Public bug reported: In my syslog I can see messages such as "Update failed. Your network may be down or none of the mirrors listed in /etc/clamav/freshclam.conf is working. Check http://www.clamav.net/doc/mirrors-faq.html for possible reasons." and "WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net". The reason for this seems to be that a machine named warden.pt.local is being used as general purpose http proxy.
If I check in /etc/clamav/freshclam.conf I can see: # Check for new database 24 times a day Checks 24 DatabaseMirror db.local.clamav.net DatabaseMirror database.clamav.net # Proxy: http://warden.pt.local:3142/ HTTPProxyServer warden.pt.local HTTPProxyPort 3142 Which does show that warden is being set up as an HTTP Proxy Server. I did not do this manually though, as the start of said config file suggests with it's message of: # Automatically created by the clamav-freshclam postinst # Comments will get lost when you reconfigure the clamav-freshclam package I believe that the automatic configuration of this package is behaving in the wrong way. It should not be selecting warden as a Proxy. Warden is set as a proxy for APT on my system. It has Apt-Cacher NG installed for this purpose. In my /etc area, warden is only mentioned in the /etc/apt/apt.conf.d/02proxy file and in the automatically generated /etc/clamav/freshclam.conf file. $ sudo rgrep warden.pt.local /etc/ /etc/clamav/freshclam.conf:# Proxy: http://warden.pt.local:3142/ /etc/clamav/freshclam.conf:HTTPProxyServer warden.pt.local /etc/apt/apt.conf.d/02proxy:Acquire::http { Proxy "http://warden.pt.local:3142";; }; When I check other machines on my network that have a similar setting for apt, they also express this error messages about clamav in their syslogs. As far as I can see both 14.04 and 16.04 machines exhibit the same behaviour. Syslog sample: Oct 7 12:34:53 thorne-ul-dt freshclam[25718]: Received signal: wake up Oct 7 12:34:53 thorne-ul-dt freshclam[25718]: ClamAV update process started at Fri Oct 7 12:34:53 2016 Oct 7 12:34:53 thorne-ul-dt freshclam[25718]: Connecting via warden.pt.local Oct 7 12:34:53 thorne-ul-dt freshclam[25718]: main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer) Oct 7 12:34:53 thorne-ul-dt freshclam[25718]: Connecting via warden.pt.local Oct 7 12:34:58 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:34:58 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:35:01 thorne-ul-dt CRON[7552]: (munin) CMD (if [ -x /usr/bin/munin-cron ]; then /usr/bin/munin-cron; fi) Oct 7 12:35:01 thorne-ul-dt CRON[7557]: (root) CMD (if [ -x /etc/munin/plugins/apt_all ]; then /etc/munin/plugins/apt_all update 7200 12 >/dev/null; elif [ -x /etc/munin/plugins/apt ]; then /etc/munin/plugins/apt update 7200 12 >/dev/null; fi) Oct 7 12:35:04 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:35:04 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:35:06 thorne-ul-dt systemd[1]: Started CUPS Scheduler. Oct 7 12:35:06 thorne-ul-dt colord[1420]: (colord:1420): Cd-WARNING **: failed to get session [pid 8204]: No such device or address Oct 7 12:35:06 thorne-ul-dt colord[1420]: message repeated 3 times: [ (colord:1420): Cd-WARNING **: failed to get session [pid 8204]: No such device or address] Oct 7 12:35:09 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:35:09 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:35:14 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:35:14 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:35:20 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:35:20 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:35:20 thorne-ul-dt freshclam[25718]: WARNING: Incremental update failed, trying to download daily.cvd Oct 7 12:35:25 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:35:25 thorne-ul-dt freshclam[25718]: WARNING: Can't download daily.cvd from db.local.clamav.net Oct 7 12:35:25 thorne-ul-dt freshclam[25718]: Trying again in 5 secs... Oct 7 12:35:30 thorne-ul-dt freshclam[25718]: ClamAV update process started at Fri Oct 7 12:35:30 2016 Oct 7 12:35:30 thorne-ul-dt freshclam[25718]: Connecting via warden.pt.local Oct 7 12:35:30 thorne-ul-dt freshclam[25718]: main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer) Oct 7 12:35:30 thorne-ul-dt freshclam[25718]: Connecting via warden.pt.local Oct 7 12:35:35 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:35:35 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:35:41 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:35:41 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:35:46 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:35:46 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:35:51 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:35:51 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:35:56 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:35:56 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:35:57 thorne-ul-dt freshclam[25718]: WARNING: Incremental update failed, trying to download daily.cvd Oct 7 12:36:02 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:36:02 thorne-ul-dt freshclam[25718]: WARNING: Can't download daily.cvd from db.local.clamav.net Oct 7 12:36:02 thorne-ul-dt freshclam[25718]: Trying again in 5 secs... Oct 7 12:36:07 thorne-ul-dt freshclam[25718]: ClamAV update process started at Fri Oct 7 12:36:07 2016 Oct 7 12:36:07 thorne-ul-dt freshclam[25718]: Connecting via warden.pt.local Oct 7 12:37:17 thorne-ul-dt freshclam[25718]: Trying again in 5 secs... Oct 7 12:37:22 thorne-ul-dt freshclam[25718]: ClamAV update process started at Fri Oct 7 12:37:22 2016 Oct 7 12:37:22 thorne-ul-dt freshclam[25718]: Connecting via warden.pt.local Oct 7 12:37:22 thorne-ul-dt freshclam[25718]: main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer) Oct 7 12:37:22 thorne-ul-dt freshclam[25718]: Connecting via warden.pt.local Oct 7 12:37:27 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:37:27 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:37:33 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:37:33 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:37:38 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:37:38 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:37:43 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from db.local.clamav.net Oct 7 12:37:43 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:37:49 thorne-ul-dt freshclam[25718]: ERROR: getfile: Unknown response from db.local.clamav.net Oct 7 12:37:49 thorne-ul-dt freshclam[25718]: ERROR: getpatch: Can't download daily-21693.cdiff from db.local.clamav.net Oct 7 12:37:49 thorne-ul-dt freshclam[25718]: WARNING: Incremental update failed, trying to download daily.cvd Oct 7 12:37:54 thorne-ul-dt freshclam[25718]: ERROR: getfile: Unknown response from db.local.clamav.net Oct 7 12:37:54 thorne-ul-dt freshclam[25718]: ERROR: Can't download daily.cvd from db.local.clamav.net Oct 7 12:37:54 thorne-ul-dt freshclam[25718]: Giving up on db.local.clamav.net... Oct 7 12:37:54 thorne-ul-dt freshclam[25718]: ClamAV update process started at Fri Oct 7 12:37:54 2016 Oct 7 12:37:54 thorne-ul-dt freshclam[25718]: Connecting via warden.pt.local Oct 7 12:37:54 thorne-ul-dt freshclam[25718]: main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer) Oct 7 12:37:54 thorne-ul-dt freshclam[25718]: Connecting via warden.pt.local Oct 7 12:37:59 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from database.clamav.net Oct 7 12:37:59 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from database.clamav.net Oct 7 12:38:04 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from database.clamav.net Oct 7 12:38:04 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from database.clamav.net Oct 7 12:38:10 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from database.clamav.net Oct 7 12:38:10 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from database.clamav.net Oct 7 12:38:15 thorne-ul-dt freshclam[25718]: WARNING: getfile: Unknown response from database.clamav.net Oct 7 12:38:15 thorne-ul-dt freshclam[25718]: WARNING: getpatch: Can't download daily-21693.cdiff from database.clamav.net Oct 7 12:38:20 thorne-ul-dt freshclam[25718]: ERROR: getfile: Unknown response from database.clamav.net Oct 7 12:38:20 thorne-ul-dt freshclam[25718]: ERROR: getpatch: Can't download daily-21693.cdiff from database.clamav.net Oct 7 12:38:21 thorne-ul-dt freshclam[25718]: WARNING: Incremental update failed, trying to download daily.cvd Oct 7 12:38:26 thorne-ul-dt freshclam[25718]: ERROR: getfile: Unknown response from database.clamav.net Oct 7 12:38:26 thorne-ul-dt freshclam[25718]: ERROR: Can't download daily.cvd from database.clamav.net Oct 7 12:38:26 thorne-ul-dt freshclam[25718]: Giving up on database.clamav.net... Oct 7 12:38:26 thorne-ul-dt freshclam[25718]: Update failed. Your network may be down or none of the mirrors listed in /etc/clamav/freshclam.conf is working. Check http://www.clamav.net/doc/mirrors-faq.html for possible reasons. I am willing to accept that I have mis-configured apt in some way to cause this. If that is likely, how should I setup an apt only http cache? I have not noticed any other program attempt to automatically use apt for all HTTP traffic. Would this bug be a security vulnerability? If a large number of machines do not get av definition updates for months or years at a time I could see how that could compromise a system in some small way. I will avoid marking it as such for now as I am not sure it really is one. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: clamav 0.99.2+dfsg-0ubuntu0.16.04.1 ProcVersionSignature: Ubuntu 4.4.0-38.57-generic 4.4.19 Uname: Linux 4.4.0-38-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.1 Architecture: amd64 CurrentDesktop: Unity Date: Fri Oct 7 13:16:58 2016 InstallationDate: Installed on 2015-03-12 (574 days ago) InstallationMedia: Ubuntu 14.04.2 LTS "Trusty Tahr" - Release amd64 (20150218.1) SourcePackage: clamav UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: clamav (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1631355 Title: clamav autonfiguring a Proxy based on Apt settings To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/clamav/+bug/1631355/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
