Update: freshclam -v did:
> freshclam -v > Current working dir is /var/clamav > Max retries == 3 > ClamAV update process started at Sun Jun 6 11:23:49 2010 > Using IPv6 aware code > Querying current.cvd.clamav.net > TTL: 900 > Software version from DNS: 0.96.1 > Retrieving http://database.clamav.net/main.cvd > Trying to download http://database.clamav.net/main.cvd (IP: 207.57.106.31) > Downloading main.cvd [100%] > LibClamAV debug: MD5(.tar.gz) = 59b7133605b0857b1a76bfe8b3645ff5 > LibClamAV debug: cli_versig: Decoded signature: > 59b7133605b0857b1a76bfe8b3645ff5 > LibClamAV debug: cli_versig: Digital signature is correct. > LibClamAV debug: Initialized 0.96.1 engine > LibClamAV debug: Initializing phishcheck module > LibClamAV debug: Phishcheck: Compiling regex: ^ > *(http|https|ftp:(//)?)?[0-9]{1,3}(\.[0-9]{1,3}){3}[/?:]? *$ > LibClamAV debug: Phishcheck module initialized > LibClamAV debug: in cli_cvdload() > LibClamAV debug: MD5(.tar.gz) = 59b7133605b0857b1a76bfe8b3645ff5 > LibClamAV debug: cli_versig: Decoded signature: > 59b7133605b0857b1a76bfe8b3645ff5 > LibClamAV debug: cli_versig: Digital signature is correct. > LibClamAV debug: in cli_tgzload() I then did gdb as requested (freshclam is in /usr/local/bin it seems) and got: > (gdb) backtrace > #0 0x900144ac in read () > #1 0x9001ace8 in _sread () > #2 0x9001ac5c in __srefill () > #3 0x9001a51c in fseek () > #4 0x9111a4a4 in gzseek () > #5 0x00215348 in cli_tgzload (fd=0, engine=0x501910, signo=0xbfffdd08, > options=8282, dbio=0xbfffd9f0, dbinfo=0x0) at cvd.c:306 > #6 0x00216098 in cli_cvdload (fs=0xa000db8c, engine=0x501910, > signo=0xbfffdd08, options=8218, cld=3221215728, filename=0x5019c0 > "/var/clamav/clamav-7e28b41e086bd9cac04974584751ecd9/clamav-a440b5fecdae031fd93d71c8a524.cvd") > at cvd.c:625 > #7 0x00212478 in cli_load (filename=0x5019c0 > "/var/clamav/clamav-7e28b41e086bd9cac04974584751ecd9/clamav-a440b5fecdae031fd93d71c8a524.cvd", > engine=0x501910, signo=0xbfffdd08, options=8218, dbio=0x0) at readdb.c:2315 > #8 0x0021331c in cl_load (path=0x5019c0 > "/var/clamav/clamav-7e28b41e086bd9cac04974584751ecd9/clamav-a440b5fecdae031fd93d71c8a524.cvd", > engine=0x501910, signo=0xbfffdd08, dboptions=8218) at readdb.c:2611 > #9 0x0000bc24 in updatedb (dbname=0x18fe8 "main", hostname=0x5014b0 > "database.clamav.net", ip=0xbfffddc0 "207.57.106.31", signo=0xbfffde4c, > opts=0x5003b0, dnsreply=0x501730 "0.96.1:52:11146:1275840798:1:51:21405:25", > localip=0x0, outdated=5249472, mdat=0xbfffddf0, logerr=0, extra=0) at > manager.c:1750 > #10 0x0000c258 in downloadmanager (opts=0x5003b0, hostname=0x5014b0 > "database.clamav.net", dbdir=0x1000 "????", logerr=0) at manager.c:1914 > #11 0x0000790c in download (opts=0x5003b0, datadir=0x500b20 "/var/clamav", > cfgfile=0x500600 "/private/etc/spam/clamav/new/freshclam.conf") at > freshclam.c:173 > #12 0x00008354 in main (argc=5244944, argv=0x5003b0) at freshclam.c:504 The gzseek (its now in gzread) is from: 0x91112954 - 0x9111cad0 is LC_SEGMENT.__TEXT.__text in /usr/lib/libz.1.2.3.dylib I hit "c" for continue in the gdb screen for now. How long should it run usually? Thanks, Perry On Jun 6, 2010, at 11:14 AM, Török Edwin wrote: > On 06/06/2010 07:01 PM, Perry Smith wrote: >> I'm on Mac OS X 10.4.11 running 0.96.1. I upgraded to 0.96.1 on May 24 >> according to my records. Things were fine. >> >> My server died and I switched hardware twice. I did this by moving the >> hard disk to a new platform and fixing the few config problems. In the >> process, my DNS and NAT were screwed up briefly. That may be the start of >> the cause. I don't know. >> >> But now, when I run freshclam -v, it never stops. I let it go for 10 >> minutes or so and then kill it with ^C. The last time did it, I capture the >> output and put it here: >> >> http://pastie.org/993910 >> >> freshclam was set up to run as a daemon. I've disabled that for now. >> >> I'm sorta assuming I need to dump my database and start back over but I >> don't know how to do that. My /var/clamav directory looks like this: >> >> ls -l >> total 121944 >> drwxrwxr-x 5 root clamav 170 Jun 6 09:49 .foo >> drwx------ 7 clamav clamav 238 Jun 6 10:54 .spamassassin >> drwx------ 4 clamav clamav 136 Jul 6 2008 Library >> -rw-r--r-- 1 clamav clamav 5756928 Jun 6 10:46 daily.cld >> drwxr-xr-x 18 clamav clamav 612 Jul 15 2008 daily.inc >> -rw-r--r-- 1 clamav clamav 56671744 Feb 15 11:16 main.cld >> drwxr-xr-x 10 clamav clamav 340 Jul 15 2008 main.inc >> -rw------- 1 clamav clamav 1560 Jun 6 09:04 mirrors.dat >> drwxrwxr-x 2 clamav clamav 68 Jun 6 10:54 tmp >> > > what is .spamassasin doing inside /var/clamav? > Anyway, try deleting daily.*, main.*, and mirrors.dat > Then rerun freshclam, and let us know if it still runs at 100%. > > If it does, try this: > Find out pid of freshclam by running 'pidof freshclam', or 'ps -ef|grep > freshclam', or something similar. > Then do this: > # gdb /usr/bin/freshclam > (gdb) attach <thepid> > .... > Ctrl-C > (gdb) backtrace > > Where <thepid> is the pid you got earlier. > > Best regards, > --Edwin > _______________________________________________ > Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net > http://www.clamav.net/support/ml _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
