Hello all, Been having an issue today that I can't seem to solve, so reaching out to others much more knowledgeable for help/advice/assistance. I ran the software update this morning and installed 134 packages, clamd was one of the packages. Upon completion of the update, I needed to reboot the box. During bootup I got the following issue: Starting Clam AntiVirus Daemon: WARNING: Ignoring deprecated option AllowSupplementaryGroups at line 194 LibClamAV Error: cli_cvdload: Corrupted CVD header LibClamAV Error: Can't load /var/lib/clamav/main.cvd: Malformed database LibClamAV Error: cli_loaddbdir(): error loading database /var/lib/clamav/main.cvd Sat Jul 14 09:04:46 2018 -> !Malformed database [FAILED] Clamd failed to start. I modified the clamd.conf conf file to comment out the deprecated option above, this seemed to allow clamd to start following a second reboot. I followed some suggested actions from the clamd.net site, namely I ensured my DNS was still working, that I could reach clamd.net, and also removed the mirrors.dat and main.cvd files in an effort to get clamd to update via freshclam. When I run 'freshclam -v' I get the following data return: [root at centos clamav]# freshclam -v Current working dir is /var/lib/clamav Max retries == 3 ClamAV update process started at Sat Jul 14 15:09:47 2018 Using IPv6 aware code Querying current.cvd.clamav.net TTL: 1611 Software version from DNS: 0.100.1 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.100.0 Recommended version: 0.100.1 DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav Retrieving http://db.local.clamav.net/main.cvd Ignoring mirror 2400:cb00:2048:1::6810:b98a (due to previous errors) Ignoring mirror 2400:cb00:2048:1::6810:bd8a (due to previous errors) Ignoring mirror 2400:cb00:2048:1::6810:bc8a (due to previous errors) Ignoring mirror 2400:cb00:2048:1::6810:ba8a (due to previous errors) Ignoring mirror 2400:cb00:2048:1::6810:bb8a (due to previous errors) Trying to download http://db.local.clamav.net/main.cvd (IP: 104.16.186.138) Downloading main.cvd [100%] WARNING: [LibClamAV] cli_cvdload: Corrupted CVD header ERROR: Verification: Malformed database Querying main.0.91.0.0.6810BA8A.ping.clamav.net Trying again in 5 secs... ClamAV update process started at Sat Jul 14 15:10:09 2018 Using IPv6 aware code Querying current.cvd.clamav.net TTL: 1583 Software version from DNS: 0.100.1 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.100.0 Recommended version: 0.100.1 DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav Retrieving http://db.local.clamav.net/main.cvd Trying to download http://db.local.clamav.net/main.cvd (IP: 104.16.188.138) Downloading main.cvd [100%] WARNING: [LibClamAV] cli_cvdload: Corrupted CVD header ERROR: Verification: Malformed database Querying main.0.91.0.0.6810BC8A.ping.clamav.net Trying again in 5 secs... ClamAV update process started at Sat Jul 14 15:10:31 2018 Using IPv6 aware code Querying current.cvd.clamav.net TTL: 1567 Software version from DNS: 0.100.1 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.100.0 Recommended version: 0.100.1 DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav Retrieving http://db.local.clamav.net/main.cvd Trying to download http://db.local.clamav.net/main.cvd (IP: 104.16.189.138) Downloading main.cvd [100%] WARNING: [LibClamAV] cli_cvdload: Corrupted CVD header ERROR: Verification: Malformed database Querying main.0.91.0.0.6810BD8A.ping.clamav.net Giving up on db.local.clamav.net... ClamAV update process started at Sat Jul 14 15:10:48 2018 Using IPv6 aware code Querying current.cvd.clamav.net TTL: 1232 Software version from DNS: 0.100.1 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.100.0 Recommended version: 0.100.1 DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav Retrieving http://db.local.clamav.net/main.cvd Trying to download http://db.local.clamav.net/main.cvd (IP: 104.16.189.138) Downloading main.cvd [100%] WARNING: [LibClamAV] cli_cvdload: Corrupted CVD header ERROR: Verification: Malformed database Querying main.0.91.0.0.6810BD8A.ping.clamav.net Giving up on db.local.clamav.net... Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check https://www.clamav.net/documents/official-mirror-faq for possible reasons. ----END Freshclam -v command----- My 0.100.0 version is currently supported, so I know that is not the issue. I tried deleting the mirrors,dat file and re-running freshclam (did not reboot the box between file deletion and command line execution), no effect... Also, I have the default mirror location in freshclam.conf, which seems to be fine considering its been like this for years. I tried to locate the 'country code' paramater but gave that up after I got a headache looking over the documentation. I don't think its relevant to this issue anyway. I'm stuck on how to fix this. Nothing on the web shows what resolution is, nor how to fix it. Seems like I can get and receive emails, but I have no idea if they are being properly scanned. Thanks in advance, Jay
Am 15.07.2018 um 00:13 schrieb Jay Hart:> ClamAV update process started at Sat Jul 14 15:10:48 2018 > Using IPv6 aware code > Querying current.cvd.clamav.net > TTL: 1232 > Software version from DNS: 0.100.1 > WARNING: Your ClamAV installation is OUTDATED! > WARNING: Local version: 0.100.0 Recommended version: 0.100.1 > DON'T PANIC! Readhttps://www.clamav.net/documents/upgrading-clamav Retrieving > http://db.local.clamav.net/main.cvd > Trying to downloadhttp://db.local.clamav.net/main.cvd (IP: 104.16.189.138) > Downloading main.cvd > [100%] > WARNING: [LibClamAV] cli_cvdload: Corrupted CVD header > ERROR: Verification: Malformed database > Querying main.0.91.0.0.6810BD8A.ping.clamav.net > Giving up on db.local.clamav.net... > Update failed. Your network may be down or none of the mirrors listed in > /etc/freshclam.conf is > working. Checkhttps://www.clamav.net/documents/official-mirror-faq for possible > reasons. > ----END Freshclam -v command----- > > My 0.100.0 version is currently supported, so I know that is not the issue. I tried deleting the > mirrors,dat file and re-running freshclam (did not reboot the box between file deletion and > command line execution), no effect... > > Also, I have the default mirror location in freshclam.conf, which seems to be fine considering its > been like this for years. I tried to locate the 'country code' paramater but gave that up after I > got a headache looking over the documentation. I don't think its relevant to this issue anyway. > > I'm stuck on how to fix this. Nothing on the web shows what resolution is, nor how to fix it. > > Seems like I can get and receive emails, but I have no idea if they are being properly scanned. > > Thanks in advance, > > JayThe main.cvd you are downloading looks to be corrupted. No such issue here. I have set in /etc/freshclam.conf DatabaseMirror db.nl.clamav.net # freshclam -v Current working dir is /var/lib/clamav Max retries == 3 ClamAV update process started at Sun Jul 15 01:39:31 2018 Using IPv6 aware code Querying current.cvd.clamav.net TTL: 143 Software version from DNS: 0.100.1 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.100.0 Recommended version: 0.100.1 DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav main.cvd version from DNS: 58 main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) daily.cvd version from DNS: 24753 Retrieving http://db.nl.clamav.net/daily-24751.cdiff Trying to download http://db.nl.clamav.net/daily-24751.cdiff (IP: 2400:cb00:2048:1::6810:b98a) Downloading daily-24751.cdiff [100%] cdiff_apply: Parsed 289 lines and executed 289 commands Retrieving http://db.nl.clamav.net/daily-24752.cdiff Trying to download http://db.nl.clamav.net/daily-24752.cdiff (IP: 2400:cb00:2048:1::6810:b98a) Downloading daily-24752.cdiff [100%] cdiff_apply: Parsed 264 lines and executed 264 commands Retrieving http://db.nl.clamav.net/daily-24753.cdiff Trying to download http://db.nl.clamav.net/daily-24753.cdiff (IP: 2400:cb00:2048:1::6810:b98a) Downloading daily-24753.cdiff [100%] cdiff_apply: Parsed 264 lines and executed 264 commands Loading signatures from daily.cld Properly loaded 2013647 signatures from new daily.cld daily.cld updated (version: 24753, sigs: 2013647, f-level: 63, builder: neo) Querying daily.24753.91.1.0.2400cb0020480001000000006810b98a.ping.clamav.net bytecode.cvd version from DNS: 324 bytecode.cld is up to date (version: 324, sigs: 89, f-level: 63, builder: neo) Database updated (6579985 signatures) from db.nl.clamav.net (IP: 2400:cb00:2048:1::6810:b98a) Alexander
I fixed the country code issue but that did not resolve the problem. I also removed all files in /var/lib/clamav and reran freshclam (without rebooting), that also did not fix the problem. Jay> Am 15.07.2018 um 00:13 schrieb Jay Hart: >> ClamAV update process started at Sat Jul 14 15:10:48 2018 >> Using IPv6 aware code >> Querying current.cvd.clamav.net >> TTL: 1232 >> Software version from DNS: 0.100.1 >> WARNING: Your ClamAV installation is OUTDATED! >> WARNING: Local version: 0.100.0 Recommended version: 0.100.1 >> DON'T PANIC! Readhttps://www.clamav.net/documents/upgrading-clamav Retrieving >> http://db.local.clamav.net/main.cvd >> Trying to downloadhttp://db.local.clamav.net/main.cvd (IP: 104.16.189.138) >> Downloading main.cvd >> [100%] >> WARNING: [LibClamAV] cli_cvdload: Corrupted CVD header >> ERROR: Verification: Malformed database >> Querying main.0.91.0.0.6810BD8A.ping.clamav.net >> Giving up on db.local.clamav.net... >> Update failed. Your network may be down or none of the mirrors listed in >> /etc/freshclam.conf is >> working. Checkhttps://www.clamav.net/documents/official-mirror-faq for possible >> reasons. >> ----END Freshclam -v command----- >> >> My 0.100.0 version is currently supported, so I know that is not the issue. I tried deleting the >> mirrors,dat file and re-running freshclam (did not reboot the box between file deletion and >> command line execution), no effect... >> >> Also, I have the default mirror location in freshclam.conf, which seems to be fine considering >> its >> been like this for years. I tried to locate the 'country code' paramater but gave that up after >> I >> got a headache looking over the documentation. I don't think its relevant to this issue anyway. >> >> I'm stuck on how to fix this. Nothing on the web shows what resolution is, nor how to fix it. >> >> Seems like I can get and receive emails, but I have no idea if they are being properly scanned. >> >> Thanks in advance, >> >> Jay > > The main.cvd you are downloading looks to be corrupted. > > No such issue here. I have set in /etc/freshclam.conf > > DatabaseMirror db.nl.clamav.net > > # freshclam -v > Current working dir is /var/lib/clamav > Max retries == 3 > ClamAV update process started at Sun Jul 15 01:39:31 2018 > Using IPv6 aware code > Querying current.cvd.clamav.net > TTL: 143 > Software version from DNS: 0.100.1 > WARNING: Your ClamAV installation is OUTDATED! > WARNING: Local version: 0.100.0 Recommended version: 0.100.1 > DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav > main.cvd version from DNS: 58 > main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, > builder: sigmgr) > daily.cvd version from DNS: 24753 > Retrieving http://db.nl.clamav.net/daily-24751.cdiff > Trying to download http://db.nl.clamav.net/daily-24751.cdiff (IP: > 2400:cb00:2048:1::6810:b98a) > Downloading daily-24751.cdiff [100%] > cdiff_apply: Parsed 289 lines and executed 289 commands > Retrieving http://db.nl.clamav.net/daily-24752.cdiff > Trying to download http://db.nl.clamav.net/daily-24752.cdiff (IP: > 2400:cb00:2048:1::6810:b98a) > Downloading daily-24752.cdiff [100%] > cdiff_apply: Parsed 264 lines and executed 264 commands > Retrieving http://db.nl.clamav.net/daily-24753.cdiff > Trying to download http://db.nl.clamav.net/daily-24753.cdiff (IP: > 2400:cb00:2048:1::6810:b98a) > Downloading daily-24753.cdiff [100%] > cdiff_apply: Parsed 264 lines and executed 264 commands > Loading signatures from daily.cld > Properly loaded 2013647 signatures from new daily.cld > daily.cld updated (version: 24753, sigs: 2013647, f-level: 63, builder: neo) > Querying daily.24753.91.1.0.2400cb0020480001000000006810b98a.ping.clamav.net > bytecode.cvd version from DNS: 324 > bytecode.cld is up to date (version: 324, sigs: 89, f-level: 63, > builder: neo) > Database updated (6579985 signatures) from db.nl.clamav.net (IP: > 2400:cb00:2048:1::6810:b98a) > > Alexander > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >
On 15.07.2018 00:13, Jay Hart wrote:> Clamd failed to start. >try removign it (yum remove ...) reboot and then reinstall it again (yum install ...)?
Am 16.07.2018 um 19:42 schrieb Walter H.:> On 15.07.2018 00:13, Jay Hart wrote: >> Clamd failed to start. >> > try removign it? (yum remove ...) reboot and then reinstall it again > (yum install ...)?Seriously, this is not Windows. Alexander