Hi there, On Tue, 8 Dec 2020, Gal Cohen wrote:
I'm serving cvd files from a local server, when I run freshclam on my server it takes some runes until the daily.cvd is updated even though the remote version was updated a while ago.
Please clarify that the daily.cvd file which you are talking about is the one on the "local server" which serves the .cvd file, and that you are not talking about .cvd files on the clients of your local server. Please explain exactly how you installed ClamAV on the local server.
... DatabaseOwner root ...
Bad idea, but probably not related to your problem.
"daily database available for update (local version: 26009, remote version: 26010) *The daily.cvd database downloaded from https://database.clamav.net is one version older than advertised in the DNS TXT record. Database test passed. daily.cvd updated (version: 26009, sigs: 4351133, f-level: 63, builder: raynman)"
Please include timestamps on the logs next time. Here's my freshclam log for the update to version 26009. It took about 34 seconds total and it isn't a very fast box (a Raspberry Pi 4B). As you see I have daily.cld not daily.cvd, I wonder if it might make a difference. Sat Dec 5 18:15:49 2020 -> Received signal: wake up Sat Dec 5 18:15:49 2020 -> ClamAV update process started at Sat Dec 5 18:15:49 2020 Sat Dec 5 18:15:50 2020 -> daily database available for update (local version: 26008, remote version: 26009) Sat Dec 5 18:15:57 2020 -> Testing database: '/EXPORTS/clamav/databases/tmp.06d3200a0e/clamav-223cf5c8f023bca440730a45c874e079.tmp-daily.cld' ... Sat Dec 5 18:16:23 2020 -> Database test passed. Sat Dec 5 18:16:23 2020 -> daily.cld updated (version: 26009, sigs: 4351133, f-level: 63, builder: raynman) Sat Dec 5 18:16:23 2020 -> main.cvd database is up to date (version: 59, sigs: 4564902, f-level: 60, builder: sigmgr) Sat Dec 5 18:16:23 2020 -> bytecode.cvd database is up to date (version: 331, sigs: 94, f-level: 63, builder: anvilleg) I have never seen freshclam download an older file than the one which is claimed in the DNS to be the latest. How often are you checking for updates?
Do I need to change my configuration or is it a bug on the 102.4 clamav version?
There will be other possible explanations. I don't see how a fault or a misconfiguration at the client end might cause the remote server to serve an out of date database file but perhaps you can let us see the output of 'clamconf' for completeness anyway. If one of the ClamAV mirrors is serving outdated files then I'm sure that the ClamAV team will want to know about it. Please give full log details including timestamps and the IP address(es) from which the .cvd files were downloaded. Without more information it's difficult to know what the problem might be, it might help if you investigate with something like Wireshark. I wonder if your DNS setup might need some work but that's just a guess. -- 73, Ged. _______________________________________________ clamav-users mailing list [email protected] https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
