[CentOS] Clamd issues on Centos 6.10

Jay Hart jhart at kevla.org
Sun Jul 15 02:39:07 UTC 2018 

Libraries: do they look ok????

[root at centos clamav]# ldd $(which freshclam)
	linux-gate.so.1 =>  (0x00529000)
	libclamav.so.7 => /usr/lib/libclamav.so.7 (0x00bc5000)
	libxml2.so.2 => /usr/lib/libxml2.so.2 (0x00124000)
	libbz2.so.1 => /lib/libbz2.so.1 (0x04906000)
	libssl.so.10 => /usr/lib/libssl.so.10 (0x047fa000)
	libcrypto.so.10 => /usr/lib/libcrypto.so.10 (0x03d52000)
	libjson-c.so.2 => /lib/libjson-c.so.2 (0x03d42000)
	libpcre.so.0 => /lib/libpcre.so.0 (0x00736000)
	libm.so.6 => /lib/libm.so.6 (0x00270000)
	libclammspack.so.0 => /usr/lib/libclammspack.so.0 (0x00900000)
	libdl.so.2 => /lib/libdl.so.2 (0x007ad000)
	libz.so.1 => /lib/libz.so.1 (0x00574000)
	libresolv.so.2 => /lib/libresolv.so.2 (0x00422000)
	libpthread.so.0 => /lib/libpthread.so.0 (0x005f6000)
	libc.so.6 => /lib/libc.so.6 (0x00916000)
	libgssapi_krb5.so.2 => /lib/libgssapi_krb5.so.2 (0x0466b000)
	libkrb5.so.3 => /lib/libkrb5.so.3 (0x0454b000)
	libcom_err.so.2 => /lib/libcom_err.so.2 (0x00ed2000)
	libk5crypto.so.3 => /lib/libk5crypto.so.3 (0x044f5000)
	/lib/ld-linux.so.2 (0x8001b000)
	libkrb5support.so.0 => /lib/libkrb5support.so.0 (0x0033d000)
	libkeyutils.so.1 => /lib/libkeyutils.so.1 (0x00337000)
	libselinux.so.1 => /lib/libselinux.so.1 (0x0058a000)

> I fixed the country code issue but that did not resolve the problem.
>
> I also removed all files in /var/lib/clamav and reran freshclam (without rebooting), that also did
> not fix the problem.
>
> Jay
>
>> Am 15.07.2018 um 00:13 schrieb Jay Hart:
>>> ClamAV update process started at Sat Jul 14 15:10:48 2018
>>> Using IPv6 aware code
>>> Querying current.cvd.clamav.net
>>> TTL: 1232
>>> Software version from DNS: 0.100.1
>>> WARNING: Your ClamAV installation is OUTDATED!
>>> WARNING: Local version: 0.100.0 Recommended version: 0.100.1
>>> DON'T PANIC! Readhttps://www.clamav.net/documents/upgrading-clamav  Retrieving
>>> http://db.local.clamav.net/main.cvd
>>> Trying to downloadhttp://db.local.clamav.net/main.cvd  (IP: 104.16.189.138)
>>> Downloading main.cvd
>>> [100%]
>>> WARNING: [LibClamAV] cli_cvdload: Corrupted CVD header
>>> ERROR: Verification: Malformed database
>>> Querying main.0.91.0.0.6810BD8A.ping.clamav.net
>>> Giving up on db.local.clamav.net...
>>> Update failed. Your network may be down or none of the mirrors listed in
>>> /etc/freshclam.conf is
>>> working. Checkhttps://www.clamav.net/documents/official-mirror-faq  for possible
>>> reasons.
>>> ----END Freshclam -v command-----
>>>
>>> My 0.100.0 version is currently supported, so I know that is not the issue. I tried deleting
>>> the
>>> mirrors,dat file and re-running freshclam (did not reboot the box between file deletion and
>>> command line execution), no effect...
>>>
>>> Also, I have the default mirror location in freshclam.conf, which seems to be fine considering
>>> its
>>> been like this for years. I tried to locate the 'country code' paramater but gave that up after
>>> I
>>> got a headache looking over the documentation.  I don't think its relevant to this issue
>>> anyway.
>>>
>>> I'm stuck on how to fix this. Nothing on the web shows what resolution is, nor how to fix it.
>>>
>>> Seems like I can get and receive emails, but I have no idea if they are being properly scanned.
>>>
>>> Thanks in advance,
>>>
>>> Jay
>>
>> The main.cvd you are downloading looks to be corrupted.
>>
>> No such issue here. I have set in /etc/freshclam.conf
>>
>> DatabaseMirror db.nl.clamav.net
>>
>> # freshclam -v
>> Current working dir is /var/lib/clamav
>> Max retries == 3
>> ClamAV update process started at Sun Jul 15 01:39:31 2018
>> Using IPv6 aware code
>> Querying current.cvd.clamav.net
>> TTL: 143
>> Software version from DNS: 0.100.1
>> WARNING: Your ClamAV installation is OUTDATED!
>> WARNING: Local version: 0.100.0 Recommended version: 0.100.1
>> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
>> main.cvd version from DNS: 58
>> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60,
>> builder: sigmgr)
>> daily.cvd version from DNS: 24753
>> Retrieving http://db.nl.clamav.net/daily-24751.cdiff
>> Trying to download http://db.nl.clamav.net/daily-24751.cdiff (IP:
>> 2400:cb00:2048:1::6810:b98a)
>> Downloading daily-24751.cdiff [100%]
>> cdiff_apply: Parsed 289 lines and executed 289 commands
>> Retrieving http://db.nl.clamav.net/daily-24752.cdiff
>> Trying to download http://db.nl.clamav.net/daily-24752.cdiff (IP:
>> 2400:cb00:2048:1::6810:b98a)
>> Downloading daily-24752.cdiff [100%]
>> cdiff_apply: Parsed 264 lines and executed 264 commands
>> Retrieving http://db.nl.clamav.net/daily-24753.cdiff
>> Trying to download http://db.nl.clamav.net/daily-24753.cdiff (IP:
>> 2400:cb00:2048:1::6810:b98a)
>> Downloading daily-24753.cdiff [100%]
>> cdiff_apply: Parsed 264 lines and executed 264 commands
>> Loading signatures from daily.cld
>> Properly loaded 2013647 signatures from new daily.cld
>> daily.cld updated (version: 24753, sigs: 2013647, f-level: 63, builder: neo)
>> Querying daily.24753.91.1.0.2400cb0020480001000000006810b98a.ping.clamav.net
>> bytecode.cvd version from DNS: 324
>> bytecode.cld is up to date (version: 324, sigs: 89, f-level: 63,
>> builder: neo)
>> Database updated (6579985 signatures) from db.nl.clamav.net (IP:
>> 2400:cb00:2048:1::6810:b98a)
>>
>> Alexander
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
>
>
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>

More information about the CentOS mailing list