is my clamAV up to date or not?

Discussion in 'Server Operation' started by vmos, May 19, 2010.

  1. vmos

    vmos Member

    A few weeks ago we got caught out by the clamav shenannigans (they released an update that broke old versions of clamAV) we patched it at the time but the only way to get it updating again was to do a distro upgrade.

    so I upgraded the server from debian sarge to debian etch and then to lenny.
    The process mostly went smoothly but the amavis config got mangled and because amavis didn't upgrade, neither would clam.

    so I ripped it out and started again but I'm not sure if my clam is now updating. Here's what I get in my freshclam logs

    To me this says that clamAV is running an old version but the definition files are up to date. However, this is what I get when I do clamscan -V

    To me that says that clamAV is running the latest version but with an old definition file.

    What's that about? Can anybody clarify this?
     
  2. Mark_NL

    Mark_NL New Member

    you mostlikely have updated "clamav-base", but not "clamav-daemon"

    you should have these packages up to date:
    clamav
    clamav-base
    clamav-daemon
    clamav-freshclam
    libclamav6
     
  3. vmos

    vmos Member

    oh, this confused me because I did have the latest versions but when i tried to install libclamav6 it wouldn't let me because the package didn't exist.
    After a bit of head scratching I added this to /etc/apt/sources.list

    deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free

    ran apt-get update and bam, newer versions of everything plus libclamav6

    I now get this in my freshclam logs

    However I still get this when I run clamscan -V

    ClamAV 0.96/10677/Wed Mar 31 16:16:29 2010

    But I'm tempted to ignore that. What do you reckon?
     
  4. Mark_NL

    Mark_NL New Member

    They rolled out the new clamav (0.96) on the repositories, so i don't see the problem here, everything is updated to 0.96, and that's good ..

    AND you don't get the error in freshclam.log anymore .. so what's the problem? :)
     
  5. vmos

    vmos Member

    Problem? I still can't play the piano, can you help with that as well?
     
  6. Mark_NL

    Mark_NL New Member

    1. http://www.gopiano.com/

    2. you said "But I'm tempted to ignore that. What do you reckon?" .. i reckon nothing
     
  7. austingecko

    austingecko New Member

    Cannot update CLAMAV

    Getting a warning when running freshclam as follows:

    WARNING: Your ClamAV installation is OUTDATED!
    WARNING: Local version: 0.96 Recommended version: 0.96.1
    DON'T PANIC! Read http://www.clamav.net/support/faq

    Running ubuntu 10.04 and can't seem to update it with apt-get. When I go to the faq link above I get lost and confused. Can anyone shed some light on how to get this resolved? TIA!
     
  8. Mark_NL

    Mark_NL New Member

    You can ignore that message (it's just a warning, not an error ;))

    It's because the ubuntu repositories don't have the latest version (yet)
     
  9. BorderAmigos

    BorderAmigos New Member

    You can install the latest version from source (http://www.clamav.net/lang/en/download/sources/) if the message really bothers you. Uninstall the previous version first.

    Note: When I installed from source the executables were put in a different place (/usr/local/bin) than the previous version (/usr/bin). Solved by adding a symlink from old to new.
     
  10. punk0mi

    punk0mi New Member

    I have to be honest...I've never had good success (meaning, never been left with a cleanly, perfectly working system) using any package manager to update a package like amavis or clam.

    On server environments, that is one thing I will always build from sources and customize. I do lose some of the "automatic" feature of a package manager, but at least i know how exactly how it was put in and exactly how to take it out.

    But this is just me.

    Lastly, you could have two versions of the clam engine running 0.94 and 0.96. Except that 0.94 is the one being utilized by the system. I strongly suggest you totally remove all traces of clam and reinstall.

    P.S. - I think a very large amount of people got stung by that little trick the devs at clam did. I know I did.
     
  11. Bernard Rondelez

    Bernard Rondelez New Member

    Update on Debian Lenny

    I did the following as root and my clamav was updated :

    /etc/init.d/clamav-daemon stop
    /etc/init.d/clamav-freshclam stop

    Check /var/log/clamav/freshclam.log
    If « has connected too many times … » : rm /var/lib/clamav/mirrors.dat​

    Nano /etc/apt/sources.list
    Add following line (if not present)
    deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free

    apt-get update

    if problems with pubkey :
    W: GPG error: http://volatile.debian.org lenny/volatile Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY ......
    W: You may want to run apt-get update to correct these problems


    Apt-get install debian-archive-keyring
    Apt-get update

    apt-get install clamav
    apt-get install clamav-daemon
    apt-get install clamav-freshclam

    freshclam (this will force an update)

    this should do the trick

    check clamav is running now

    ps aux |grep clam

    you should get something like this
    clamav 14148 6.5 4.2 217652 170888 ? Ssl 09:35 0:02 /usr/sbin/clamd
    clamav 14807 4.2 0.1 43344 7396 ? Ss 09:35 0:00 /usr/bin/freshclam -d --quiet
    root 14816 0.0 0.0 5160 772 pts/0 R+ 09:36 0:00 grep clam
     

Share This Page