I am running Clamav and freshclam 0.97.1, called from mimedefang, with
sendmail on Solaris 2.9. Starting yesterday morning, clamd has abended
whenever it selfchecks.
The clamd.log reported the following when the problem began:
Wed Oct 19 09:52:25 2011 -> SelfCheck: Database modification detected.
Forcing reload.
Wed Oct 19 09:52:25 2011 -> Reading databases from /opt/ClamAV/share/clamav
Wed Oct 19 09:52:37 2011 -> Database correctly reloaded (1056463 signatures)
Wed Oct 19 10:52:38 2011 -> SelfCheck: Database status OK.
Wed Oct 19 10:56:01 2011 -> +++ Started at Wed Oct 19 10:56:01 2011
Wed Oct 19 10:56:01 2011 -> clamd daemon 0.97.1 (OS: solaris2.9, ARCH:
sparc, CPU: sparc)
Wed Oct 19 10:56:01 2011 -> Log file size limited to 1048576000 bytes.
daily.clv was updated from 13820 to 13822 at 8:54 that morning.
Since, then, a "self-check:database status OK" has not been recorded. The
freshclam log reports:
Received signal: wake up
ClamAV update process started at Thu Oct 20 10:03:18 2011
WARNING: Can't query current.cvd.clamav.net
WARNING: Invalid DNS reply. Falling back to HTTP mode.
Reading CVD header (main.cvd): connect_error: getsockopt(SO_ERROR): fd=5
error=146: Connection refused
Can't connect to port 80 of host db.us.clamav.net (IP: 69.12.162.28)
OK
main.cld is up to date (version: 54, sigs: 1044387, f-level: 60, builder:
sven)
Reading CVD header (daily.cvd): OK (IMS)
daily.cld is up to date (version: 13828, sigs: 15076, f-level: 60, builder:
neo)
Can't query daily.13828.61.1.0.194.186.47.19.ping.clamav.net
Reading CVD header (bytecode.cvd): OK (IMS)
bytecode.cld is up to date (version: 148, sigs: 39, f-level: 60, builder:
acab)
Can't query bytecode.148.61.1.0.194.186.47.19.ping.clamav.net
--------------------------------------
Update process interrupted
--------------------------------------
The daily.cld continues to be updated successfully.
I have a script that checks for an active clamd daemon every minute, and
restarts it when necessary.
ANyone else seeing this problem with clamd and selfchecks, or can give me
some suggestions on how to address it?
As a side note, at 9:30 AM this morning I changed the clamd.conf file to
perform a selfcheck every 7200 seconds. The clamd died, and was restarted
a few minutes after 10AM. But the selfcheck was performed a few minutes
after 11AM (3600 seconds later). I don't understand why it wouldn't go at
two hour intervals.
Thanks
___________________________________
David Alix
Information Systems and Computing
david.a...@isc.ucsb.edu
(805)893-4456
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
