Re: [clamav-users] clamav-milter with sendmail on Fedora 28: init failed to open, to error state, initialization failed, temp failing commands
Any other suggestions on this? Still getting /var/log/clamav-milter.log: Mon Jul 30 08:55:09 2018 -> Probe for slot 1 returned: success So I'm pretty sure it's the setting in /etc/mail/sendmail.mc that needs updating. Here's what we have: INPUT_MAIL_FILTER(`clamav-milter',`S=local:/var/run/clamav-m ilter/clamav-milter.socket,F=T,T=S:4m;R:4m;E:10m')dnl What's the difference between `clamav-milter' vs `clamav' in that line? On Mon, Jul 23, 2018 at 11:51 AM, Robert Kudyba wrote: > However I still get these errors in sendmail: >>> Milter: data, reject=451 4.3.2 Please try again later >>> >> >> the syslog entry should give us more information. >> > > > Jul 23 11:45:33 storm systemd[1]: clamd@scan.service: Main process > exited, code=killed, status=6/ABRT > Jul 23 11:45:33 storm systemd[1]: clamd@scan.service: Failed with result > 'signal'. > Jul 23 11:45:33 storm systemd[1]: clamd@scan.service: Service hold-off > time over, scheduling restart. > Jul 23 11:45:33 storm systemd[1]: clamd@scan.service: Scheduled restart > job, restart counter is at 4. > Jul 23 11:45:33 storm systemd[1]: Stopped Generic clamav scanner daemon. > Jul 23 11:45:33 storm systemd[1]: Starting Generic clamav scanner daemon... > Jul 23 11:45:39 storm clamd[22351]: LibClamAV Error: yyerror(): > /var/lib/clamav/packer.yar line 82 undefined identifier "pe" > [... snip] > Jul 23 11:46:48 storm systemd-journald[623]: Suppressed 418 messages from > clamd@scan.service > Jul 23 11:46:48 storm clamd[22351]: LibClamAV Error: yyerror(): > /var/lib/clamav/maldoc_somerules.yar line 245 undefined identifier > "uint32be" > Jul 23 11:46:48 storm clamd[22351]: LibClamAV Warning: cli_loadyara: > failed to parse or load 1 yara rules from file > /var/lib/clamav/maldoc_somerules.yar, > successfully loaded 15 rules. > Jul 23 11:46:55 storm systemd[1]: Started Generic clamav scanner daemon. > > > The sendmail.mc ClamAV line looks like this: >>> INPUT_MAIL_FILTER(`clamav-milter',`S=local:/var/run/clamav-m >>> ilter/clamav-milter.socket,F=T,T=S:4m;R:4m;E:10m')dnl >>> >> >> Some relevant results from clamconf: >>> >>> ClamdSocket = "unix:/var/run/clamd.scan/clamd.sock" >>> MilterSocket = "/var/run/clamav-milter/clamav-milter.socket" >>> >> >> note that both sendmail and clamav-milter need read/write access to the >> socket as >> long as read/execute access to the directory (to access the socket). >> >> I believe you mean "as well as"? Here are the permissions: > drwx--x--- 2 clamiltclamilt 60 Jul 17 15:49 clamav-milter > drwx--x--- 2 clamscan clamscan 80 Jul 17 15:49 clamd.scan > > srw-r--r-- 1 clamilt virusgroup 0 Jul 17 15:49 clamav-milter.socket > > -rw-rw-r-- 1 clamscan clamscan 4 Jul 17 15:49 clamd.pid > srw-rw-rw- 1 clamscan clamscan 0 Jul 17 15:49 clamd.sock > > ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] clamav-milter with sendmail on Fedora 28: init failed to open, to error state, initialization failed, temp failing commands
Robert Kudyba skrev den 2018-07-30 16:23: Jul 23 11:45:39 storm clamd[22351]: LibClamAV Error: yyerror(): /var/lib/clamav/packer.yar line 82 undefined identifier "pe" remove yar rules clamav is unstable with yara, google it and systemd is not working with milter interfaces ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] clamav-milter with sendmail on Fedora 28: init failed to open, to error state, initialization failed, temp failing commands
> Jul 23 11:45:39 storm clamd[22351]: LibClamAV Error: yyerror(): >> /var/lib/clamav/packer.yar line 82 undefined identifier "pe" >> > > remove yar rules > > clamav is unstable with yara, google it > Yes just found https://github.com/extremeshok/clamav-unofficial-sigs/issues/203#issuecomment-400211109 > and systemd is not working with milter interfaces > Where is this documented or referenced? ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] Partial downloads of updates
I've been having some issues over the last few weeks with freshclam failing to download updates. It appears that it downloads the updates the majority of the way (e.g., 95-99%) but then times out before it finishes the download. (See example log output below.) This may not necessarily be an issue with clamav/freshclam itself, as the problem looks like it might be related to ipv6. (I think I was able to get freshclam to successfully update from an ipv4 site during one recent debugging session.) However, ipv6 definitely does appear to be working on my machine - I do have an ipv6 address for instance, and can successfully access http://ipv6.google.com, and all other internet traffic appears to be working on the box. So if it's an ipv6 issue, I'm not clear what it is. (Perhaps my router's support for ipv6 somehow isn't complete and/or my server is misconfigured for ipv6.) Any pointers in the right direction on how to solve this issue would be greatly appreciated, as I'm rather stumped myself ... and my clam virus defs remain out of date until I can get this fixed. Thanks, DR --- $ sudo freshclam --verbose --debug Retrieving http://database.clamav.net/daily-24792.cdiff Trying to download http://database.clamav.net/daily-24792.cdiff (IP: 2400:cb00:2048:1::6810:b98a) Downloading daily-24792.cdiff [ 97%] nonblock_recv: recv timing out (30 secs) WARNING: getfile: Download interrupted: Operation now in progress (IP: 2400:cb00:2048:1::6810:b98a) WARNING: getpatch: Can't download daily-24792.cdiff from database.clamav.net Querying daily.24792.91.0.0.2400cb00204800016810b98a.ping.clamav.net Retrieving http://database.clamav.net/daily-24792.cdiff Trying to download http://database.clamav.net/daily-24792.cdiff (IP: 2400:cb00:2048:1::6810:bc8a) Downloading daily-24792.cdiff [ 97%] ^C ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Partial downloads of updates
On 07/30/2018 11:28 AM, David Rosenstrauch wrote: I've been having some issues over the last few weeks with freshclam failing to download updates. It appears that it downloads the updates the majority of the way (e.g., 95-99%) but then times out before it finishes the download. (See example log output below.) This may not necessarily be an issue with clamav/freshclam itself, as the problem looks like it might be related to ipv6. $ sudo freshclam --verbose --debug Retrieving http://database.clamav.net/daily-24792.cdiff Trying to download http://database.clamav.net/daily-24792.cdiff (IP: 2400:cb00:2048:1::6810:b98a) Downloading daily-24792.cdiff [ 97%] nonblock_recv: recv timing out (30 secs) WARNING: getfile: Download interrupted: Operation now in progress (IP: 2400:cb00:2048:1::6810:b98a) WARNING: getpatch: Can't download daily-24792.cdiff from database.clamav.net Querying daily.24792.91.0.0.2400cb00204800016810b98a.ping.clamav.net Retrieving http://database.clamav.net/daily-24792.cdiff Trying to download http://database.clamav.net/daily-24792.cdiff (IP: 2400:cb00:2048:1::6810:bc8a) Downloading daily-24792.cdiff [ 97%] ^C BTW, forgot to mention: Not sure if this is relevant or not, but the above "Download interrupted: Operation now in progress" message is what I get when I run freshclam at the command line. When I run it via cron in the middle of the night I get a different message. (But still a failure.) Again ... stumped. Thanks, DR --- ClamAV update process started at Mon Jul 30 02:35:01 2018 WARNING: Your ClamAV installation is OUTDATED! WARNING: Local version: 0.100.0 Recommended version: 0.100.1 DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) nonblock_recv: recv timing out (30 secs) WARNING: getfile: Download interrupted: Inappropriate ioctl for device (IP: 2400:cb00:2048:1::6810:b98a) WARNING: getpatch: Can't download daily-24792.cdiff from database.clamav.net nonblock_recv: recv timing out (30 secs) WARNING: getfile: Download interrupted: Inappropriate ioctl for device (IP: 2400:cb00:2048:1::6810:ba8a) WARNING: getpatch: Can't download daily-24792.cdiff from database.clamav.net nonblock_recv: recv timing out (30 secs) WARNING: getfile: Download interrupted: Inappropriate ioctl for device (IP: 2400:cb00:2048:1::6810:bd8a) WARNING: getpatch: Can't download daily-24792.cdiff from database.clamav.net WARNING: Incremental update failed, trying to download daily.cvd nonblock_recv: recv timing out (30 secs) WARNING: getfile: Download interrupted: Inappropriate ioctl for device (IP: 2400:cb00:2048:1::6810:bc8a) WARNING: Can't download daily.cvd from database.clamav.net Trying again in 5 secs... ... ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Partial downloads of updates
Hi there, On Mon, 30 Jul 2018, David Rosenstrauch wrote: I've been having some issues over the last few weeks with freshclam failing to download updates. FWIW here in the UK I see no problems with IPv6 downloads. This is the log for July 2018: mail6:~$ >>> grep interrupted /var/log/freshclam.log mail6:~$ >>> grep download /var/log/freshclam.log | \ sed -e 's/.*IP: \(.*\))/\1/' | sort | uniq -c 7 104.16.185.138 9 104.16.186.138 9 104.16.187.138 9 104.16.188.138 9 104.16.189.138 9 2400:cb00:2048:1::6810:b98a 9 2400:cb00:2048:1::6810:ba8a 9 2400:cb00:2048:1::6810:bb8a 9 2400:cb00:2048:1::6810:bc8a 9 2400:cb00:2048:1::6810:bd8a As you can see there's a roughly even split between IPv4 and IPv6 downloads on this server. Seems like you might have a comms problem. I'd be thinking of things like traceroute, mtr, tcpdump, wireshark, etc.. -- 73, Ged. ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Partial downloads of updates
Try the freshclam that is included with version 0.100.1 and see if you still see the error. > On Jul 30, 2018, at 12:14 PM, David Rosenstrauch wrote: > > On 07/30/2018 11:28 AM, David Rosenstrauch wrote: >> I've been having some issues over the last few weeks with freshclam failing >> to download updates. It appears that it downloads the updates the majority >> of the way (e.g., 95-99%) but then times out before it finishes the >> download. (See example log output below.) >> This may not necessarily be an issue with clamav/freshclam itself, as the >> problem looks like it might be related to ipv6. > >> $ sudo freshclam --verbose --debug >> Retrieving http://database.clamav.net/daily-24792.cdiff >> Trying to download http://database.clamav.net/daily-24792.cdiff (IP: >> 2400:cb00:2048:1::6810:b98a) >> Downloading daily-24792.cdiff [ 97%] >> nonblock_recv: recv timing out (30 secs) >> WARNING: getfile: Download interrupted: Operation now in progress (IP: >> 2400:cb00:2048:1::6810:b98a) >> WARNING: getpatch: Can't download daily-24792.cdiff from database.clamav.net >> Querying daily.24792.91.0.0.2400cb00204800016810b98a.ping.clamav.net >> Retrieving http://database.clamav.net/daily-24792.cdiff >> Trying to download http://database.clamav.net/daily-24792.cdiff (IP: >> 2400:cb00:2048:1::6810:bc8a) >> Downloading daily-24792.cdiff [ 97%] >> ^C > > > BTW, forgot to mention: > > Not sure if this is relevant or not, but the above "Download interrupted: > Operation now in progress" message is what I get when I run freshclam at the > command line. When I run it via cron in the middle of the night I get a > different message. (But still a failure.) > > Again ... stumped. > > Thanks, > > DR > > --- > > ClamAV update process started at Mon Jul 30 02:35:01 2018 > WARNING: Your ClamAV installation is OUTDATED! > WARNING: Local version: 0.100.0 Recommended version: 0.100.1 > DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav > main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: > sigmgr) > nonblock_recv: recv timing out (30 secs) > WARNING: getfile: Download interrupted: Inappropriate ioctl for device (IP: > 2400:cb00:2048:1::6810:b98a) > WARNING: getpatch: Can't download daily-24792.cdiff from database.clamav.net > nonblock_recv: recv timing out (30 secs) > WARNING: getfile: Download interrupted: Inappropriate ioctl for device (IP: > 2400:cb00:2048:1::6810:ba8a) > WARNING: getpatch: Can't download daily-24792.cdiff from database.clamav.net > nonblock_recv: recv timing out (30 secs) > WARNING: getfile: Download interrupted: Inappropriate ioctl for device (IP: > 2400:cb00:2048:1::6810:bd8a) > WARNING: getpatch: Can't download daily-24792.cdiff from database.clamav.net > WARNING: Incremental update failed, trying to download daily.cvd > nonblock_recv: recv timing out (30 secs) > WARNING: getfile: Download interrupted: Inappropriate ioctl for device (IP: > 2400:cb00:2048:1::6810:bc8a) > WARNING: Can't download daily.cvd from database.clamav.net > Trying again in 5 secs... > ... > ___ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Malformed database issue
Am 29.07.2018 um 19:23 schrieb Jay Hart: > Just got notified that Clamav 0.100.1 is released for Centos 6.10. I'm > wondering if I upgrade to > that release, will my malformed database issue get resolved? what about just update and report? you need to update anyways for security reasons ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
