Clamav 0.91.2-2.vm.el5 Outdated??

15 posts / 0 new
Last post
#1 Tue, 12/18/2007 - 03:33
otis

Clamav 0.91.2-2.vm.el5 Outdated??

My logs contain the following warning: WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.91.2 Recommended version: 0.92 DON'T PANIC! Read http://www.clamav.net/support/faq

Since this is a reference to a virtualmin package, I wonder if you plan to update the package?

Thu, 12/20/2007 - 07:28
elabmexico

Today I did a yum update to my CentOS5/Virtualmin 3.50 Pro server and it updated clamav to 0.92.

Now if I try to enable virus scanning though clamdscan (which was working before the update), it does not work!

First I was getting an error because libclamav.so.2 is not present, so I created a symlink to libclamav.so.3, which is present. But still no luck.

When I try to enable clamdscan, I get the following:

The selected virus scanning command does not work : No virus report produced - perhaps this is not a ClamAV program?

Any clues?

Thu, 12/20/2007 - 09:19 (Reply to #2)
Joe
Joe's picture

Hmm...Working on it.

--

Check out the forum guidelines!

Thu, 12/20/2007 - 14:05 (Reply to #3)
Joe
Joe's picture

Try restarting the clamd service (it may be called clamd-virtualmin, or it could be clamd-clamdscan, depending on how you got the service setup to start with). Whatever you have in /etc/init.d for clamd should be restarted.

--

Check out the forum guidelines!

Sat, 12/22/2007 - 04:35 (Reply to #4)
siteomatic

Now updating clamav ..

Installing package(s) with command yum -y install clamav ..

Loading "installonlyn" plugin
Setting up Install Process
Setting up repositories
Reading repository metadata in from local files
Parsing package install arguments
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Package clamav.i386 0:0.92-1.vm.el5 set to be updated
--> Running transaction check
--> Processing Dependency: clamav-lib = 0.92-1.vm.el5 for package: clamav
--> Processing Conflict: clamav-filesystem conflicts clamav > 0.91.2-2.vm.el5
--> Processing Dependency: libclamav.so.3 for package: clamav
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Package clamav-filesystem.i386 0:0.92-1.vm.el5 set to be updated
---> Package clamav-lib.i386 0:0.92-1.vm.el5 set to be updated
--> Running transaction check
--> Processing Dependency: clamav-filesystem = 0.91.2-2.vm.el5 for package: clamav-data
--> Processing Dependency: clamav-filesystem = 0.91.2-2.vm.el5 for package: clamav-server
--> Processing Dependency: clamav-lib = 0.91.2-2.vm.el5 for package: clamav-server
--> Processing Dependency: libclamav.so.2 for package: clamav-update
--> Processing Dependency: libclamav.so.2 for package: clamav-server
--> Processing Dependency: clamav-filesystem = 0.91.2-2.vm.el5 for package: clamav-update
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Package clamd.i386 0:0.92-1.el5.rf set to be updated
---> Package clamav-db.i386 0:0.92-1.el5.rf set to be updated
--> Running transaction check
--> Processing Dependency: clamav-server = 0.91.2-2.vm.el5 for package: clamav-server-sysv
--> Processing Dependency: data(clamav) for package: clamav-lib
--> Processing Dependency: data(clamav) for package: clamav
--> Processing Dependency: clamav = 0.92-1.el5.rf for package: clamd
--> Processing Dependency: /usr/bin/freshclam for package: virtualmin-base
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Package clamav-data.i386 0:0.92-1.vm.el5 set to be updated
--> Running transaction check
--> Processing Dependency: clamav-server = 0.91.2-2.vm.el5 for package: clamav-server-sysv
--> Processing Dependency: clamav = 0.92-1.el5.rf for package: clamd
--> Processing Dependency: /usr/bin/freshclam for package: virtualmin-base
--> Finished Dependency Resolution

.. install failed!

Webmin version 1.380
Virtualmin version 3.50 (Pro)

CentOS Linux 5.1
Perl version 5.008008
Postfix version 2.3.3
BIND version 9.3.3
Apache version 2.2.3
PHP version 5
Webalizer version 2.01-10
Logrotate version 3.7.4
MySQL version 5.0.22
PostgreSQL version 8.1.9
ProFTPd version 1.31
SpamAssasssin version 3.2.3
ClamAV version 0.91.2

Thu, 12/20/2007 - 19:12
elabmexico

Joe,

I have tried restarting it in many ways. The file in /etc/init.d/ is a symlink file called clamd-wraper that points to /usr/share/clamav/clamd-wrapper

The restart seems to work, but when I login to virtualmin to change my settings it appears as disabled. When I click on 'Enable ClamAV Server' I get the following:

Configuring and enabling the ClamAV scanning server ..

---
Creating ClamAV configuration file /etc/clamd.d/virtualmin.conf ..
.. done

Fixing ClamAV bootup action /etc/rc.d/init.d/clamd-wrapper ..
.. already done

Starting ClamAV server and enabling at boot ..
.. done

.. all done
---

But when I go back to the previous page, the button still says 'Enable...'.

If I check the status through SSH, I get:

clamd.virtualmin dead but subsys locked

Thanks for your help!

Alonso

Fri, 12/21/2007 - 10:41 (Reply to #6)
Joe
Joe's picture

Howdy Alonso,

OK, clamd-wrapper is useless on its own (and I'm thinking that file needs to live somewhere other than /etc/init.d, but that's where the Fedora guys put it...but I think it's a violation of packaging policy). The generated clamd.virtualmin is the service you need to restart. What happens if you restart it with:

service clamd.virtualmin restart

?

--

Check out the forum guidelines!

Fri, 12/21/2007 - 10:47
elabmexico

I get:

clamd.virtualmin: unrecognized service

Fri, 12/21/2007 - 11:37
LawrenceOng

Note sure if this helps ...

<div class='quote'>First I was getting an error because libclamav.so.2 is not present, so I created a symlink to libclamav.so.3, which is present. But still no luck.
</div>

juarezon, 0.92 is really suppose to use libclamav3, not libclamav2. If you cannot find libclamav3 anywhere, it is possible that you have not installed it

When i do create a symlink from libclamav3 to libclamav2, clamav hangs when it is performing any scan.

Original Scan with libclamav3 (clamav 0.92):

<div class='quote'>
/usr/lib# ln -s libclamav.so.3.0.3 libclamav.so.3
/usr/lib# time clamscan ~long/mydoomM.zip
/home/long/mydoomM.zip: Worm.Mydoom.M FOUND

----------- SCAN SUMMARY -----------
Known viruses: 180195
Engine version: 0.92
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.03 MB
Time: 5.484 sec (0 m 5 s)

real 0m5.547s
user 0m4.644s
sys 0m0.176s
</div>

Scan after performing the link (libclamav3 = libclamav2 for clamav 0.92):

<div class='quote'>
/usr/lib# rm -f libclamav.so.3
/usr/lib# ln -s libclamav.so.2.0.3 libclamav.so.3
/usr/lib# time clamscan ~long/mydoomM.zip
^C

real 0m36.391s
user 0m35.878s
sys 0m0.216s
</div>

just a thought.

Fri, 12/21/2007 - 11:42 (Reply to #9)
elabmexico

Lawrence,

My situation is the opposite. I have libclamav.so.3, and not libclamav.so.2.

When trying to start clamd, it was complaining about libclamav.so.2 not found. Thats when I created the symlink to the existing libclamav.so.3.

but still no luck... :o(

Fri, 12/21/2007 - 11:45
LawrenceOng

[quote]
First I was getting an error because libclamav.so.2 is not present, so I created a symlink to libclamav.so.3, which is present. But still no luck.
[quote]

Doh .. ok, after rereading it <u>carefully</u> (you're saying that 2 is not present, and that 3 is present), not the other way round. Anyway, that could very well mean that you are using version 0.91.x version of clamav with version 0.92 version of the library. In either case, 0.92 = libclamav3 and &lt; 0.92 = libclamav2. In either case, if the version of the application is correct, you should not need to create that symlink to use an older or newer library.

Not sure what the effect would be of using a newer library with an older binary.

Fri, 12/21/2007 - 11:50 (Reply to #11)
elabmexico

the system reports 0.92, and I know that it was upgraded recently through yum...

yum info clam*
Loading &quot;installonlyn&quot; plugin
Setting up repositories
virtualmin 100% |=========================| 951 B 00:00
virtualmin-universal 100% |=========================| 951 B 00:00
base 100% |=========================| 1.1 kB 00:00
updates 100% |=========================| 951 B 00:00
addons 100% |=========================| 951 B 00:00
extras 100% |=========================| 1.1 kB 00:00
Reading repository metadata in from local files
Excluding Packages in global exclude list
Finished
Installed Packages
Name : clamav
Arch : i386
Version: 0.92
Release: 1.vm.el5
Size : 1.1 M
Repo : installed
Summary: End-user tools for the Clam Antivirus scanner

Description:
Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this
software is the integration with mail servers (attachment scanning). The
package provides a flexible and scalable multi-threaded daemon, a command
line scanner, and a tool for automatic updating via Internet. The programs
are based on a shared library distributed with the Clam AntiVirus package,
which you can use with your own software. The virus database is based on
the virus database from OpenAntiVirus, but contains additional signatures
(including signatures for popular polymorphic viruses, too) and is KEPT UP
TO DATE.

Name : clamav-data
Arch : i386
Version: 0.92
Release: 1.vm.el5
Size : 11 M
Repo : installed
Summary: Virus signature data for the Clam Antivirus scanner

Description:
This package contains the virus-database needed by clamav. This
database should be updated regularly; the 'clamav-update' package
ships a corresponding cron-job. This package and the
'clamav-data-empty' package are mutually exclusive.

Use -data when you want a working (but perhaps outdated) virus scanner
immediately after package installation.

Use -data-empty when you are updating the virus database regulary and
do not want to download a &gt;5MB sized rpm-package with outdated virus
definitions.

Name : clamav-filesystem
Arch : i386
Version: 0.92
Release: 1.vm.el5
Size : 0.0
Repo : installed
Summary: Filesystem structure for clamav

Description:
This package provides the filesystem structure and contains the
user-creation scripts required by clamav.

Name : clamav-lib
Arch : i386
Version: 0.92
Release: 1.vm.el5
Size : 1.4 M
Repo : installed
Summary: Dynamic libraries for the Clam Antivirus scanner

Description:
This package contains dynamic libraries shared between applications
using the Clam Antivirus scanner.

Name : clamav-server
Arch : i386
Version: 0.92
Release: 1.vm.el5
Size : 224 k
Repo : installed
Summary: Clam Antivirus scanner server

Description:
ATTENTION: most users do not need this package; the main package has
everything (or depends on it) which is needed to scan for virii on
workstations.

This package contains files which are needed to execute the clamd-daemon.
This daemon does not provide a system-wide service. Instead of, an instance
of this daemon should be started for each service requiring it.

See the README file how this can be done with a minimum of effort.

Name : clamav-server-sysv
Arch : i386
Version: 0.92
Release: 1.vm.el5
Size : 0.0
Repo : installed
Summary: SysV initscripts for clamav server

Description:
SysV initscripts template for the clamav server

Name : clamav-update
Arch : i386
Version: 0.92
Release: 1.vm.el5
Size : 92 k
Repo : installed
Summary: Auto-updater for the Clam Antivirus scanner data-files

Description:
This package contains programs which can be used to update the clamav
anti-virus database automatically. It uses the freshclam(1) utility for
this task. To activate it, uncomment the entry in /etc/cron.d/clamav-update.

Available Packages
Name : clamav-data-empty
Arch : i386
Version: 0.92
Release: 1.vm.el5
Size : 16 k
Repo : virtualmin
Summary: Empty data package for the Clam Antivirus scanner
Description:
This is an empty package to fulfill inter-package dependencies of the
clamav suite. This package and the 'clamav-data' package are mutually
exclusive.

Use -data when you want a working (but perhaps outdated) virus scanner
immediately after package installation.

Use -data-empty when you are updating the virus database regulary and
do not want to download a &gt;5MB sized rpm-package with outdated virus
definitions.

Name : clamav-devel
Arch : i386
Version: 0.92
Release: 1.vm.el5
Size : 26 k
Repo : virtualmin
Summary: Header files and libraries for the Clam Antivirus scanner
Description:
This package contains headerfiles and libraries which are needed to
build applications using clamav.

Name : clamav-milter
Arch : i386
Version: 0.92
Release: 1.vm.el5
Size : 93 k
Repo : virtualmin
Summary: Sendmail-milter for the Clam Antivirus scanner
Description:
This package contains files which are needed to run the clamav-milter. It
can be activated by adding

| INPUT_MAIL_FILTER(`clamav', `S=local:/var/run/clamav-milter/clamav.sock, F=, T=S:4m;R:4m')dnl

to your sendmail.mc.

Name : clamav-milter-sysv
Arch : i386
Version: 0.92
Release: 1.vm.el5
Size : 17 k
Repo : virtualmin
Summary: SysV initscripts for the clamav sendmail-milter
Description:
The SysV initscripts for clamav-milter.

Name : clamd.clamdscan
Arch : noarch
Version: 1.0
Release: 1.vm.el5
Size : 6.4 k
Repo : virtualmin
Summary: Clamav server for 'clamdscan'
Description:
Basic setup for a clamav server for 'clamdscan'.

Name : clamd.clamdscan-minit
Arch : noarch
Version: 1.0
Release: 1.vm.el5
Size : 3.5 k
Repo : virtualmin
Summary: minit initscripts for a clamdscan clamav-server
Description:
Basic setup for a clamav server for 'clamdscan'.

This package contains initscripts for minit based systems.

Name : clamd.clamdscan-sysv
Arch : noarch
Version: 1.0
Release: 1.vm.el5
Size : 3.3 k
Repo : virtualmin
Summary: SysV initscripts for a clamdscan clamav-server
Description:
Basic setup for a clamav server for 'clamdscan'.

This package contains initscripts for SysV based systems.

Fri, 12/21/2007 - 12:34 (Reply to #12)
elabmexico

this is what the logfile shows...

+++ Started at Fri Dec 21 15:25:35 2007
clamd daemon 0.91.2 (OS: linux-gnu, ARCH: i386, CPU: i386)
Running as user nobody (UID 99, GID 99)
Log file size limited to 1048576 bytes.
Reading databases from /var/lib/clamav
Not loading PUA signatures.
Loaded 349871 signatures.
ERROR: Socket file /var/run/clamd.virtualmin/clamd.sock exists. Either remove it, or configure a different one.

I have removed clamd.sock amny times, but it just gets created again

Thu, 02/07/2008 - 21:19 (Reply to #13)
Joe
Joe's picture

Anyone else who is seeing this should check out this bug report :
http://www.virtualmin.com/bugs/index.php?do=details&amp;task_id=3556

The quick solution is to run :
rm -f /usr/sbin/clamd.virtualmin
ln -s /usr/sbin/clamd /usr/sbin/clamd.virtualmin

--

Check out the forum guidelines!

Fri, 12/21/2007 - 12:41
elabmexico

This is what I get when I remove the .sock file and start it again...

+++ Started at Fri Dec 21 15:35:07 2007
clamd daemon 0.91.2 (OS: linux-gnu, ARCH: i386, CPU: i386)
Running as user nobody (UID 99, GID 99)
Log file size limited to 1048576 bytes.
Reading databases from /var/lib/clamav
Not loading PUA signatures.
Loaded 349871 signatures.
Unix socket file /var/run/clamd.virtualmin/clamd.sock
Setting connection queue length to 15
Archive: Archived file size limit set to 10485760 bytes.
Archive: Recursion level limit set to 8.
Archive: Files limit set to 1000.
Archive: Compression ratio limit set to 250.
Archive support enabled.
Algorithmic detection enabled.
Portable Executable support enabled.
ELF support enabled.
Mail files support enabled.
Mail: Recursion level limit set to 64.
OLE2 support enabled.
PDF support disabled.
HTML support enabled.
Self checking every 1800 seconds.

Which tells me it's working, right?
After a while, or when I try to change the settings to use clamdscan, it dies...