Hi everyone, I replaced the ClamAV using the scripts and everything is working fine but now every three hours I get this message from Cron:
Subject: "Cron <root@hostname> /usr/share/clamav/freshclam-sleep" Body: ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log). ERROR: initialize: libfreshclam init failed. ERROR: Initialization error! I found this in /etc/cron.d/clamav-update running every three hours: ## It is ok to execute it as root; freshclam drops privileges and becomes ## user 'clamupdate' as soon as possible 0 */3 * * * root /usr/share/clamav/freshclam-sleep When I run it in cli it shows nothing but when I run "freshclam -v" I get: ERROR: /var/log/clamav/freshclam.log is locked by another process ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log). ERROR: initialize: libfreshclam init failed. ERROR: Initialization error! So "lsof /var/log/clamav/freshclam.log" gives: COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME freshclam 15895 clamupdate 4wW REG 253,3 52727 8498566 /var/log/clamav/freshclam.log I guess the service clamav-freshclam locks the file and does the same thing the Cron job does, because if I stop it the freshclam command runs without errors. Finally my question is can I safely just remove the clamav-update job from Cron? Thnaks in advance. --- Em 2020-06-24 10:20, Eric Broch escreveu: > Thanks for the tests, adjusted the script and all seems to be working. Let me > know... > > On 6/24/2020 2:55 AM, ChandranManikandan wrote: > Hi Remo, > > Thanks, > I have changed the log path in fresclam.conf and permission was working fine. > > On Wed, Jun 24, 2020 at 2:18 PM Remo Mattei <[email protected]> wrote: > sorry one more tip. The server I had an issue with simscan, then I got qq > soft limit, which I sent an email out .. eventually it will show up, I just > rerun the script (from Eric) and that fixed it. > > Remo > > On Jun 23, 2020, at 10:48 PM, Remo Mattei <[email protected]> wrote: > > so I updated the other production servers I have and all of them had the same > freshclam issues. changed the log options and restarted > > systemctl restart clamav-freshclam.service > that worked just fine. Only one server had an issue with the simscan. > > Just my 2 cents > > On Jun 23, 2020, at 10:18 PM, Remo Mattei <[email protected]> wrote: > > ignore the mariadb error that's on the toaststat script I fixed that nothing > to do with the upgrade :) my bet.. send it to fast! > > On Jun 23, 2020, at 10:12 PM, Remo Mattei <[email protected]> wrote: > > You probably want to check the permissions on your simscan as well. > > chmod 4711 /var/qmail/bin/simscan > > That fixed it. > > On Jun 23, 2020, at 10:10 PM, Remo Mattei <[email protected]> wrote: > > you need to change the permissions on this file > > chown -R clamupdate:clamupdate /var/log/freshclam.log > > freshclam > Tue Jun 23 22:06:29 2020 -> ClamAV update process started at Tue Jun 23 > 22:06:29 2020 > Tue Jun 23 22:06:29 2020 -> *Current working dir is /var/lib/clamav/ > Tue Jun 23 22:06:29 2020 -> *Querying current.cvd.clamav.net [1] > Tue Jun 23 22:06:29 2020 -> *TTL: 1497 > Tue Jun 23 22:06:29 2020 -> *fc_dns_query_update_info: Software version from > DNS: 0.102.3 > Tue Jun 23 22:06:29 2020 -> *Current working dir is /var/lib/clamav/ > Tue Jun 23 22:06:29 2020 -> *check_for_new_database_version: Local copy of > daily found: daily.cld. > Tue Jun 23 22:06:29 2020 -> *query_remote_database_version: daily.cvd version > from DNS: 25852 > Tue Jun 23 22:06:29 2020 -> daily.cld database is up to date (version: 25852, > sigs: 2757399, f-level: 63, builder: raynman) > Tue Jun 23 22:06:29 2020 -> *fc_update_database: daily.cld already > up-to-date. > Tue Jun 23 22:06:29 2020 -> *Current working dir is /var/lib/clamav/ > Tue Jun 23 22:06:29 2020 -> *check_for_new_database_version: Local copy of > main found: main.cld. > Tue Jun 23 22:06:29 2020 -> *query_remote_database_version: main.cvd version > from DNS: 59 > Tue Jun 23 22:06:29 2020 -> main.cld database is up to date (version: 59, > sigs: 4564902, f-level: 60, builder: sigmgr) > Tue Jun 23 22:06:29 2020 -> *fc_update_database: main.cld already up-to-date. > Tue Jun 23 22:06:29 2020 -> *Current working dir is /var/lib/clamav/ > Tue Jun 23 22:06:29 2020 -> *check_for_new_database_version: Local copy of > bytecode found: bytecode.cld. > Tue Jun 23 22:06:29 2020 -> *query_remote_database_version: bytecode.cvd > version from DNS: 331 > Tue Jun 23 22:06:29 2020 -> bytecode.cld database is up to date (version: > 331, sigs: 94, f-level: 63, builder: anvilleg) > Tue Jun 23 22:06:29 2020 -> *fc_update_database: bytecode.cld already > up-to-date. > [email protected]: [/etc/clamd.d] > > On Jun 23, 2020, at 2:33 PM, Eric Broch <[email protected]> wrote: > chown -R clamupdate:clamupdate -- Regards, Manikandan.C Links: ------ [1] http://current.cvd.clamav.net/
