store | blogs | forums | twitter | facebook | wiki | downloads | support portal
Atomic Secure Linux
It is currently Thu Oct 23, 2014 4:40 am

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]




Post new topic Reply to topic  [ 10 posts ] 
Author Message
 Post subject: ClamAV 0.93.1 is out
Unread postPosted: Wed Jun 11, 2008 3:13 am 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Sat Aug 20, 2005 9:30 am
Posts: 2812
Location: The Netherlands
The subject says it all.

_________________
Lemonbit Internet Dedicated Server Management


Top
 Profile  
 
 Post subject:
Unread postPosted: Wed Jun 11, 2008 7:20 pm 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Sat Aug 20, 2005 9:30 am
Posts: 2812
Location: The Netherlands
I updated a box to ClamAV 0.93.1, but noticed freshclam didn't work afterwards. I had to chown -R qscand:qscand /var/clamav.

_________________
Lemonbit Internet Dedicated Server Management


Top
 Profile  
 
 Post subject:
Unread postPosted: Wed Jun 11, 2008 10:05 pm 
Offline
Forum Regular
Forum Regular

Joined: Mon Dec 06, 2004 10:43 pm
Posts: 458
and you got the RPM's from??? I looked at Dag's stuff and am not sure that Scott is still using those and I didn't see that version in atomic testing.

Thanks.

_________________
Franklyn Halamka
Still learning my way around Linux Security.
http://www.galacticzero.net


Top
 Profile  
 
 Post subject:
Unread postPosted: Thu Jun 12, 2008 3:05 am 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Sat Aug 20, 2005 9:30 am
Posts: 2812
Location: The Netherlands
From the ASL yum channel.

_________________
Lemonbit Internet Dedicated Server Management


Top
 Profile  
 
 Post subject:
Unread postPosted: Thu Jun 12, 2008 5:01 am 
Offline
Forum Regular
Forum Regular

Joined: Wed Jan 02, 2008 3:21 pm
Posts: 521
Location: United Kingdom
I normally have to do the following (on RHEL4) after running an update to clamav:

1. Ensure any new .conf files are included (back up old versions first):
Code:
mv /etc/freshclam.conf /etc/freshclam.conf.bak
mv /etc/clamd.conf /etc/clamd.conf.bak
mv /etc/logrotate.d/clamav /etc/logrotate.d/clamav.bak (check for existence of clamav.rpmnew first)

mv /etc/freshclam.conf.rpmnew /etc/freshclam.conf
mv /etc/clamd.conf.rpmnew /etc/clamd.conf
mv /etc/logrotate.d/clamav.rpmnew /etc/logrotate.d/clamav (see above note)

2. Check for correct user in conf:
Code:
vi /etc/clamd.conf
User qscand

vi /etc/freshclam.conf
DatabaseOwner qscand

3. Ensure system user matches:
Code:
chown -R qscand:qscand /var/clamav
chown -R qscand:qscand /var/log/clamav
chown -R qscand:qscand /var/run/clamav

4. Update system to use new settings:
Code:
/etc/init.d/clamd restart

5. Run freshclam to pull in db updates and ensure all settings are correct (it'll throw warnings if not):
Code:
freshclam

6. Ensure qmail-scanner pulls in changes:
Code:
qmail-scanner-reconfigure

7. If all OK, remove old files (keep system tidy ;-) ):
Code:
rm /etc/freshclam.conf.bak
rm /etc/clamd.conf.bak
rm /etc/logrotate.d/clamav.bak (see above note)

This is a useful command to run and watch for a while after an update (just to ensure all is well):
Code:
tail -f /usr/local/psa/var/log/maillog /var/spool/qscan/qmail-queue.log /var/spool/qscan/quarantine.log /var/log/clamav/clamd.log /var/log/clamav/freshclam.log

Hopefully this'll help others with problems after a clamav update...


Last edited by Kalimari on Thu Aug 28, 2008 9:18 am, edited 1 time in total.

Top
 Profile  
 
 Post subject:
Unread postPosted: Thu Jun 12, 2008 5:16 am 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Sat Aug 20, 2005 9:30 am
Posts: 2812
Location: The Netherlands
I know the way to fix these things, but I report them here so the rpms can be fixed to take care of these things themselves.

_________________
Lemonbit Internet Dedicated Server Management


Top
 Profile  
 
 Post subject:
Unread postPosted: Thu Jun 12, 2008 5:35 am 
Offline
Forum Regular
Forum Regular

Joined: Wed Jan 02, 2008 3:21 pm
Posts: 521
Location: United Kingdom
I have reported them here also... In the mean time this is what I do to get clam updates running quickly!


Top
 Profile  
 
 Post subject:
Unread postPosted: Thu Jun 12, 2008 6:51 pm 
Offline
Long Time Forum Regular
Long Time Forum Regular

Joined: Thu Dec 09, 2004 11:19 am
Posts: 2082
I've just checked a default install and the default user/database owner always seems to be clamav

But that works for me ... e.g. the log file is owned by clamav:clamav.

I have seen things go wrong when upgrading from one version to another -- only a few days ago in fact.

I cured the problem by brute force by removing clamav and clamd using yum then re-installing.

This resulted in the log file being clamav:clamav again but it was and is working, as is freshclam.

But now I know where to look for which user clamav and freshclam needs those files to be be owned by I'm a lot happier and less mystified. Thanks Kalamari!

Faris.

_________________
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>


Top
 Profile  
 
 Post subject:
Unread postPosted: Thu Jun 12, 2008 9:04 pm 
Offline
Forum Regular
Forum Regular

Joined: Mon May 22, 2006 9:52 pm
Posts: 259
Quote:
I normally have to do the following (on RHEL4) after running an update to clamav:


Thanks Kalimari! This helped me a lot!


Top
 Profile  
 
 Post subject:
Unread postPosted: Tue Jul 29, 2008 1:42 pm 
Offline
Forum User
Forum User

Joined: Sun Mar 23, 2008 12:54 pm
Posts: 22
yess thanks , its work perfect.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 10 posts ] 

» Feed - Atomicorp

All times are UTC - 5 hours [ DST ]


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group