Re: Sebastian Andrzej Siewior 2019-12-18 <20191218225837.qttuxpwrbo5ukpr3@flow> > > $ sudo -u clamav freshclam --verbose > > what happens if you strip the sudo part? One of the first thing is to > change to the clamav user (well so is my memory and the /var/…/clamav is > owned by clamav so…)? However after I install sudo in my chroot and try > this it still works :/
Now it just works, both with "sudo freshclam --verbose" and "sudo -u clamav freshclam --verbose": $ sudo freshclam --verbose Thu Dec 19 10:00:32 2019 -> ClamAV update process started at Thu Dec 19 10:00:32 2019 Thu Dec 19 10:00:32 2019 -> *Current working dir is /var/lib/clamav/ Thu Dec 19 10:00:32 2019 -> *Querying current.cvd.clamav.net Thu Dec 19 10:00:32 2019 -> *TTL: 539 Thu Dec 19 10:00:32 2019 -> *fc_dns_query_update_info: Software version from DNS: 0.102.1 Thu Dec 19 10:00:32 2019 -> *Current working dir is /var/lib/clamav/ Thu Dec 19 10:00:32 2019 -> *check_for_new_database_version: No local copy of "daily" database. Thu Dec 19 10:00:32 2019 -> *query_remote_database_version: daily.cvd version from DNS: 25667 Thu Dec 19 10:00:32 2019 -> daily database available for download (remote version: 25667) Thu Dec 19 10:00:32 2019 -> *Retrieving https://database.clamav.net/daily.cvd Thu Dec 19 10:00:32 2019 -> *downloadFile: Download source: https://database.clamav.net/daily.cvd Thu Dec 19 10:00:32 2019 -> *downloadFile: Download destination: /var/lib/clamav/tmp/clamav-a0eebaf13c63bb204c5e5a77e26f717c.tmp * Trying 2606:4700::6810:db54:443... * TCP_NODELAY set * Connected to database.clamav.net (2606:4700::6810:db54) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server accepted to use h2 * Server certificate: * subject: OU=Domain Control Validated; OU=PositiveSSL Multi-Domain; CN=ssl392509.cloudflaressl.com * start date: Aug 24 00:00:00 2019 GMT * expire date: Mar 1 23:59:59 2020 GMT * subjectAltName: host "database.clamav.net" matched cert's "*.clamav.net" * issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO ECC Domain Validation Secure Server CA 2 * SSL certificate verify ok. * Using HTTP2, server supports multi-use * Connection state changed (HTTP/2 confirmed) * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0 * Using Stream ID: 1 (easy handle 0x55c822a6d790) > GET /daily.cvd HTTP/2 Host: database.clamav.net user-agent: ClamAV/0.102.1 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) accept: */* connection: close * old SSL session ID is stale, removing * Connection state changed (MAX_CONCURRENT_STREAMS == 256)! < HTTP/2 200 < date: Thu, 19 Dec 2019 09:00:33 GMT < content-type: application/octet-stream < content-length: 55429776 < set-cookie: __cfduid=d808352f8029efc872822e310079600b81576746033; expires=Sat, 18-Jan-20 09:00:33 GMT; path=/; domain=.clamav.net; HttpOnly; SameSite=Lax < last-modified: Wed, 18 Dec 2019 09:53:00 GMT < etag: "5df9f6fc-34dca90" < expires: Thu, 19 Dec 2019 13:00:33 GMT < cache-control: public, max-age=14400 < cf-cache-status: HIT < age: 3383 < accept-ranges: bytes < strict-transport-security: max-age=15552000 < x-content-type-options: nosniff < expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"; < server: cloudflare < cf-ray: 54782fd3fa8ed45b-HAM < Time: 3.5s, ETA; 0.0s [=======================================>] 52.86MiB/52.86MiB * Connection #0 to host database.clamav.net left intact Thu Dec 19 10:00:36 2019 -> *updatedb: Running g_cb_download_complete callback... Thu Dec 19 10:00:36 2019 -> *download_complete_callback: Download complete for database : /var/lib/clamav/tmp/clamav-a0eebaf13c63bb204c5e5a77e26f717c.tmp-daily.cvd Thu Dec 19 10:00:36 2019 -> *download_complete_callback: fc_context->bTestDatabases : 1 Thu Dec 19 10:00:36 2019 -> *download_complete_callback: fc_context->bBytecodeEnabled : 1 Thu Dec 19 10:00:36 2019 -> Testing database: '/var/lib/clamav/tmp/clamav-a0eebaf13c63bb204c5e5a77e26f717c.tmp-daily.cvd' ... Thu Dec 19 10:00:36 2019 -> *Loading signatures from /var/lib/clamav/tmp/clamav-a0eebaf13c63bb204c5e5a77e26f717c.tmp-daily.cvd Thu Dec 19 10:00:40 2019 -> *Properly loaded 2061162 signatures from /var/lib/clamav/tmp/clamav-a0eebaf13c63bb204c5e5a77e26f717c.tmp-daily.cvd Thu Dec 19 10:00:41 2019 -> Database test passed. Thu Dec 19 10:00:41 2019 -> daily.cvd updated (version: 25667, sigs: 2061162, f-level: 63, builder: raynman) Thu Dec 19 10:00:41 2019 -> *fc_update_database: daily.cvd updated. Thu Dec 19 10:00:41 2019 -> *Current working dir is /var/lib/clamav/ Thu Dec 19 10:00:41 2019 -> *check_for_new_database_version: No local copy of "main" database. Thu Dec 19 10:00:41 2019 -> *query_remote_database_version: main.cvd version from DNS: 59 Thu Dec 19 10:00:41 2019 -> main database available for download (remote version: 59) Thu Dec 19 10:00:41 2019 -> *Retrieving https://database.clamav.net/main.cvd Thu Dec 19 10:00:41 2019 -> *downloadFile: Download source: https://database.clamav.net/main.cvd Thu Dec 19 10:00:41 2019 -> *downloadFile: Download destination: /var/lib/clamav/tmp/clamav-efb340b22e2f445e9d878523dca584a5.tmp * Trying 2606:4700::6810:db54:443... * TCP_NODELAY set * Connected to database.clamav.net (2606:4700::6810:db54) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server accepted to use h2 * Server certificate: * subject: OU=Domain Control Validated; OU=PositiveSSL Multi-Domain; CN=ssl392509.cloudflaressl.com * start date: Aug 24 00:00:00 2019 GMT * expire date: Mar 1 23:59:59 2020 GMT * subjectAltName: host "database.clamav.net" matched cert's "*.clamav.net" * issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO ECC Domain Validation Secure Server CA 2 * SSL certificate verify ok. * Using HTTP2, server supports multi-use * Connection state changed (HTTP/2 confirmed) * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0 * Using Stream ID: 1 (easy handle 0x55c822a84090) > GET /main.cvd HTTP/2 Host: database.clamav.net user-agent: ClamAV/0.102.1 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) accept: */* connection: close * old SSL session ID is stale, removing * Connection state changed (MAX_CONCURRENT_STREAMS == 256)! < HTTP/2 200 < date: Thu, 19 Dec 2019 09:00:41 GMT < content-type: application/octet-stream < content-length: 117859675 < set-cookie: __cfduid=da4da9e5cef09e7816cb3683acea2eef51576746041; expires=Sat, 18-Jan-20 09:00:41 GMT; path=/; domain=.clamav.net; HttpOnly; SameSite=Lax < last-modified: Mon, 25 Nov 2019 13:56:00 GMT < etag: "5ddbdd70-706655b" < cf-cache-status: HIT < age: 3391 < expires: Thu, 19 Dec 2019 13:00:41 GMT < cache-control: public, max-age=14400 < accept-ranges: bytes < strict-transport-security: max-age=15552000 < x-content-type-options: nosniff < expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"; < server: cloudflare < cf-ray: 547830058f92d45f-HAM < Time: 5.9s, ETA; 0.0s [=======================================>] 112.40MiB/112.40MiB * Connection #0 to host database.clamav.net left intact Thu Dec 19 10:00:49 2019 -> *updatedb: Running g_cb_download_complete callback... Thu Dec 19 10:00:49 2019 -> *download_complete_callback: Download complete for database : /var/lib/clamav/tmp/clamav-efb340b22e2f445e9d878523dca584a5.tmp-main.cvd Thu Dec 19 10:00:49 2019 -> *download_complete_callback: fc_context->bTestDatabases : 1 Thu Dec 19 10:00:49 2019 -> *download_complete_callback: fc_context->bBytecodeEnabled : 1 Thu Dec 19 10:00:49 2019 -> Testing database: '/var/lib/clamav/tmp/clamav-efb340b22e2f445e9d878523dca584a5.tmp-main.cvd' ... Thu Dec 19 10:00:49 2019 -> *Loading signatures from /var/lib/clamav/tmp/clamav-efb340b22e2f445e9d878523dca584a5.tmp-main.cvd Thu Dec 19 10:00:52 2019 -> *Properly loaded 4564902 signatures from /var/lib/clamav/tmp/clamav-efb340b22e2f445e9d878523dca584a5.tmp-main.cvd Thu Dec 19 10:00:53 2019 -> Database test passed. Thu Dec 19 10:00:53 2019 -> main.cvd updated (version: 59, sigs: 4564902, f-level: 60, builder: sigmgr) Thu Dec 19 10:00:53 2019 -> *fc_update_database: main.cvd updated. Thu Dec 19 10:00:53 2019 -> *Current working dir is /var/lib/clamav/ Thu Dec 19 10:00:53 2019 -> *check_for_new_database_version: No local copy of "bytecode" database. Thu Dec 19 10:00:53 2019 -> *query_remote_database_version: bytecode.cvd version from DNS: 331 Thu Dec 19 10:00:53 2019 -> bytecode database available for download (remote version: 331) Thu Dec 19 10:00:53 2019 -> *Retrieving https://database.clamav.net/bytecode.cvd Thu Dec 19 10:00:53 2019 -> *downloadFile: Download source: https://database.clamav.net/bytecode.cvd Thu Dec 19 10:00:53 2019 -> *downloadFile: Download destination: /var/lib/clamav/tmp/clamav-67e999db34aaefa02cc68631148de62e.tmp * Trying 2606:4700::6810:da54:443... * TCP_NODELAY set * Connected to database.clamav.net (2606:4700::6810:da54) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384 * ALPN, server accepted to use h2 * Server certificate: * subject: OU=Domain Control Validated; OU=PositiveSSL Multi-Domain; CN=ssl392509.cloudflaressl.com * start date: Aug 24 00:00:00 2019 GMT * expire date: Mar 1 23:59:59 2020 GMT * subjectAltName: host "database.clamav.net" matched cert's "*.clamav.net" * issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO ECC Domain Validation Secure Server CA 2 * SSL certificate verify ok. * Using HTTP2, server supports multi-use * Connection state changed (HTTP/2 confirmed) * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0 * Using Stream ID: 1 (easy handle 0x55c822a89980) > GET /bytecode.cvd HTTP/2 Host: database.clamav.net user-agent: ClamAV/0.102.1 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) accept: */* connection: close * old SSL session ID is stale, removing * Connection state changed (MAX_CONCURRENT_STREAMS == 256)! < HTTP/2 200 < date: Thu, 19 Dec 2019 09:00:53 GMT < content-type: application/octet-stream < content-length: 296388 < set-cookie: __cfduid=d65bccd1c9bdf9c09e713c072dbef18e21576746053; expires=Sat, 18-Jan-20 09:00:53 GMT; path=/; domain=.clamav.net; HttpOnly; SameSite=Lax < last-modified: Thu, 19 Sep 2019 16:12:00 GMT < etag: "5d83a8d0-485c4" < cf-cache-status: HIT < age: 3403 < expires: Thu, 19 Dec 2019 13:00:53 GMT < cache-control: public, max-age=14400 < accept-ranges: bytes < strict-transport-security: max-age=15552000 < x-content-type-options: nosniff < expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"; < server: cloudflare < cf-ray: 547830503cacd46b-HAM < Time: 0.1s, ETA; 0.0s [=======================================>] 0.28KiB/0.28KiB * Connection #0 to host database.clamav.net left intact Thu Dec 19 10:00:53 2019 -> *updatedb: Running g_cb_download_complete callback... Thu Dec 19 10:00:53 2019 -> *download_complete_callback: Download complete for database : /var/lib/clamav/tmp/clamav-67e999db34aaefa02cc68631148de62e.tmp-bytecode.cvd Thu Dec 19 10:00:53 2019 -> *download_complete_callback: fc_context->bTestDatabases : 1 Thu Dec 19 10:00:53 2019 -> *download_complete_callback: fc_context->bBytecodeEnabled : 1 Thu Dec 19 10:00:53 2019 -> Testing database: '/var/lib/clamav/tmp/clamav-67e999db34aaefa02cc68631148de62e.tmp-bytecode.cvd' ... Thu Dec 19 10:00:53 2019 -> *Loading signatures from /var/lib/clamav/tmp/clamav-67e999db34aaefa02cc68631148de62e.tmp-bytecode.cvd Thu Dec 19 10:00:53 2019 -> *Properly loaded 95 signatures from /var/lib/clamav/tmp/clamav-67e999db34aaefa02cc68631148de62e.tmp-bytecode.cvd Thu Dec 19 10:00:53 2019 -> Database test passed. Thu Dec 19 10:00:53 2019 -> bytecode.cvd updated (version: 331, sigs: 94, f-level: 63, builder: anvilleg) Thu Dec 19 10:00:53 2019 -> *fc_update_database: bytecode.cvd updated. Thu Dec 19 10:00:53 2019 -> !NotifyClamd: Can't find or parse configuration file /etc/clamav/clamd.conf > > Time: 2.4s, ETA; 0.0s [=======================================>] > > 52.81MiB/52.81MiB > > * Connection #0 to host database.clamav.net left intact > > Wed Dec 18 11:56:13 2019 -> ^Mirror https://database.clamav.net is not > > synchronized. > > So I don't have this. And for that to happen you need an out-dated > database. And somehow you have that and the ci host. Reproducible. Maybe there was one bad server in the mirror list... > If the `sudo' part makes no difference, can you stash me your chroot or > the other way around? There must be something that is different. One bit that could have been relevant is that I'm running on schroot with tmpfs on an overlay fs. Christoph
