On Thu, 15 Jul 2021, Mark E. Mallett wrote: > Date: Thu, 15 Jul 2021 00:57:51 -0400 > From: Mark E. Mallett <m...@schmem.com> > Reply-To: ClamAV users ML <clamav-users@lists.clamav.net> > To: ClamAV users ML <clamav-users@lists.clamav.net> > Subject: Re: [clamav-users] Freshclam updates problem > > Thanks. I haven't seen further error reports since around the time you > sent this. > > -mm- (but there's always tomorrow) > > > > On Thu, Jul 15, 2021 at 02:32:39AM +0000, Micah Snyder (micasnyd) via > clamav-users wrote: > > Hi Mark, > > > > I think I know what happened on your system. The CDN (cloudflare) sometimes > > sends cached responses for daily.cvd downloads, and presumably also does > > for main.cvd. If you got a cached main.cvd version 59 after attempting to > > download version 60, then it would try a new download all over again the > > next time you run freshclam. > > > > We just cleared the cache on cloudflare so hopefully this doesn't happen > > again. Clearing the cache hasn't been reliable, in my experience, so if we > > get more reports of this we'll clear it again. > > > > Meanwhile, we're building a minor patch version for main.cvd and publish > > version 61. Combine that with the daily update for daily.cvd and we should > > be back to normal tomorrow morning. > > > > Regards, > > Micah > > > > > -----Original Message----- > > > From: clamav-users <clamav-users-boun...@lists.clamav.net> On Behalf Of > > > Mark E. Mallett > > > Sent: Wednesday, July 14, 2021 5:51 PM > > > To: ClamAV users ML <clamav-users@lists.clamav.net> > > > Subject: Re: [clamav-users] Freshclam updates problem > > > > > > On Wed, Jul 14, 2021 at 11:55:06PM +0000, Micah Snyder (micasnyd) via > > > clamav-users wrote: > > > > > > ... > > > > > > > > But it seems 0.103 has a second bug where it will patiently wait > > > > until it's at least 2 versions behind before it downloads the whole > > > > CVD database. This behavior is supposed to happen when a private > > > > mirror doesn't have the latest patch file yet, but wasn't supposed to > > > > happen for a zero-byte patch file. So we clearly have 2 bugs to fix > > > > ASAP. > > > > > > FWIW: 0.103.0 here; freshclam does say we're 1 diff behind. It fails to > > > apply the > > > diff with the seek error mentioned: > > > > > > ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed > > > ERROR: downloadPatch: Can't apply patch > > > > > > But then it *does* download the two new .cvd files. Or at least two new > > > .cvd > > > files, I can't tell if they are the latest but I assume so. > > > Next time around, the process repeats and we do the big downloads again. > > > > > > This may be what you meant but it doesn't sound like it. Just thought I'd > > > pipe > > > up. > > > > > > -mm- > > > > > > PS when I first saw the daemon reports I tried clearing the data and > > > running > > > freshclam by hand. Since it downloaded the two new .cvd files I assumed > > > it had > > > self-corrected, so I did the same on all servers. > > > I was surprised on next daemon run to see the errors again, and tried a > > > manual > > > run again and got the same errors. > > > > > > I figured the problem was related to the new thing today; I was going to > > > stop > > > all freshclams until I looked deeper or heard more. But it sounds like > > > wait-and- > > > see for now. > > >
[hubble:root]:(~)# freshclam ClamAV update process started at Thu Jul 15 10:51:15 2021 daily database available for update (local version: 26231, remote version: 26233) Current database is 2 versions behind. Downloading database patch # 26232... ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed ERROR: downloadPatch: Can't apply patch WARNING: Incremental update failed, trying to download daily.cvd Time: 3.8s, ETA: 0.0s [========================>] 54.72MiB/54.72MiB Received an older daily CVD than was advertised. We'll retry so the incremental update will ensure we're up-to-date. daily database available for update (local version: 26231, remote version: 26233) Current database is 2 versions behind. Downloading database patch # 26232... ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed ERROR: downloadPatch: Can't apply patch WARNING: Incremental update failed, trying to download daily.cvd Time: 3.1s, ETA: 0.0s [========================>] 54.72MiB/54.72MiB Received an older daily CVD than was advertised. We'll retry so the incremental update will ensure we're up-to-date. daily database available for update (local version: 26231, remote version: 26233) Current database is 2 versions behind. Downloading database patch # 26232... ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed ERROR: downloadPatch: Can't apply patch WARNING: Incremental update failed, trying to download daily.cvd Time: 3.5s, ETA: 0.0s [========================>] 54.72MiB/54.72MiB Received an older daily CVD than was advertised. We'll retry so the incremental update will ensure we're up-to-date. daily database available for update (local version: 26231, remote version: 26233) Current database is 2 versions behind. Downloading database patch # 26232... ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed ERROR: downloadPatch: Can't apply patch WARNING: Incremental update failed, trying to download daily.cvd Time: 3.5s, ETA: 0.0s [========================>] 54.72MiB/54.72MiB Received an older daily CVD than was advertised. We'll retry so the incremental update will ensure we're up-to-date. daily database available for update (local version: 26231, remote version: 26233) Current database is 2 versions behind. Downloading database patch # 26232... ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed ERROR: downloadPatch: Can't apply patch WARNING: Incremental update failed, trying to download daily.cvd Time: 3.8s, ETA: 0.0s [========================>] 54.72MiB/54.72MiB Received an older daily CVD than was advertised. We'll retry so the incremental update will ensure we're up-to-date. daily database available for update (local version: 26231, remote version: 26233) Current database is 2 versions behind. Downloading database patch # 26232... ERROR: cdiff_apply: lseek(desc, -350, SEEK_END) failed ERROR: downloadPatch: Can't apply patch WARNING: Incremental update failed, trying to download daily.cvd Time: 3.1s, ETA: 0.0s [========================>] 54.72MiB/54.72MiB Received an older daily CVD than was advertised. We'll retry so the incremental update will ensure we're up-to-date. main.cvd database is up-to-date (version: 61, sigs: 6607162, f-level: 90, builder: sigmgr) bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2) [hubble:root]:(~)# [hubble:root]:(~)# clamdscan --version ClamAV 0.103.3/26231/Wed Jul 14 13:05:45 2021 [hubble:root]:(~)# -- Robert M. Stockmann - RHCE Network Engineer - UNIX/Linux Specialist crashrecovery.org st...@stokkie.net _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
