Hello again, On Mon, 17 Jan 2022, colin course via clamav-users wrote:
... i have recently been changing permisions ...
Please do not romp around the operating system changing permissions on things unless you are sure that you know what you're doing and why. At best you will make the system insecure, at worst you will break it.
... security context usr/bin/freshclam enforce ...
This tells me that you're using an 'add-on' kind of package which adds extra security to the system. Unfortunately some of these packages bring with them constraints which can sometimes make things difficult for a beginner - especially if you blindly opt for the highest levels of security when you configure it. I wouldn't want to suggest that you disable anything like that, but it might be worth your time to find out more about it and about how to tell it what you want to do with ClamAV, both when you dowload and install ClamAV data and when you tell ClamAV to scan things.
... WARNING: Ignoring deprecated option SafeBrowsing at /etc/clamav/freshclam.conf:22 ...
The SafeBrowsing option was deprecated a long time ago. It's just about possible that up to date packages from current distributions still have deprecated options in their sample configurations, but perhaps you're using an out of date version of the ClamAV software? Check for the latest available package for your system on the ClamAV Website and install that using the package manager for your system if you can (see below). Old ClamAV versions are blocked from accessing the database download servers because they have inefficient download utilities compared with recent versions, and that has caused problems for the download servers in the recent past.
... ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!). ...
If the freshclam utility cannot write to its log file then either you're running freshclam as the wrong user or something is broken. Maybe you should use the package manager to purge all the packages which together make up ClamAV on your distribution, and then start again by reinstalling them using the package manager. It seems to me that your efforts to improve the security of your systems risk doing more or less the oppposite. A lot of talented people with wide experience and good motivation have put huge amounts of effort (here I'm talking in terms of at least man-centuries) into the systems you're using. You aren't going to improve on what they've done without a respectable amount of study and probably quite a bit of experimentation. You might be better advised to take a deep breath and spend some time learning about the systems (and their security) before you try doing anything to improve them. Bear in mind that even if you get ClamAV working perfectly, just by using it carelessly you can cause problems for an otherwise working system. Especially note the memory requirements; you will probably need a gigabyte of RAM for the signature database alone, and if your configuration doesn't take precautions you may need twice that to do a clamd database reload. Things will probably go really slow if you make the system 'swap'. -- 73, Ged. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
