[Clamav-users] milter issues FreeBSD4.10
I just upgraded a way old, working clam installation but now it doesnt work ;( Clam is marking dirty files as clean and forwarding them to accounts. any ideas for what to look at would be greatly appreciated. snipped header x-virus-scanned: ClamAV version 0.85.1, clamav-milter version 0.85 on -- x-virus-status: Clean /snip su-2.05b# cat /etc/rc.conf |grep clam clamav_clamd_enable=YES clamav_milter_enable=YES clamav_milter_socket=/var/run/clamav/clmilter.sock clamav_milter_flags=--postmaster-only --local --outgoing --max-children=50 --quarantine-dir=/var/mail/quarantine ls -al /var/mail/ |grep quarantine drwx-- 2 clamav clamav 512 Jun 22 23:08 quarantine my conf has: LogFile /var/log/clamav/clamd.log LogFileMaxSize 10M LogTime LogClean LogSyslog LogVerbose PidFile /var/run/clamav/clamd.pid TemporaryDirectory /tmp DatabaseDirectory /var/db/clamav LocalSocket /var/run/clamav/clamd FixStaleSocket StreamMaxLength 20M User clamav AllowSupplementaryGroups Debug ScanPE ScanOLE2 ScanMail MailFollowURLs ScanArchive ArchiveMaxFileSize 15M -bash-2.05b$ ps -ax |grep clam 761 ?? Is 0:00.00 /usr/local/sbin/clamd 912 ?? Ss 0:00.19 /usr/local/sbin/clamav-milter --postmaster-only --local --outgoing --max-children=50 --quarantine-dir=/var/mail/quarantine -bash-2.05b$ ls -al /var/run/clamav/ total 10 drwxr-xr-x 2 clamav clamav 512 Jun 23 00:14 . drwxr-xr-x 6 rootwheel 512 Jun 22 23:17 .. -rw-rw 1 clamav clamav4 Jun 23 00:14 clamav-milter.pid srwxrwxrwx 1 clamav clamav0 Jun 23 00:04 clamd -rw-rw 1 clamav clamav3 Jun 23 00:04 clamd.pid srwxr-xr-x 1 clamav clamav0 Jun 23 00:14 clmilter.sock -rw-rw 1 clamav clamav3 Jun 22 23:49 freshclam.pid my mc has this: INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m$ INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter.sock, F=, T=$ define(`confINPUT_MAIL_FILTERS', `clmilter, spamassassin') ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] milter issues FreeBSD4.10
On Thu, 23 Jun 2005, Ed Stover wrote: I just upgraded a way old, working clam installation but now it doesnt work ;( Clam is marking dirty files as clean and forwarding them to accounts. any ideas for what to look at would be greatly appreciated. Just a thought, but maybe freshclam isn't running, or isn't updating the signatures in the same directory that clamav-milter is looking for them in? Are you catching any viruses at all? For example, can you catch an eicar? It might help to use clmilter_watch to test. Damian Menscher -- -=#| Physics Grad Student SysAdmin @ U Illinois Urbana-Champaign |#=- -=#| 488 LLP, 1110 W. Green St, Urbana, IL 61801 Ofc:(217)333-0038 |#=- -=#| 4602 Beckman, VMIL/MS, Imaging Technology Group:(217)244-3074 |#=- -=#| [EMAIL PROTECTED] www.uiuc.edu/~menscher/ Fax:(217)333-9819 |#=- -=#| The above opinions are not necessarily those of my employers. |#=- ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libcrypto.so.4
Thank's a lot. David - Original Message - From: Randal, Phil [EMAIL PROTECTED] To: ClamAV users ML clamav-users@lists.clamav.net Sent: Wednesday, June 22, 2005 4:48 PM Subject: RE: [Clamav-users] libcrypto.so.4 David Kandou wrote: Dear all, When I want to install clamav 0.85 (rpm version) i found that clamav need libcrypto.so.4 installed. Can anybody help me how to get libcrypto.so.4 ??? Regards, David Kandou That's an OpenSSL library (see http://www.rpmfind.net/linux/rpm2html/search.php?query=libcrypto.so.4su bmit=Search). Make sure the current OpenSSL RPM for your OS is properly installed and try rebuilding ClamAV. Cheers, Phil Phil Randal Network Engineer Herefordshire Council Hereford, UK ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] milter issues FreeBSD4.10
Damian Menscher wrote: On Thu, 23 Jun 2005, Ed Stover wrote: I just upgraded a way old, working clam installation but now it doesnt work ;( Clam is marking dirty files as clean and forwarding them to accounts. any ideas for what to look at would be greatly appreciated. Just a thought, but maybe freshclam isn't running, or isn't updating the signatures in the same directory that clamav-milter is looking for them in? Actually fresh clam is running, I snipped it from the post because I didnt think that it was relivant. Fresh clam is running as a daemon and updating several times daily, and I have ran it by hand to ensure the sigs are up todate. Are you catching any viruses at all? For example, can you catch an eicar? Not that I can see, I was sending my self the test sigs that come with clamav but all were stamped clean by clamav. ... wierd huh? It might help to use clmilter_watch to test. Damian Menscher ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] undefined reference to `smfi_opensocket in clamav 0.86
I am using sendmail 8.13.4 on a redhat 7.3 system. .85.1 compiled as a milter with no issues while .86 reports the following errors. clamav-milter.o(.text+0xe46): In function `main': /usr/src/clamav-0.86/clamav-milter/clamav-milter.c:1577: undefined reference to `smfi_opensocket' I have checked the list, and found this suggestion: That's defined in libmilter/mfapi.h, so see if you: a) Have it in place (it should be caught by ./configure), typically in /usr/include/libmilter/mfapi.h. b) Possibly have duplicate copies that it's finding at compile time. and have found only one mfapi.h in the /usr/include/libmilter dir. Nay help would be great thanks. James ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] undefined reference to `smfi_opensocket in clamav 0.86
James Conner wrote: I am using sendmail 8.13.4 on a redhat 7.3 system. .85.1 compiled as a milter with no issues while .86 reports the following errors. clamav-milter.o(.text+0xe46): In function `main': /usr/src/clamav-0.86/clamav-milter/clamav-milter.c:1577: undefined reference to `smfi_opensocket' You installed sendmail from source right? libmilter.a is missing/outdated. From the libmilter readme (which I missed, but didn't affect me till now) ...It is necessary to first build libmilter.a, which can be done by issuing the './Build' command in SRCDIR/libmilter -Troy ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] undefined reference to `smfi_opensocket in clamav 0.86
Troy Ayers wrote: James Conner wrote: I am using sendmail 8.13.4 on a redhat 7.3 system. .85.1 compiled as a milter with no issues while .86 reports the following errors. clamav-milter.o(.text+0xe46): In function `main': /usr/src/clamav-0.86/clamav-milter/clamav-milter.c:1577: undefined reference to `smfi_opensocket' You installed sendmail from source right? libmilter.a is missing/outdated. From the libmilter readme (which I missed, but didn't affect me till now) ...It is necessary to first build libmilter.a, which can be done by issuing the './Build' command in SRCDIR/libmilter -Troy ___ http://lurker.clamav.net/list/clamav-users.html That did the job, thanks Troy ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] ClamAV Patch
Hello Jorge Valdes, Attached is a patch that will change this behaviour, and allow all of Please use clamav-devel@ Best regards -- Luca Gibelli (luca at clamav.net) - ClamAV, a GPL virus scanner PGP Key Fingerprint: C782 121E 8C3A 90E3 7A87 D802 6277 8FF4 5EFC 5582 PGP Key Available on: Key Servers || http://www.clamav.net/gpg/luca.gpg ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] WARNING: Local version: 0.86 Recommended version: 0.85.1
Hello Damian Menscher, WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.86 Recommended version: 0.85.1 Any ideas what's going on? Don't worry about it... apparently the human updating the DNS record That's me :) just goofed, but it looks like it's already been fixed. [snip] Then they enable the warnings. (In this case it appears they enabled warnings but forgot to update the dns record to 0.86, so it warned people to move to 0.85.1.) No, I didn't. I don't know what the cause of the warning message was, but it was not a change in the dns record for sure. In fact the flag to enable warnings has always been 0 since the release of 0.86. The problem with that, is if someone is running 0.85, they should continue to get warned to upgrade, even if people running 0.85.1 should That's correct. Best regards -- Luca Gibelli (luca at clamav.net) - ClamAV, a GPL virus scanner PGP Key Fingerprint: C782 121E 8C3A 90E3 7A87 D802 6277 8FF4 5EFC 5582 PGP Key Available on: Key Servers || http://www.clamav.net/gpg/luca.gpg ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] WARNING: Local version: 0.86 Recommended version: 0.85.1
On Thu, 23 Jun 2005, Luca Gibelli wrote: Hello Damian Menscher, WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.86 Recommended version: 0.85.1 Any ideas what's going on? Don't worry about it... apparently the human updating the DNS record just goofed, but it looks like it's already been fixed. [snip] Then they enable the warnings. (In this case it appears they enabled warnings but forgot to update the dns record to 0.86, so it warned people to move to 0.85.1.) No, I didn't. I don't know what the cause of the warning message was, but it was not a change in the dns record for sure. In fact the flag to enable warnings has always been 0 since the release of 0.86. In that case, we have a serious problem. The ONLY way this message could come about is if the DNS TXT record for current.cvd.clamav.net was formatted as 0.85.1:32:954:timestamp:# where timestamp was greater than Jun 23 02:37:01 GMT (3 hours before I saw the problem) and the final # was a character other than 0 (or didn't exist at all). So, if you didn't do it, and none of the other team-members did it, then who did? This raises an interesting issue: if an attacker figures out how to poison the DNS server, nobody would get updates. As unlikely as that seems, it makes me wonder if we should consider having a backup DNS server, or even configure clients to do the HTTP check for updates (on a very limited basis, like once a day). (BTW, this was reported in #clamav, here, and I saw it in my own logs. So it wasn't just a fluke of someone's local DNS server getting confused and giving the wrong info. Also, the fact that the timestamp was correct indicates this was a deliberate change, not the appearance of some ancient cached data from before 0.86.) Some timestamps (in GMT) for the record: I saw the problem at 05:37:01, but not at 05:52:00. Bill saw it at 05:52:07. And lizdeika on IRC reported it at 06:10, though presumably it had seen it earlier than that. Damian Menscher -- -=#| Physics Grad Student SysAdmin @ U Illinois Urbana-Champaign |#=- -=#| 488 LLP, 1110 W. Green St, Urbana, IL 61801 Ofc:(217)333-0038 |#=- -=#| 4602 Beckman, VMIL/MS, Imaging Technology Group:(217)244-3074 |#=- -=#| [EMAIL PROTECTED] www.uiuc.edu/~menscher/ Fax:(217)333-9819 |#=- -=#| The above opinions are not necessarily those of my employers. |#=- ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] WARNING: Local version: 0.86 Recommended version: 0.85.1
On Thu, 23 Jun 2005 15:14:02 -0500 (CDT) in [EMAIL PROTECTED] Damian Menscher [EMAIL PROTECTED] wrote: Some timestamps (in GMT) for the record: I saw the problem at 05:37:01, but not at 05:52:00. Bill saw it at 05:52:07. And lizdeika on IRC reported it at 06:10, though presumably it had seen it earlier than that. Same thing here, OK at 0613 GMT, then the error at 0643 and 0712, normal again at 0741. -- Brian Morrison bdm at fenrir dot org dot uk GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Clamav 0.86 and APT-GET
Hello! This is my first post to list. I have problems to get the new version using APT on Debian based system, I make an apt-get update, next apt-get install clamav says that I'm up to date, looking on my cache (apt-cache showpkg clamav) they say package version 0.85.1. I need to change some link on my sources.list? Previous releases (like 0.85.1) have installed without problems using apt-get, so I think it is a sources problem or version not available yet. Thanks, PostData: sorry for my english :) -- Gerardo Ponce Mar del Plata - Argentina ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] WARNING: Local version: 0.86 Recommended version: 0.85.1
Hello Damian Menscher, So, if you didn't do it, and none of the other team-members did it, then who did? This raises an interesting issue: if an attacker figures out how to poison the DNS server, nobody would get updates. As unlikely as that seems, it makes me wonder if we should consider having a backup DNS we have 7 slave servers + 2 (ghost) masters. server, or even configure clients to do the HTTP check for updates (on a very limited basis, like once a day). if they can poison dns, they can also point db.*.clamav.net and database.clamav.net to a server without the latest updates. Falling back to http doesn't solve the problem. (BTW, this was reported in #clamav, here, and I saw it in my own logs. So it wasn't just a fluke of someone's local DNS server getting confused and giving the wrong info. Also, the fact that the timestamp was correct indicates this was a deliberate change, not the appearance of some ancient cached data from before 0.86.) Some timestamps (in GMT) for the record: I saw the problem at 05:37:01, but not at 05:52:00. Bill saw it at 05:52:07. And lizdeika on IRC reported it at 06:10, though presumably it had seen it earlier than that. my only explanation is that one of the slave servers hasn't received any update during the last 2 days for the cvd.clamav.net zone. I'll start investigating. I guess the weak point is that I'm not closely monitoring the status of the dns slaves, I only keep an eye on the logs of the master servers through logcheck, but evidently we need something better. I'll make it one of my priorities. Thanks for your reports. Best regards -- Luca Gibelli (luca at clamav.net) - ClamAV, a GPL virus scanner PGP Key Fingerprint: C782 121E 8C3A 90E3 7A87 D802 6277 8FF4 5EFC 5582 PGP Key Available on: Key Servers || http://www.clamav.net/gpg/luca.gpg ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] WARNING: Local version: 0.86 Recommended version: 0.85.1
On Thu, 23 Jun 2005, Luca Gibelli wrote: Hello Damian Menscher, (BTW, this was reported in #clamav, here, and I saw it in my own logs. So it wasn't just a fluke of someone's local DNS server getting confused and giving the wrong info. Also, the fact that the timestamp was correct indicates this was a deliberate change, not the appearance of some ancient cached data from before 0.86.) my only explanation is that one of the slave servers hasn't received any update during the last 2 days for the cvd.clamav.net zone. I'll start investigating. If that were the case, wouldn't we have seen warnings that the timestamp was outdated (it has to be newer than 3 hours ago)? Or does the slave server update the timestamp itself? I'd suggest NOT having the slaves update the timestamp. Damian Menscher -- -=#| Physics Grad Student SysAdmin @ U Illinois Urbana-Champaign |#=- -=#| 488 LLP, 1110 W. Green St, Urbana, IL 61801 Ofc:(217)333-0038 |#=- -=#| 4602 Beckman, VMIL/MS, Imaging Technology Group:(217)244-3074 |#=- -=#| [EMAIL PROTECTED] www.uiuc.edu/~menscher/ Fax:(217)333-9819 |#=- -=#| The above opinions are not necessarily those of my employers. |#=- ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clamav 0.86 and APT-GET
On Thu, Jun 23, 2005 at 05:51:16PM -0300, Gerardo Ponce said: Hello! This is my first post to list. I have problems to get the new version using APT on Debian based system, I make an apt-get update, next apt-get install clamav says that I'm up to date, looking on my cache (apt-cache showpkg clamav) they say package version 0.85.1. I need to change some link on my sources.list? Previous releases (like 0.85.1) have installed without problems using apt-get, so I think it is a sources problem or version not available yet. Debian maintainer hat on 0.86 has ben uploaded, but only to unstable. I am trying to get the new version into volatile.debian.net, but they have fairly strict acceptance policies - not every new version qualifies. I have been busy lately and have not updated my site on people.debian.org recently, for which I am sorry. I am going to try to make it a priority before the weekend. So, if you don't have volatile.debian.net in your sources list, look there, they have apt lines for you. If you do, take a look at people.debian.org/~sgran, and use the apt lines there. I should have a new version up shortly. Take care, -- -- | Stephen Gran | Don't tell any big lies today. Small | | [EMAIL PROTECTED] | ones can be just as effective. | | http://www.lobefin.net/~steve | | -- signature.asc Description: Digital signature ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] WARNING: Local version: 0.86 Recommended version: 0.85.1
Hello Damian Menscher, my only explanation is that one of the slave servers hasn't received any update during the last 2 days for the cvd.clamav.net zone. I'll start investigating. If that were the case, wouldn't we have seen warnings that the timestamp was outdated (it has to be newer than 3 hours ago)? You are right... Or does the slave server update the timestamp itself? I'd suggest NOT having the slaves update the timestamp. Of course they don't :) that would make the timestamp itself almost useless. Best regards -- Luca Gibelli (luca at clamav.net) - ClamAV, a GPL virus scanner PGP Key Fingerprint: C782 121E 8C3A 90E3 7A87 D802 6277 8FF4 5EFC 5582 PGP Key Available on: Key Servers || http://www.clamav.net/gpg/luca.gpg ___ http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] WARNING: Local version: 0.86 Recommended version:0.85.1
Damian wrote:
So, if you didn't do it, and none of the other team-members did it,
then who did? This raises an interesting issue: if an attacker
figures out how to poison the DNS server, nobody would get updates.
Worse, an attacker could point the records to a server under their own control,
with malicious virus definitions. I'll let everyone imagine the worst-case
consequences of that.
--
Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902
Hispanic Business Inc./HireDiversity.com Software Engineer
perl -emap{y/a-z/l-za-k/;print}shift Jjhi pcdiwtg Ptga wprztg,
___
http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] WARNING: Local version: 0.86 Recommendedversion:0.85.1
Matthew van Eerde wrote:
Damian wrote:
So, if you didn't do it, and none of the other team-members did it,
then who did? This raises an interesting issue: if an attacker
figures out how to poison the DNS server, nobody would get updates.
Worse, an attacker could point the records to a server under their
own control, with malicious virus definitions. I'll let everyone
imagine the worst-case consequences of that.
Or are the virus definition update packages signed? If so, and freshclam were
to check the signature of the package before accepting the update, that would
mitigate this concern.
--
Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902
Hispanic Business Inc./HireDiversity.com Software Engineer
perl -emap{y/a-z/l-za-k/;print}shift Jjhi pcdiwtg Ptga wprztg,
___
http://lurker.clamav.net/list/clamav-users.html
RE: [Clamav-users] WARNING: Local version: 0.86 Recommended version:0.85.1
On Thu, 23 Jun 2005 [EMAIL PROTECTED] wrote: Damian wrote: So, if you didn't do it, and none of the other team-members did it, then who did? This raises an interesting issue: if an attacker figures out how to poison the DNS server, nobody would get updates. Worse, an attacker could point the records to a server under their own control, with malicious virus definitions. I'll let everyone imagine the worst-case consequences of that. You almost made me cry. Then I remembered the CVD files are signed using RSA. So there isn't a serious concern, unless someone figures out how to factor a really big number (or one of the signature maintainers goes crazy). Damian Menscher -- -=#| Physics Grad Student SysAdmin @ U Illinois Urbana-Champaign |#=- -=#| 488 LLP, 1110 W. Green St, Urbana, IL 61801 Ofc:(217)333-0038 |#=- -=#| 4602 Beckman, VMIL/MS, Imaging Technology Group:(217)244-3074 |#=- -=#| [EMAIL PROTECTED] www.uiuc.edu/~menscher/ Fax:(217)333-9819 |#=- -=#| The above opinions are not necessarily those of my employers. |#=- ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] WARNING: Local version: 0.86 Recommended version:0.85.1
On Thu, 23 Jun 2005 14:39:47 -0700 in [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Damian wrote: So, if you didn't do it, and none of the other team-members did it, then who did? This raises an interesting issue: if an attacker figures out how to poison the DNS server, nobody would get updates. Worse, an attacker could point the records to a server under their own control, with malicious virus definitions. I'll let everyone imagine the worst-case consequences of that. But they would need access to the signing keys used by the database creators or ClamAV would simply ignore the new versions as being tainted. -- Brian Morrison bdm at fenrir dot org dot uk GnuPG key ID DE32E5C5 - http://wwwkeys.uk.pgp.net/pgpnet/wwwkeys.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clamav 0.86 and APT-GET
On Thu, Jun 23, 2005 at 05:51:16PM -0300, Gerardo Ponce said: Hello! This is my first post to list. I have problems to get the new version using APT on Debian based system, I make an apt-get update, next apt-get install clamav says that I'm up to date, looking on my cache (apt-cache showpkg clamav) they say package version 0.85.1. So, you have publically shamed me into getting my act back together :) 0.86.1 is up on people.debian.org/~sgran. voltile may take some time longer. -- -- | Stephen Gran | BOFH excuse #97: Small animal kamikaze | | [EMAIL PROTECTED] | attack on power supplies| | http://www.lobefin.net/~steve | | -- signature.asc Description: Digital signature ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clamav 0.86 and APT-GET
This is my first post to list. I have problems to get the new version using APT on Debian based system, I make an apt-get update, next apt-get install clamav says that I'm up to date, looking on my cache (apt-cache showpkg clamav) they say package version 0.85.1. Hmm, I installed from unstable today around 2:00pm. Try 'apt-cache policy clamav' Have you included unstable sources in /etc/apt/sources.list ? and given usnstable low priority in /etc/apt/preferences ? See: http://jaqque.sbih.org/kplug/apt-pinning.html ClamAV is the one and only thing I install from unstable. So, you have publically shamed me into getting my act back together :) 0.86.1 is up on people.debian.org/~sgran. voltile may take some time longer. -- I think you do a great job, I don't think there is an easier way to install clamav than the Debian way. D.J. Fan _ FREE pop-up blocking with the new MSN Toolbar get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/ ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] The dreaded undefined reference to `smfi_opensocket' with clamav-0.86.1 on FreeBSD 5.2.1 and sendmail-8.13.3
I've scoured the web and only found the reference to configure using the wrong mfapi.h. Since I know my sendmail-8.13.3 mfapi.h is the only one it can be using, what else could be causing this? I'm baffled by this, clamav-0.86.1 builds and runs fine on a FreeBSD 4.5 release box with sendmail 8.12.11 running on it. The clamav-0.86.1 build dies with undefined reference to `smfi_opensocket' on my FreeBSD 5.2.1 box running sendmail 8.13.3. clamav-0.85.1 was previously built and that milter has been running fine on the same FreeBSD 5.2.1 box. I have verified that /usr/include/libmilter/mfapi.h is identical to the sendmail-8.13.3/include/libmilter/mfapi.h which is running on the same FreeBSD 5.2.1-RELEASE box. configure:12376: checking libmilter/mfapi.h usability configure:12388: gcc -c -I/usr/local/include conftest.c 5 configure:12394: $? = 0 configure:12397: test -z || test ! -s conftest.err configure:12400: $? = 0 configure:12403: test -s conftest.o configure:12406: $? = 0 configure:12416: result: yes configure:12420: checking libmilter/mfapi.h presence configure:12430: gcc -E conftest.c configure:12436: $? = 0 configure:12456: result: yes configure:12491: checking for libmilter/mfapi.h configure:12498: result: yes # locate mfapi dir path.../sendmail-8.12.10/include/libmilter/mfapi.h dir path.../sendmail-8.13.3/include/libmilter/mfapi.h /usr/include/libmilter/mfapi.h I even tried using the sendmail-8.12.10 mfapi.h for kicks, same smfi_opensocket error. Making all in clamav-milter if gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../clamd -I../libclamav -I../shared -I/usr/local/include -MT clamav-milter.o -MD -MP -MF .deps/clamav-milter.Tpo -c -o clamav-milter.o clamav-milter.c; then mv -f .deps/clamav-milter.Tpo .deps/clamav-milter.Po; else rm -f .deps/clamav-milter.Tpo; exit 1; fi /usr/local/bin/bash ../libtool --mode=link gcc -I/usr/local/include -L/usr/local/lib -o clamav-milter cfgparser.o getopt.o memory.o misc.o clamav-milter.o ../libclamav/libclamav.la -lmilter -pthread -lc_r -lwrap gcc -I/usr/local/include -o .libs/clamav-milter cfgparser.o getopt.o memory.o misc.o clamav-milter.o -L/usr/local/lib ../libclamav/.libs/libclamav.so -lz -lbz2 -lgmp -lmilter -lc_r -lwrap -Wl,--rpath -Wl,/usr/local/lib clamav-milter.o: In function `main': clamav-milter.o(.text+0x1eb5): undefined reference to `smfi_opensocket' *** Error code 1 Stop in /html/projects/clamav/clamav-0.86.1/clamav-milter. *** Error code 1 Stop in /html/projects/clamav/clamav-0.86.1. *** Error code 1 Stop in /html/projects/clamav/clamav-0.86.1. TIA for any more insight into this one. Henry J. Henry Priebe Jr.Blue Moon Internet Corp Network Administrator www.bluemoon.net Internet Access Web Hosting www.railfan.netRailfan Network Services ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] The dreaded undefined reference to `smfi_opensocket' with clamav-0.86.1 on FreeBSD 5.2.1 and sendmail-8.13.3
Blue Moon System Operator wrote: I've scoured the web and only found the reference to configure using the wrong mfapi.h. Since I know my sendmail-8.13.3 mfapi.h is the only one it can be using, what else could be causing this? I'm baffled by this, clamav-0.86.1 builds and runs fine on a FreeBSD 4.5 release box with sendmail 8.12.11 running on it. The clamav-0.86.1 build dies with undefined reference to `smfi_opensocket' on my FreeBSD 5.2.1 box running sendmail 8.13.3. clamav-0.85.1 was previously built and that milter has been running fine on the same FreeBSD 5.2.1 box. I have verified that /usr/include/libmilter/mfapi.h is identical to the sendmail-8.13.3/include/libmilter/mfapi.h which is running on the same FreeBSD 5.2.1-RELEASE box. configure:12376: checking libmilter/mfapi.h usability configure:12388: gcc -c -I/usr/local/include conftest.c 5 configure:12394: $? = 0 configure:12397: test -z || test ! -s conftest.err configure:12400: $? = 0 configure:12403: test -s conftest.o configure:12406: $? = 0 configure:12416: result: yes configure:12420: checking libmilter/mfapi.h presence configure:12430: gcc -E conftest.c configure:12436: $? = 0 configure:12456: result: yes configure:12491: checking for libmilter/mfapi.h configure:12498: result: yes # locate mfapi dir path.../sendmail-8.12.10/include/libmilter/mfapi.h dir path.../sendmail-8.13.3/include/libmilter/mfapi.h /usr/include/libmilter/mfapi.h I even tried using the sendmail-8.12.10 mfapi.h for kicks, same smfi_opensocket error. Making all in clamav-milter if gcc -DHAVE_CONFIG_H -I. -I. -I.. -I../clamd -I../libclamav -I../shared -I/usr/local/include -MT clamav-milter.o -MD -MP -MF .deps/clamav-milter.Tpo -c -o clamav-milter.o clamav-milter.c; then mv -f .deps/clamav-milter.Tpo .deps/clamav-milter.Po; else rm -f .deps/clamav-milter.Tpo; exit 1; fi /usr/local/bin/bash ../libtool --mode=link gcc -I/usr/local/include -L/usr/local/lib -o clamav-milter cfgparser.o getopt.o memory.o misc.o clamav-milter.o ../libclamav/libclamav.la -lmilter -pthread -lc_r -lwrap gcc -I/usr/local/include -o .libs/clamav-milter cfgparser.o getopt.o memory.o misc.o clamav-milter.o -L/usr/local/lib ../libclamav/.libs/libclamav.so -lz -lbz2 -lgmp -lmilter -lc_r -lwrap -Wl,--rpath -Wl,/usr/local/lib clamav-milter.o: In function `main': clamav-milter.o(.text+0x1eb5): undefined reference to `smfi_opensocket' *** Error code 1 Stop in /html/projects/clamav/clamav-0.86.1/clamav-milter. *** Error code 1 Stop in /html/projects/clamav/clamav-0.86.1. *** Error code 1 Stop in /html/projects/clamav/clamav-0.86.1. TIA for any more insight into this one. Henry J. Henry Priebe Jr.Blue Moon Internet Corp Network Administrator www.bluemoon.net Internet Access Web Hosting www.railfan.netRailfan Network Services ___ http://lurker.clamav.net/list/clamav-users.html Ran into this one myself today.. cd SENDMAILSRC/libmilter ./Build make install then run make on clamav James -- James Conner Passageway Communications Phone: 403-862-2290 Photo Galleries: http://www.pbase.com/bish0p Random Ramblings: http://blogs.passageway.com/james ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] memory usage, a weird observation
one of the things i've noticed - and it could be confirmation bias, i'll admit up front - but i swear that every *other* release of clamav i run into memory usage problems with clamd. for example, .85 ran for a good long while, never a problem .85.1 clamd would routinely blow up in size until it exhausted free memory .86 ran fine .86.1 clamd again blowing up in size regularly. i've had to restart clamd twice in the last thirty minutes, because the server became starved, for example: PID USERNAME PRI NICE SIZERES STATE C TIME WCPUCPU COMMAND 78403 qscand 1240 308M 293M CPU1 1 10:01 67.14% 67.14% clamd that's a big honkin clamd. again, these are casual observations. i could be full of it up to the hairline, it's happened before. Paul Theodoropoulos http://www.anastrophe.com http://www.smileglobal.com ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] memory usage, a weird observation
On Thu, 23 Jun 2005 [EMAIL PROTECTED] wrote: one of the things i've noticed - and it could be confirmation bias, i'll admit up front - but i swear that every *other* release of clamav i run into memory usage problems with clamd. for example, .85 ran for a good long while, never a problem .85.1 clamd would routinely blow up in size until it exhausted free memory .86 ran fine .86.1 clamd again blowing up in size regularly. Just FYI, the difference between 0.86 and 0.86.1 is a single character in the source code. So it seems incredibly unlikely that 0.86 would be fine and 0.86.1 would blow up regularly. That said, have you tried falling back to 0.86? It would be interesting to see what happens there. I run clamav-milter (only, no clamd) on some fairly low-traffic mailservers (3000 messages/day) so I can't really comment on memory usage, other than to say that clamav-milter 0.86.1 is using 9 meg ram (per thread, 1.5 meg shared) even after 6 hours of running. Of course, I never saw a problem on 0.85.1 either. Damian Menscher -- -=#| Physics Grad Student SysAdmin @ U Illinois Urbana-Champaign |#=- -=#| 488 LLP, 1110 W. Green St, Urbana, IL 61801 Ofc:(217)333-0038 |#=- -=#| 4602 Beckman, VMIL/MS, Imaging Technology Group:(217)244-3074 |#=- -=#| [EMAIL PROTECTED] www.uiuc.edu/~menscher/ Fax:(217)333-9819 |#=- -=#| The above opinions are not necessarily those of my employers. |#=- ___ http://lurker.clamav.net/list/clamav-users.html
