Hi there,
On Tue, 8 Dec 2020, Gal Cohen wrote:
I'm serving cvd files from a local server, when I run freshclam on my
server it takes some runes until the daily.cvd is updated even though the
remote version was updated a while ago.
Please clarify that the daily.cvd file which you are talking about is
the one on the "local server" which serves the .cvd file, and that you
are not talking about .cvd files on the clients of your local server.
Please explain exactly how you installed ClamAV on the local server.
...
DatabaseOwner root
...
Bad idea, but probably not related to your problem.
"daily database available for update (local version: 26009, remote version:
26010)
*The daily.cvd database downloaded from https://database.clamav.net is one
version older than advertised in the DNS TXT record.
Database test passed.
daily.cvd updated (version: 26009, sigs: 4351133, f-level: 63, builder:
raynman)"
Please include timestamps on the logs next time. Here's my freshclam
log for the update to version 26009. It took about 34 seconds total
and it isn't a very fast box (a Raspberry Pi 4B). As you see I have
daily.cld not daily.cvd, I wonder if it might make a difference.
Sat Dec 5 18:15:49 2020 -> Received signal: wake up
Sat Dec 5 18:15:49 2020 -> ClamAV update process started at Sat Dec 5
18:15:49 2020
Sat Dec 5 18:15:50 2020 -> daily database available for update (local version:
26008, remote version: 26009)
Sat Dec 5 18:15:57 2020 -> Testing database:
'/EXPORTS/clamav/databases/tmp.06d3200a0e/clamav-223cf5c8f023bca440730a45c874e079.tmp-daily.cld'
...
Sat Dec 5 18:16:23 2020 -> Database test passed.
Sat Dec 5 18:16:23 2020 -> daily.cld updated (version: 26009, sigs: 4351133,
f-level: 63, builder: raynman)
Sat Dec 5 18:16:23 2020 -> main.cvd database is up to date (version: 59, sigs:
4564902, f-level: 60, builder: sigmgr)
Sat Dec 5 18:16:23 2020 -> bytecode.cvd database is up to date (version: 331,
sigs: 94, f-level: 63, builder: anvilleg)
I have never seen freshclam download an older file than the one which
is claimed in the DNS to be the latest. How often are you checking
for updates?
Do I need to change my configuration or is it a bug on the 102.4 clamav version?
There will be other possible explanations. I don't see how a fault or
a misconfiguration at the client end might cause the remote server to
serve an out of date database file but perhaps you can let us see the
output of 'clamconf' for completeness anyway.
If one of the ClamAV mirrors is serving outdated files then I'm sure
that the ClamAV team will want to know about it. Please give full log
details including timestamps and the IP address(es) from which the
.cvd files were downloaded. Without more information it's difficult
to know what the problem might be, it might help if you investigate
with something like Wireshark. I wonder if your DNS setup might need
some work but that's just a guess.
--
73,
Ged.
___
clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml