Package: clamav Version: 0.96.5+dfsg-1~volatile1 Severity: normal Hi,
I just noticed that after a clamav-daemon restart (security upgrade), our nagios check started complaining about the response it was getting on port 3310. We have: ExtendedDetectionInfo true in clamd.conf. Immediately after restart, this works and we get: /usr/share/clamav-testfiles/clam.exe: ClamAV-Test-File(aa15bcf478d165efd2065190eb473bcb:544) FOUND back from ClamAV when we send it a 'SCAN /usr/share/clamav-testfiles/clam.exe' After a while, this changes to: /usr/share/clamav-testfiles/clam.exe: ClamAV-Test-File FOUND i.e. the md5sum and size are lost. After a quick discussion with Steve Gran on IRC, I discovered that this occurs after a SIGUSR2 is sent to clamd to get it to reload its database but haven't had time to debug any further. Thanks, Mark -- Package-specific info: --- configuration --- Checking configuration files in /etc/clamav Config file: clamd.conf ----------------------- LogFile = "/var/log/clamav/clamav.log" LogFileUnlock disabled LogFileMaxSize disabled LogTime = "yes" LogClean disabled LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled ExtendedDetectionInfo = "yes" PidFile = "/var/run/clamav/clamd.pid" TemporaryDirectory = "/tmp" DatabaseDirectory = "/var/lib/clamav" OfficialDatabaseOnly disabled LocalSocket disabled LocalSocketGroup disabled LocalSocketMode disabled FixStaleSocket = "yes" TCPSocket = "3310" TCPAddr disabled MaxConnectionQueueLength = "15" StreamMaxLength = "10485760" StreamMinPort = "1024" StreamMaxPort = "2048" MaxThreads = "12" ReadTimeout = "180" CommandReadTimeout = "5" SendBufTimeout = "200" MaxQueue = "100" IdleTimeout = "30" ExcludePath disabled MaxDirectoryRecursion = "15" FollowDirectorySymlinks disabled FollowFileSymlinks disabled CrossFilesystems = "yes" SelfCheck = "3600" VirusEvent disabled ExitOnOOM disabled Foreground disabled Debug disabled LeaveTemporaryFiles disabled User = "clamav" AllowSupplementaryGroups = "yes" Bytecode = "yes" BytecodeSecurity = "TrustSigned" BytecodeTimeout = "60000" BytecodeMode = "Auto" DetectPUA disabled ExcludePUA disabled IncludePUA disabled AlgorithmicDetection = "yes" ScanPE = "yes" ScanELF = "yes" DetectBrokenExecutables disabled ScanMail = "yes" ScanPartialMessages disabled PhishingSignatures = "yes" PhishingScanURLs = "yes" PhishingAlwaysBlockCloak disabled PhishingAlwaysBlockSSLMismatch disabled HeuristicScanPrecedence disabled StructuredDataDetection disabled StructuredMinCreditCardCount = "3" StructuredMinSSNCount = "3" StructuredSSNFormatNormal = "yes" StructuredSSNFormatStripped disabled ScanHTML = "yes" ScanOLE2 = "yes" OLE2BlockMacros disabled ScanPDF = "yes" ScanArchive = "yes" ArchiveBlockEncrypted disabled MaxScanSize = "104857600" MaxFileSize = "26214400" MaxRecursion = "16" MaxFiles = "10000" ClamukoScanOnAccess disabled ClamukoScannerCount = "3" ClamukoScanOnOpen disabled ClamukoScanOnClose disabled ClamukoScanOnExec disabled ClamukoIncludePath disabled ClamukoExcludePath disabled ClamukoMaxFileSize = "5242880" DevACOnly disabled DevACDepth disabled DevLiblog disabled Config file: freshclam.conf --------------------------- LogFileMaxSize disabled LogTime disabled LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled PidFile = "/var/run/clamav/freshclam.pid" DatabaseDirectory = "/var/lib/clamav/" Foreground disabled Debug disabled AllowSupplementaryGroups disabled UpdateLogFile = "/var/log/clamav/freshclam.log" DatabaseOwner = "clamav" Checks = "24" DNSDatabaseInfo = "current.cvd.clamav.net" DatabaseMirror = "db.local.clamav.net", "database.clamav.net" MaxAttempts = "5" ScriptedUpdates = "yes" TestDatabases = "yes" CompressLocalDatabase disabled ExtraDatabase disabled DatabaseCustomURL disabled HTTPProxyServer disabled HTTPProxyPort disabled HTTPProxyUsername disabled HTTPProxyPassword disabled HTTPUserAgent disabled NotifyClamd = "/etc/clamav/clamd.conf" OnUpdateExecute disabled OnErrorExecute disabled OnOutdatedExecute disabled LocalIPAddress disabled ConnectTimeout = "30" ReceiveTimeout = "30" SubmitDetectionStats disabled DetectionStatsCountry disabled DetectionStatsHostID disabled SafeBrowsing disabled Bytecode = "yes" clamav-milter.conf not found Software settings ----------------- Version: devel-debian/0.95+dfsg-1-6689-g1d89fa4 WARNING: Version mismatch: libclamav=devel-debian/0.95+dfsg-1-6689-g1d89fa4, clamconf=0.96.5 Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2 JIT Database information -------------------- Database directory: /var/lib/clamav/ WARNING: freshclam.conf and clamd.conf point to different database directories daily.cld: version 12805, sigs: 64745, built on Fri Mar 4 19:03:29 2011 daily.cld: WARNING: This database requires f-level 60 (current f-level: 58) main.cld: version 53, sigs: 846214, built on Sun Nov 14 14:58:22 2010 bytecode.cld: version 141, sigs: 39, built on Sat Mar 5 19:06:38 2011 bytecode.cld: WARNING: This database requires f-level 60 (current f-level: 58) Total number of signatures: 910998 Platform information -------------------- uname: Linux 2.6.26-2-amd64 #1 SMP Tue Jan 25 05:59:43 UTC 2011 x86_64 OS: linux-gnu, ARCH: x86_64, CPU: x86_64 Full OS version: Debian GNU/Linux 5.0.8 (lenny) zlib version: 1.2.3.3 (1.2.3.3), compile flags: a9 Triple: x86_64-pc-linux-gnu CPU: i686, Little-endian platform id: 0x0a213a3a0804030201040302 Build information ----------------- GNU C: 4.3.2 (4.3.2) GNU C++: 4.3.2 (4.3.2) CPPFLAGS: CFLAGS: -Wall -g -O2 CXXFLAGS: -Wall -g -O2 LDFLAGS: Configure: '--build=x86_64-linux-gnu' '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--disable-clamav' '--with-dbdir=/var/lib/clamav/' '--sysconfdir=/etc/clamav' '--enable-milter' '--disable-clamuko' '--with-gnu-ld' '--enable-dns-fix' '--disable-unrar' '--libdir=/usr/lib' '--with-system-tommath' '--with-ltdl-include=/usr/include' '--with-ltdl-lib=/usr/lib' 'build_alias=x86_64-linux-gnu' 'CFLAGS=-Wall -g -O2' 'LDFLAGS=' 'CPPFLAGS=' sizeof(void*) = 8 Engine flevel: 58, dconf: 58 --- data dir --- total 68564 -rw-r--r-- 1 clamav clamav 456192 2011-03-05 19:20 bytecode.cld -rw-r--r-- 1 clamav clamav 4240384 2011-03-04 19:25 daily.cld -rw-r--r-- 1 clamav clamav 65422336 2010-11-14 16:25 main.cld -rw------- 1 clamav clamav 364 2011-03-07 16:25 mirrors.dat -- System Information: Debian Release: 5.0.8 APT prefers oldstable APT policy: (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages clamav depends on: ii clamav-freshclam 0.96.5+dfsg-1~volatile1 anti-virus utility for Unix - viru ii libc6 2.7-18lenny7 GNU C Library: Shared libraries ii libclamav6 0.96.5+dfsg-1~volatile1 anti-virus utility for Unix - libr ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime Versions of packages clamav recommends: ii clamav-base 0.96.5+dfsg-1~volatile1 anti-virus utility for Unix - base Versions of packages clamav suggests: pn clamav-docs <none> (no description available) -- no debconf information -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
