 June 2008 06:13, Martin Garcia wrote:
Hi Anne, I have many servers running clamav, simply use the dag repos http://dag.wieers.com/rpm/ and install it via yum "yum install clamav clamd" then run freshclam, thats it. I presume your configuration is not properly done.
It turned out to be not exactly a clamav problem, but a clamtk problem. I am using Dag's package, and logwatch has been telling me that everything is updating. The problem showed up when I tried the context menu scan of a file, which clamtk provides. I contacted the clamtk developer who has been very helpful. This morning I have confirmed to him that the problem is fixed.
For the sake of the archives, this is what he said:
<quote> Ok, so it dawned on me what the problem likely is... ClamAV has several methods for signatures it uses: daily.info folder, daily and main.cvd, daily and main.cld. So, I'm thinking you have more than one of those in your signatures directory.
If you open up a terminal window and type "ls /var/clamav" (without quotes of course), I'm betting you'll see a variety of files and/or directories in there. If you're up for it, as root type rm /var/clamav/* -rf which will remove all the signatures. Don't worry, you'll get them back in the next step. As root, type freshclam -v And that will download all the necessary signatures again.
The problem I have is there are a variety of ways the linux distros package ClamAV, and I have to decide which ones to gather the information from... I thought I had it right, but your email is making me reconsider. :)
</quote>
I do wonder if something changed in clamav since I first installed it. I remember that an update installed, and I did, for a couple of days, get a message that the database could not be notified of updated signatures. I can't remember how that one got resolved. Perhaps /var/clamav was left with an old version and a new version of the database, and was reading the old one.
This morning I wanted to make a change in the server's BIOS, so I had to reboot, and hit problems. Bootup got to 'self-checking in 1800 seconds' and appeared to hang there. I did leave it for some considerable time, but it didn't move on. Eventually I used ssh to kill clamd and the boot continued.
I will be away from home for several days, so I need to get this sorted. I presume that it is a mis-configuration somewhere that's causing it. Can someone please advise me what to look for? Thanks
Anne
-
Anne Wilson -
Martin Garcia