Re: [Clamav-users] problem compiling PHP ClamaAV Lib 0.12a
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Jun 14, 2006, at 11:01 , Kevin Lowe wrote: Hi Dennis, Many thanks for all your help and time. I've tried compiling both packages in /usr/home/USERNAME/local and am still getting the same errors as before. ./configure --with-clamav --prefix=/usr/home/USERNAME/local and ./configure --with-clamav=/usr/home/solomon2/local --prefix=/usr/ home/USERNA ME/local both give: configure: error: can not find sources in . or .. Trying : ./configure --with-clamav=/usr/home/USERNAME/local --prefix=/usr/ home/USERNA ME/local --srcdir=/usr/home/USERNAME/clamav-0.88.2 and ./configure --with-clamav --prefix=/usr/home/USERNAME/local -- srcdir=/usr/ho me/USERNAME/clamav-0.88.2 both give this error after a few lines: ./configure: 1156: Syntax error: word unexpected (expecting )) I still have not got my php.ini edited, could that be the problem? I did not set the LDFLAGS as you sugested yesterday, is this still required? Thanks Kevin Well, I've seen enough of this thread so it's time to put it to bed. The code you're using for the PHP/ClamAV module, where did it come from? (more than likely it's the Nick Loeve code and not the code I rewrote) I've had issues with this code on non-mandrake systems was my reason for abandoning it. I was thinking that it should be included with the ClamAV software but never got around to putting together a proper package (so Thomasz wouldn't have to do any work) and handed it out to a handful of people who said they'd distribute it but they got it working for themselves providing a link was no longer a priority. What version of PHP are you using? Do you have more than one version of PHP installed? If you've experienced any issues with phpize then something isn't right. SEE: http://www.daleenterprise.com/info.php http://www.daleenterprise.com/clamav_info.php I reproduced your problem and worked through it thusly: ./configure --with-clamav=/usr/home/USERNAME/bin/clam make cd modules ldd clamav.so ... lots of data with library paths correctly identified When you built clamav all the libs, binaries, includes, manpages, etc., were put in the --prefix=... directory as subdirectories, so that is where to tell php-clamavlib's build process to look for the parts it needs. It's a bit messy and not the way I'd do it, but it will work. Adding yet another --prefix in the php-clamavlib build process makes things yet more messy, but again, it will work. I presume you haven't access to /usr/local, so what I'd do is use this prefix: --prefix=/usr/home/USERNAME/local for both builds. You will end up with /usr/home/USERNAME/local/ with bin, sbin, lib, man, share, etc in there (the basic gnu structure) and these can be reused for other applications if you build more later. dp - -- Dale -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.2.2 (Darwin) iD8DBQFEkGG5iD9DTPch4RQRAjYwAKC+H6yeDXYP+EsjMFev06udnMfZVACgi7tH RBblkEHsOfgCAwQ7OQ8Ky9c= =P/Jd -END PGP SIGNATURE- ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] OS X Intel compile
On Mar 22, 2006, at 12:00 , Dennis Peterson wrote: Dale Walsh wrote: On Mar 21, 2006, at 21:32 , Dennis Peterson wrote: Dale Walsh wrote: On Mar 20, 2006, at 09:03 , Dennis Peterson wrote: Torbjorn Granlund, the author of gmp, is aware of the problem and has stated he's not interested in a fix. If you google the error tmp-dive_1.s:98... you will see core duo owners are having the same problem. Yes, I ran into this as well, but it does build if you disable shared. If you want to generate a proper fix, I'm sure that it would be appreciated but one thing to note, I've been unable to build it as a dual architecture and this would be good to achieve as well. Building it without shared was a slam-dunk but not especially helpful. This did the trick: configure --host=none-apple-darwin Building for generic x86, reduces functionality but does provide a working solution, now you just need to build using some additional flags to get it built right. It wasn't my requirement to build it for general release - we're committed to Mac on Intel only going forward and so this works fine for our datacenters. What you have generated is marginal at best, doesn't include key functions required for proper digital signature support but you can choose to settle for what you have generated in the hopes that you don't experience any problems. You have a partial functioning GMP/MP/MPFR library which makes the digital signature support unreliable, the configure you used doesn't enable specific features and functions required for full digital support so if you're really committed to the Intel Mac and providing proper software support, I'd look into correcting this. Myself, I'm committed to finding a solution for Macs in general, I am not narrow minded or biased and only support intel or ppc, I'm ecstatic if my solutions/improvements work for other platforms but my goal is ultimately to provide a better build for Macs. Since the time of this writing I've successfully generated a darwinbuild project that builds the libraries in the proper format and includes all of the required functions for proper use. I'd be able to go one step further and provide 100% functionality and build compatibility for Intel Macs and other platforms would also benefit if I could find a solution for the 9 tiny assembler files (by converting these to regular source) but suffice it to say I have been able to at least get the basic key functions required to build and that full digital support is now possible for ClamAV software on Intel Macs. dp -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] OS X Intel compile
On Mar 22, 2006, at 16:57 , Dennis Peterson wrote: On Mar 22, 2006, at 12:00 , Dennis Peterson wrote: Dale Walsh wrote: On Mar 21, 2006, at 21:32 , Dennis Peterson wrote: Dale Walsh wrote: On Mar 20, 2006, at 09:03 , Dennis Peterson wrote: Torbjorn Granlund, the author of gmp, is aware of the problem and has stated he's not interested in a fix. If you google the error tmp-dive_1.s:98... you will see core duo owners are having the same problem. Yes, I ran into this as well, but it does build if you disable shared. If you want to generate a proper fix, I'm sure that it would be appreciated but one thing to note, I've been unable to build it as a dual architecture and this would be good to achieve as well. Building it without shared was a slam-dunk but not especially helpful. This did the trick: configure --host=none-apple-darwin Building for generic x86, reduces functionality but does provide a working solution, now you just need to build using some additional flags to get it built right. It wasn't my requirement to build it for general release - we're committed to Mac on Intel only going forward and so this works fine for our datacenters. What you have generated is marginal at best, doesn't include key functions required for proper digital signature support but you can choose to settle for what you have generated in the hopes that you don't experience any problems. You have a partial functioning GMP/MP/MPFR library which makes the digital signature support unreliable, the configure you used doesn't enable specific features and functions required for full digital support so if you're really committed to the Intel Mac and providing proper software support, I'd look into correcting this. The configure string above was a simple test to ensure it built with shared libraries. It isn't likel the full production string for the final build. It does pass all the internal tests, though, and results in a basic functional clamAV suite. Myself, I'm committed to finding a solution for Macs in general, I am not narrow minded or biased and only support intel or ppc, I'm ecstatic if my solutions/improvements work for other platforms but my goal is ultimately to provide a better build for Macs. I think it is not being narrow minded to build to the need. We have no plans for using PPC macs in this role so there is no need to spend $$ on them. The object is a higly portable mail appliance to be dropped into datacenters of companies we purchase. Cost, supportability, installation ease, and capability are the principal needs. They're working rather well. And it means I can continue to use ClamAV. Unfortunately you didn't provide much information on any additional configure flags and if you have included the fft, mpbsd and mpfr options then you would at least get the mandatory requirements but I do recommend you issue your make with the following syntax make CFLAGS=-arch i386 -pipe -no-cpp-precomp MPFR_CFLAGS=-arch i386 -pipe -no-cpp-precomp To ensure that you get the best overall build for your platform. dp ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Tiger Server
On Mar 20, 2006, at 22:47 , David Muszynski wrote: On Mar 20, 2006, at 3:21 AM, Dale Walsh wrote: Try googling BuildSmart I went the BuildSmart way and was really getting into it. After it ran for nearly an hour I got this bunch of messages and then it exited. What can I do to fix this? perl -MCPAN -eshell look Archive::TAR pwd post output of pwd. Thanks, David Fetching with Net::FTP: ftp://archive.progeny.com/CPAN/authors/id/K/KA/KANE/CHECKSUMS Checksum for /private/var/root/.cpan/sources/authors/id/K/KA/KANE/ Archive-Tar-1.26.tar.gz ok Scanning cache /private/var/root/.cpan/build for sizes Archive-Tar-1.26/ /usr/bin/tar: Archive-Tar-1.26: Cannot mkdir: No such file or directory Archive-Tar-1.26/bin/ /usr/bin/tar: Archive-Tar-1.26/bin: Cannot mkdir: No such file or directory Archive-Tar-1.26/bin/ptar /usr/bin/tar: Archive-Tar-1.26/bin/ptar: Cannot open: No such file or directory Archive-Tar-1.26/bin/ptardiff /usr/bin/tar: Archive-Tar-1.26/bin/ptardiff: Cannot open: No such file or directory Archive-Tar-1.26/CHANGES /usr/bin/tar: Archive-Tar-1.26/CHANGES: Cannot open: No such file or directory Archive-Tar-1.26/lib/ /usr/bin/tar: Archive-Tar-1.26/lib: Cannot mkdir: No such file or directory Archive-Tar-1.26/lib/Archive/ /usr/bin/tar: Archive-Tar-1.26/lib/Archive: Cannot mkdir: No such file or directory Archive-Tar-1.26/lib/Archive/Tar/ /usr/bin/tar: Archive-Tar-1.26/lib/Archive/Tar: Cannot mkdir: No such file or directory Archive-Tar-1.26/lib/Archive/Tar/Constant.pm /usr/bin/tar: Archive-Tar-1.26/lib/Archive/Tar/Constant.pm: Cannot open: No such file or directory Archive-Tar-1.26/lib/Archive/Tar/File.pm /usr/bin/tar: Archive-Tar-1.26/lib/Archive/Tar/File.pm: Cannot open: No such file or directory Archive-Tar-1.26/lib/Archive/Tar.pm /usr/bin/tar: Archive-Tar-1.26/lib/Archive/Tar.pm: Cannot open: No such file or directory Archive-Tar-1.26/Makefile.PL /usr/bin/tar: Archive-Tar-1.26/Makefile.PL: Cannot open: No such file or directory Archive-Tar-1.26/MANIFEST /usr/bin/tar: Archive-Tar-1.26/MANIFEST: Cannot open: No such file or directory Archive-Tar-1.26/META.yml /usr/bin/tar: Archive-Tar-1.26/META.yml: Cannot open: No such file or directory Archive-Tar-1.26/README /usr/bin/tar: Archive-Tar-1.26/README: Cannot open: No such file or directory Archive-Tar-1.26/t/ /usr/bin/tar: Archive-Tar-1.26/t: Cannot mkdir: No such file or directory Archive-Tar-1.26/t/01_use.t /usr/bin/tar: Archive-Tar-1.26/t/01_use.t: Cannot open: No such file or directory Archive-Tar-1.26/t/02_methods.t /usr/bin/tar: Archive-Tar-1.26/t/02_methods.t: Cannot open: No such file or directory Archive-Tar-1.26/t/03_file.t /usr/bin/tar: Archive-Tar-1.26/t/03_file.t: Cannot open: No such file or directory Archive-Tar-1.26/t/04_resolved_issues.t /usr/bin/tar: Archive-Tar-1.26/t/04_resolved_issues.t: Cannot open: No such file or directory Archive-Tar-1.26/t/99_pod.t /usr/bin/tar: Archive-Tar-1.26/t/99_pod.t: Cannot open: No such file or directory Archive-Tar-1.26/t/src/ /usr/bin/tar: Archive-Tar-1.26/t/src: Cannot mkdir: No such file or directory Archive-Tar-1.26/t/src/long/ /usr/bin/tar: Archive-Tar-1.26/t/src/long: Cannot mkdir: No such file or directory Archive-Tar-1.26/t/src/long/b /usr/bin/tar: Archive-Tar-1.26/t/src/long/b: Cannot open: No such file or directory Archive-Tar-1.26/t/src/long/bar.tar /usr/bin/tar: Archive-Tar-1.26/t/src/long/bar.tar: Cannot open: No such file or directory Archive-Tar-1.26/t/src/long/foo.tgz /usr/bin/tar: Archive-Tar-1.26/t/src/long/foo.tgz: Cannot open: No such file or directory Archive-Tar-1.26/t/src/short/ /usr/bin/tar: Archive-Tar-1.26/t/src/short: Cannot mkdir: No such file or directory Archive-Tar-1.26/t/src/short/b /usr/bin/tar: Archive-Tar-1.26/t/src/short/b: Cannot open: No such file or directory Archive-Tar-1.26/t/src/short/bar.tar /usr/bin/tar: Archive-Tar-1.26/t/src/short/bar.tar: Cannot open: No such file or directory Archive-Tar-1.26/t/src/short/foo.tgz /usr/bin/tar: Archive-Tar-1.26/t/src/short/foo.tgz: Cannot open: No such file or directory /usr/bin/tar: Error exit delayed from previous errors Uncompressed /private/var/root/.cpan/sources/authors/id/K/KA/KANE/ Archive-Tar-1.26.tar.gz successfully Using Tar:/usr/bin/tar xvf /private/var/root/.cpan/sources/authors/ id/K/KA/KANE/Archive-Tar-1.26.tar: Archive-Tar-1.26/ /usr/bin/tar: Archive-Tar-1.26: Cannot mkdir: No such file or directory Archive-Tar-1.26/bin/ /usr/bin/tar: Archive-Tar-1.26/bin: Cannot mkdir: No such file or directory Archive-Tar-1.26/bin/ptar /usr/bin/tar: Archive-Tar-1.26/bin/ptar: Cannot open: No such file or directory Archive-Tar-1.26/bin/ptardiff /usr/bin/tar: Archive-Tar-1.26/bin/ptardiff: Cannot open: No such file or directory Archive-Tar-1.26/CHANGES /usr/bin/tar: Archive-Tar-1.26/CHANGES: Cannot open: No such file or directory Archive-Tar-1.26/lib/ /usr/bin/tar: Archive-Tar-1.26/lib: Cannot
Re: [Clamav-users] Tiger Server
On Mar 21, 2006, at 07:16 , David Muszynski wrote: On Mar 21, 2006, at 5:31 AM, Dale Walsh wrote: perl -MCPAN -eshell look Archive::TAR pwd post output of pwd. I'm not sure if what you asked for worked right as cpan didn't understand the last two requests, but here's the out put anyway. Thanks, David perl -MCPAN -eshell look Archive::Tar pwd post output of pwd. strflt:/Users/tknospdr root# perl -MCPAN -eshell cpan shell -- CPAN exploration and modules installation (v1.87) ReadLine support enabled cpan look Archive::TAR CPAN: Storable loaded ok Going to read /private/var/root/.cpan/Metadata Database was generated on Mon, 20 Mar 2006 22:10:34 GMT Warning: Cannot look Archive::TAR, don't know what it is. Try the command i /Archive::TAR/ to find objects with matching identifiers. cpan pwd Unknown shell command 'pwd '. Type ? for help. cpan i /Archive::TAR/ Module Archive::Tar (KANE/Archive-Tar-1.29.tar.gz) Module Archive::Tar::Constant (KANE/Archive-Tar-1.29.tar.gz) Module Archive::Tar::File (KANE/Archive-Tar-1.29.tar.gz) Module Archive::Tar::Std (KANE/Archive-Tar-0.23.tgz) Module Archive::Tar::Stream (Archive::Tar::Stream) Module Archive::Tar::Streamed (IVORW/Archive-Tar- Streamed-0.03.tar.gz) Module Archive::Tar::Win32(KANE/Archive-Tar-0.23.tgz) Module Archive::Tar::Wrapper (MSCHILLI/Archive-Tar- Wrapper-0.06.tar.gz) Module Archive::TarGzip (SOFTDIA/Archive-TarGzip-0.03.tar.gz) Module Meta::Archive::Tar (VELTZER/Meta-0.08.tar.gz) 10 items found cpan exit Lockfile removed. strflt:/Users/tknospdr root#___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Tiger Server
On Mar 21, 2006, at 09:12 , David Muszynski wrote: On Mar 21, 2006, at 7:27 AM, Dale Walsh wrote: perl -MCPAN -eshell look Archive::Tar pwd post output of pwd. sh-2.05b# pwd /private/var/root/.cpan/build/Archive-Tar-1.29 OK we've established that CPAN is configured properly and that the command executed by BuildSmart works. I suspect that BuildSmart was not run as root user. try: su; # enter password when propmted. buildsmart -p SpamAV -c -a; # run in auto mode and requires little user interaction. Thanks, David ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] OS X Intel compile
On Mar 21, 2006, at 21:32 , Dennis Peterson wrote: Dale Walsh wrote: On Mar 20, 2006, at 09:03 , Dennis Peterson wrote: Torbjorn Granlund, the author of gmp, is aware of the problem and has stated he's not interested in a fix. If you google the error tmp-dive_1.s:98... you will see core duo owners are having the same problem. Yes, I ran into this as well, but it does build if you disable shared. If you want to generate a proper fix, I'm sure that it would be appreciated but one thing to note, I've been unable to build it as a dual architecture and this would be good to achieve as well. Building it without shared was a slam-dunk but not especially helpful. This did the trick: configure --host=none-apple-darwin Building for generic x86, reduces functionality but does provide a working solution, now you just need to build using some additional flags to get it built right. I'll write you off list on this. make check make install Intel is the only architecture I need to work with. I didn't even think to examine the dual-architecture issue. dp -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Tiger Server
On Mar 19, 2006, at 17:59 , David Muszynski wrote: I spent the better part of a day not only searching this list's archive, but the Internet at large trying to get an answer before I even joined this list to ask my question; so if there's an answer already published somewhere I apologize for missing it. Is there a prescribed way to upgrade ClamAV on Tiger Server 10.4.5 that will get us to the latest versions of everything and keep Apple happy too? And while we're at it what about gmp? Yes there is and a patch is required, I posted the patch on the OSX Server list along with the correct configure flags. Try googling BuildSmart Thanks, David___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] OS X Intel compile
On Mar 20, 2006, at 01:53 , Dennis Peterson wrote: Except for a problem with gmp, the clamav 0.88 code compiled and runs just fine. The gmp problem is a big one - in it's current state gmp will not compile on a Mac OS X Intel system. I'll have to see if DarwinPorts has anything on it. Don't tell my Intel Mac it wont build. How are you configuring gmp, what errors are you getting? Anyone else seen this? dp -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: Problem Upgrading ClamAV on HP-UX 10.20
On Feb 8, 2006, at 14:42 , Kaplan, Andrew H. wrote: Try adding -D_XOPEN_SOURCE EXTENDED to your CFLAGS. I entered the setenv command three times using the following syntax: setenv CFLAGS -I/usr/tools/gcc3/include setenv LDFLAGS -L/usr/tools/gcc3/lib setenv CFLAGS -D_XOPEN_SOURCE EXTENDED LOL ./configure (YOUR SETTINGS) \ CFLAGS=-D_XOPEN_SOURCE EXTENDED -I/usr/tools/gcc3/include \ LDFLAGS=-L/usr/tools/gcc3/lib After that, I ran the configure script, and it returned with the error message shown below: error: C compiler cannot create executables See `config.log' for more details. I've included the log file in this e-mail. This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. It was created by configure, which was generated by GNU Autoconf 2.59. Invocation command line was $ ./configure ## - ## ## Platform. ## ## - ## hostname = hadron.mgh.harvard.edu uname -m = 9000/777 uname -r = B.10.20 uname -s = HP-UX uname -v = A /usr/bin/uname -p = unknown /bin/uname -X = unknown /bin/arch = unknown /usr/bin/arch -k = unknown /usr/convex/getsysinfo = unknown hostinfo = unknown /bin/machine = unknown /usr/bin/oslevel = unknown /bin/universe = unknown PATH: /usr/tools/gcc3/bin PATH: /usr/bin PATH: /usr/ccs/bin PATH: /usr/contrib/bin PATH: /opt/nettladm/bin PATH: /opt/pd/bin PATH: /usr/bin/X11 PATH: /usr/contrib/bin/X11 PATH: /opt/upgrade/bin PATH: /opt/vnc PATH: /opt/ignite/bin PATH: /opt/cfg2html ## --- ## ## Core tests. ## ## --- ## configure:1531: checking build system type configure:1549: result: hppa1.1-hp-hpux10.20 configure:1557: checking host system type configure:1571: result: hppa1.1-hp-hpux10.20 configure:1579: checking target system type configure:1593: result: hppa1.1-hp-hpux10.20 configure:1664: result: creating target.h - canonical system defines configure:1808: checking for a BSD-compatible install configure:1863: result: ./install-sh -c configure:1874: checking whether build environment is sane configure:1917: result: yes configure:1982: checking for gawk configure:2011: result: no configure:1982: checking for mawk configure:2011: result: no configure:1982: checking for nawk configure:2011: result: no configure:1982: checking for awk configure:1998: found /usr/bin/awk configure:2008: result: awk configure:2018: checking whether make sets $(MAKE) configure:2038: result: yes configure:2219: checking for gawk configure:2245: result: awk configure:2301: checking for gcc configure:2317: found /usr/tools/gcc3/bin/gcc configure:2327: result: gcc configure:2571: checking for C compiler version configure:2574: gcc --version /dev/null 5 gcc (GCC) 3.1 Copyright (C) 2002 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. configure:2577: $? = 0 configure:2579: gcc -v /dev/null 5 Reading specs from /usr/tools/gcc3/lib/gcc-lib/hppa1.1-hp-hpux10.20/3.1/specs Configured with: ../configure --prefix=/usr/tools/gcc3 --with-as=/usr/tools/gnu/bin/as Thread model: single gcc version 3.1 configure:2582: $? = 0 configure:2584: gcc -V /dev/null 5 gcc: argument to `-V' is missing configure:2587: $? = 1 configure:2610: checking for C compiler default output file name configure:2613: gcc -D_XOPEN_SOURCE EXTENDED -L/usr/tools/gcc3/lib conftest.c 5 gcc: EXTENDED: No such file or directory configure:2616: $? = 1 configure: failed program was: | /* confdefs.h. */ | | #define PACKAGE_NAME | #define PACKAGE_TARNAME | #define PACKAGE_VERSION | #define PACKAGE_STRING | #define PACKAGE_BUGREPORT | #define PACKAGE clamav | #define VERSION 0.88 | /* end confdefs.h. */ | | int | main () | { | | ; | return 0; | } configure:2654: error: C compiler cannot create executables See `config.log' for more details. ## ## ## Cache variables. ## ## ## ac_cv_build=hppa1.1-hp-hpux10.20 ac_cv_build_alias=hppa1.1-hp-hpux10.20 ac_cv_env_CC_set='' ac_cv_env_CC_value='' ac_cv_env_CFLAGS_set=set ac_cv_env_CFLAGS_value='-D_XOPEN_SOURCE EXTENDED' ac_cv_env_CPPFLAGS_set='' ac_cv_env_CPPFLAGS_value='' ac_cv_env_CPP_set='' ac_cv_env_CPP_value='' ac_cv_env_LDFLAGS_set=set ac_cv_env_LDFLAGS_value=-L/usr/tools/gcc3/lib ac_cv_env_build_alias_set='' ac_cv_env_build_alias_value='' ac_cv_env_host_alias_set='' ac_cv_env_host_alias_value='' ac_cv_env_target_alias_set='' ac_cv_env_target_alias_value='' ac_cv_host=hppa1.1-hp-hpux10.20 ac_cv_host_alias=hppa1.1-hp-hpux10.20 ac_cv_prog_AWK=awk ac_cv_prog_ac_ct_CC=gcc ac_cv_prog_make_make_set=yes ac_cv_target=hppa1.1-hp-hpux10.20 ac_cv_target_alias=hppa1.1-hp-hpux10.20 ## - ## ## Output variables. ## ## - ## ACLOCAL='${SHELL} /home/kaplan/clamav-0.88/missing --run aclocal-1.9'
[Clamav-users] dynamic library building issue.
In order to get ClamAV to generate shared libraries autoreconf must be called however this always generates an invalid libtool file in Mac OSX becuase for some unknown reason someone decided to add a libtool.m4 template to acinclude.m4 which has to be removed to get it to work properly. Is the libtool.m4 template really required to be in acinclude.m4 since a libtool.m4 template specific to the installed OS is created when libtool is installed??? -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: virus detected using clamscan but not with Mail::ClamAV perl module
On Dec 22, 2005, at 17:29 , Tomasz Kojm wrote: On Thu, 22 Dec 2005 16:19:25 -0500 Dale Walsh [EMAIL PROTECTED] wrote: On Dec 22, 2005, at 13:20 , Tomasz Kojm wrote: On Thu, 22 Dec 2005 13:08:34 -0500 Dale Walsh [EMAIL PROTECTED] wrote: SEE: http://www.daleenterprise.com/test.php Also SEE: http://www.daleenterprise.com/clamav_info.php This PHP module/extension is ready and available for release, it's PHP4/PHP5 compliant. What is this, a provocation? No, the message was to show two things, one that scanning a buffer seems very unreliable Scanning a buffer? What are you talking about? (I.e. how is that connected with the original post?) The OP was about Mail::ClamAV perl modules failure to detect viruses and my comment about the ClamAV's scanbuff routine failure to detect viruses is related to this. and two, another method of using clamav is available, you're welcome to the code. That's off-topic, too. Anyway, you're welcome to take a look at the bottom of http://www.clamav.net/3rdparty.html Third-party??? It's little code, almost zero maintenance and could be argued that it should be part of the regular distribution but no problem, it's not like anybody else would use it so I guess it isn't going to be publicly available. -- oo. Tomasz Kojm [EMAIL PROTECTED] -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] clamav-freshclam issue
On Dec 23, 2005, at 08:24 , Alberto Zeni wrote: Hello, Ever since I successfully installed ClamAV in my Linux Ubuntu 5.10, during the shutdown phase I always obtain a line like that: etc/rc0.d/K20clamav-freshclam: line 163: log_daemon_msg: command not found It looks like the 'log_daemon_msg' function doesn't exist. Look at other files and see how they are logging messages and modify it to use the same function. I know it is related to clamav definitions update procedure but I don't know more. I'll be grateful to you, then, if you give me some suggestions to fix that. Best Rgards, Alberto -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: virus detected using clamscan but not with Mail::ClamAV perl module
On Dec 23, 2005, at 07:56 , Tomasz Kojm wrote: On Fri, 23 Dec 2005 06:39:38 -0500 Dale Walsh [EMAIL PROTECTED] wrote: The OP was about Mail::ClamAV perl modules failure to detect viruses and my comment about the ClamAV's scanbuff routine failure to detect viruses is related to this. Your comment was incorrect. ??? Please elaborate because as the subject states virus detected using clamscan but not with Mail::ClamAV perl module. leads one to believe that the thread is about failure to detect virii with software. -- oo. Tomasz Kojm [EMAIL PROTECTED] -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: virus detected using clamscan but not with Mail::ClamAV perl module
On Dec 23, 2005, at 11:29 , Tomasz Kojm wrote: On Fri, 23 Dec 2005 10:11:25 -0500 Dale Walsh [EMAIL PROTECTED] wrote: On Dec 23, 2005, at 07:56 , Tomasz Kojm wrote: On Fri, 23 Dec 2005 06:39:38 -0500 Dale Walsh [EMAIL PROTECTED] wrote: The OP was about Mail::ClamAV perl modules failure to detect viruses and my comment about the ClamAV's scanbuff routine failure to detect viruses is related to this. Your comment was incorrect. ??? Please elaborate because as the subject states virus detected using clamscan but not with Mail::ClamAV perl module. leads one to believe that the thread is about failure to detect virii with software. Please read the conversation between Per Jessen and me and then look at your top-posted, senseless comment. I read the conversation, it's about software that isn't catching virii for one reason or another. Yes my post should not have been topped and I could have explained a little more as the lack of detail about the first link might be considered confusing and senseless. The second was just to offer you some code if you were interested in it. I have no time and stomach for flame wars so this is my last post in this thread. I'm not interested in a flame war either but if it's a war you want, you win, I surrender. -- oo. Tomasz Kojm [EMAIL PROTECTED] -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: virus detected using clamscan but not with Mail::ClamAV perl module
On Dec 23, 2005, at 12:00 , Jeff Donsbach wrote: On 12/23/05, Dale Walsh [EMAIL PROTECTED] wrote: Please elaborate because as the subject states virus detected using clamscan but not with Mail::ClamAV perl module. leads one to believe that the thread is about failure to detect virii with software. [sorry about that last messge... fat fingers...] Dale, Perhaps a little more background information about what is on those pages to go along with the URLs you posted in your first post would have helped avoid this whole misunderstanding. My first reaction at seeing that first post of yours was that I thought it was a phishing attempt or commecial spam of some kind (and I skipped over it). Yes, I see your point, the gist was that scanning a buffer doesn't catch most virii and the first link is the results of the scans which occur at the time the link is accessed. There also seems to be a conflict of the actual virus name that is detected between a buffer scan and a disk file scan. The settings configured to scan either are the same so I'm at a loss for the failures and discrepancies. Of course it's free software with no guarantee that it will work as intended or work in a particular environment so if it gets looked at great, if not that's OK too, I can accept that scanning a buffer is unreliable and not use this option. The second was just a mention about some code that allows another use for ClamAV software and if Tomasz wanted it he we welcome to it as I have no interest in providing it as a third-party piece of software. There is someone else who has something similar however it's not as flexible, is not configurable and doesn't work with all versions of PHP or on all platforms. Now, can we move on? Boy, some people on this list are cranky lately. I can understand that the holiday season gets on people's nerves and it doesn't take much to set someone off. ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: virus detected using clamscan but not with Mail::ClamAV perl module
SEE: http://www.daleenterprise.com/test.php Also SEE: http://www.daleenterprise.com/clamav_info.php This PHP module/extension is ready and available for release, it's PHP4/PHP5 compliant. On Dec 22, 2005, at 12:49 , Tomasz Kojm wrote: On Thu, 22 Dec 2005 18:52:41 +0100 Per Jessen [EMAIL PROTECTED] wrote: Tomasz Kojm wrote: On Thu, 22 Dec 2005 18:37:57 +0100 my $status = $clam-scan(/tmp/1135265287.V902I5e924.thorium, CL_ARCHIVE|CL_MAIL); Include the CL_SCAN_STDOPT option flag in the above call. OK, just tried that - it still reports clean. Then you're still missing PE support (which is required to handle FSG-compressed Sober.U) somehow. I'm just now upgrading the Mail::ClamAV module to 0.17 (from 0.11) - maybe that'll fix it. -- oo. Tomasz Kojm [EMAIL PROTECTED] -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: virus detected using clamscan but not with Mail::ClamAV perl module
On Dec 22, 2005, at 13:20 , Tomasz Kojm wrote: On Thu, 22 Dec 2005 13:08:34 -0500 Dale Walsh [EMAIL PROTECTED] wrote: SEE: http://www.daleenterprise.com/test.php Also SEE: http://www.daleenterprise.com/clamav_info.php This PHP module/extension is ready and available for release, it's PHP4/PHP5 compliant. What is this, a provocation? No, the message was to show two things, one that scanning a buffer seems very unreliable and two, another method of using clamav is available, you're welcome to the code. -- oo. Tomasz Kojm [EMAIL PROTECTED] -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Virus not detected by clamav
On Dec 20, 2005, at 04:40 , Luis Miguel R. wrote: Not detected here too, oldest clamav versions detect it well. Detection of viruses in a buffer scan isn't working well either, it doesn't recognize most viruses including the ClamAV test viruses that the older versions (pre 0.87) recognize. SEE: http://www.daleenterprise.com/test.php Linux cubo 2.4.27-2-686 #1 Mon May 16 17:03:22 JST 2005 i686 GNU/Linux ClamAV 0.87.1/1213/Mon Dec 19 15:48:34 2005 ([EMAIL PROTECTED]:~)# clamscan attreg.zip attreg.zip: OK ([EMAIL PROTECTED]:~)# f-prot -ver Program version: 4.6.3 Engine version: 3.16.10 ([EMAIL PROTECTED]:~)# f-prot attreg.zip /root/attreg.zip-File-packed_dataInfo.exe Infection: W32/Sober Tomasz, I've resolved the crashing issue with libclamav and apache, I have solid code for a PHP extension that has been tested on several OS's without any issues. Do you wish to add this to the contrib ??? SEE: http://www.daleenterprise.com/clamav_info.php -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Clamd Problem.
Have done some further testing, the font doesn't display properly on a linux (FC3) box with gd-2.0.33 but if I use the PHP embedded gd it displays properly. -- Dale On Dec 17, 2005, at 10:58 , Fajar A. Nugraha wrote: Dennis Peterson wrote: # Run mode ::= Daemon or Foreground # Default is Daemon # Foreground Daemon Where the BNF allows (and I think should require) one of Daemon or Foreground. And where is the BNF, anyway? Notice that absent the comments in any of this, the keyword Foreground has no context and loses a great deal of clear purpose. That's a bad thing. Better? RunMode = Daemon # define run mode as foreground or background And yes - I do like optional studly caps as it becomes more readable, as in: I believe the syntax for that parameter (actually, all paramaters that used to be one word only) in development version (CVS) was changed to something like Foreground yes or Foreground no. -- Fajar ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] No viruses detected ERROR/Temporary quarantine file [...] creation failed
On Dec 12, 2005, at 17:18 , Nigel Horne wrote: Pete 'Wolfy' Hanson wrote: Using clamav 0.87.1 with clamav-milter 0.87 under sendmail 8.13.5 on Solaris 8, I've started seeing this type of stuff in the clam logs Dec 12 09:18:00 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.MzvOKK creation failed Normally the home is /var/clamav with tmp being /var/clamav/tmp. This is a permission issue or lack of space as the files should be worked out in the home tmp directory. Dec 12 09:18:04 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHWTc024980: /tmp/clamav-2993fbe6371a9f93/msg.sAvOKK: No viruses detected ERROR Dec 12 09:18:02 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.RzvOKK creation failed Dec 12 09:18:02 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.XzvOKK creation failed Dec 12 09:18:02 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.2zvOKK creation failed Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHiNS025141: /tmp/clamav-2993fbe6371a9f93/msg._zvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHWTf024992: /tmp/clamav-2993fbe6371a9f93/msg.aAvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHiN5025133: /tmp/clamav-2993fbe6371a9f93/msg.bAvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHZG8025036: /tmp/clamav-2993fbe6371a9f93/msg.GzvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHaio025041: /tmp/clamav-2993fbe6371a9f93/msg.HzvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHWM5024981: /tmp/clamav-2993fbe6371a9f93/msg.6zvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHrWb025232: /tmp/clamav-2993fbe6371a9f93/msg.vAvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.FAvOKK creation failed Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHhjc025132: /tmp/clamav-2993fbe6371a9f93/msg.5zvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 801593 local7.error] jBCHHtlf025246: /tmp/clamav-2993fbe6371a9f93/msg.kAvOKK: No viruses detected ERROR Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.AAvOKK creation failed Dec 12 09:18:05 smtp clamav-milter[18725]: [ID 984059 local7.error] Temporary quarantine file /tmp/clamav-2993fbe6371a9f93/msg.LAvOKK creation failed followed by clamav-milter no longer working (it needs to be restarted). This is quite similar to a previously reported DoS vulnerability in older versions of clamav: http://www.idefense.com/application/poi/display? id=276type=vulnerabilitiesflashstatus=true That is a different issue. It's not an urgent problem for me since I have some simple monitors that restart clamav-milter as needed. Has your /tmp filesystem become full? -- Pete Hanson -- Nigel Horne. Arranger, Adjudicator, Band Trainer, Composer, Typesetter. NJH Music, Barnsley, UK. ICQ#20252325 [EMAIL PROTECTED] http://www.bandsman.co.uk ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] amavis-stats-0.1.19 released
amavis-stats (0.1.19) stable; urgency=recommended 0.1.19 Release * added some color to the build process. * added a non-virus graph. * fixed permissions of installed amavis-stats.conf file. * fixed an issue with virus names that exceed 32 characters. * fixed the time period displayed in the vertical column on each graph, it was displaying minutes when hour was selected and hours when min was selected. SEE: http://www.daleenterprise.com/amavis-stats ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] amavis-stats-0.1.18 [ RELEASED ]
amavis-stats (0.1.18) stable; urgency=low 0.1.18 Release * fixed an image issue when using rrdtool 1.2.x where no virus image is generated when no graphing data is present during a time period. * fixed a tab image issue when using PHP4 and no image is generated or displayed for buttons. * preserve daemon configuration file if updating. * updated legend. * added 'Blocked BAD-HEADER' to stats. * updated web interface to display Passed/Blocked BAD-HEADER. SEE: http://www.daleenterprise.com/amavis-stats ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] amavis-stats 0.1.15
I've done a major rewrite again, daemonized the application, cleaned up the web interface. I realize that I just added the auto cron create/delete routines but since some platforms were having issues with the cron jobs I decided to go a different route. It's configurable and customizable, I currently include startup items for Darwin 7.x and 8.x (Mac OSX 10.3.x and 10.4.x), if you create something for your platform, please pass it along so it can be integrated into the build process making it easier for others. Also, please examine the 'TODO' file, perhaps you can contribute in some way. You can view it at: http://www.daleenterprise.com/amavis-stats You can download it from: http://downloads.topicdesk.com/amavis_stats/amavis-stats-0.1.15.tar.gz -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] amavis-stats 0.1.15
I've done a major rewrite again, daemonized the application, cleaned up the web interface. I realize that I just added the auto cron create/delete routines but since some platforms were having issues with the cron jobs I decided to go a different route. It's configurable and customizable, I currently include startup items for Darwin 7.x and 8.x (Mac OSX 10.3.x and 10.4.x), if you create something for your platform, please pass it along so it can be integrated into the build process making it easier for others. Also, please examine the 'TODO' file, perhaps you can contribute in some way. You can view it at: http://www.daleenterprise.com/amavis-stats You can download it from: http://downloads.topicdesk.com/amavis_stats/amavis-stats-0.1.15.tar.gz -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Spyware detection...
On Sep 11, 2005, at 10:07 PM, Thomas Hruska wrote: I hate to crosspost, but since it appears no one reads the Win32 list, I switched my subscription to the main users list. I've got ClamAV working and that is all good and fine. However, I looked in the archives of the clamav-users list and saw that still as of June 2005, ClamAV is completely uninterested in at least detecting spyware. I have a problem with that. Here is how I define a virus: - A digital invasion of unwanted and undesired bits in a computer system designed to infiltrate and change the state in the system in a negative manner. Here is how I define spyware: - A digital invasion of unwanted and undesired bits in a computer system designed to infiltrate and change the psychological state of the user in a negative manner. Frankly, I could care less if you don't remove spyware from a system with ClamAV. What I need is a _reputable_ scanner that works from the command line to _detect_ if a system contains spyware. Since ClamAV isn't apparently going to be that tool and Google isn't turning up a reputable command-line anti-spyware solution with sufficient options, I would appreciate a pointer to a tool that does this. All I need is to have the tool tell me: - Yes there is spyware on the system. OR - No there isn't spyware on the system. I don't need it to disinfect/remove/whatever - simply recognize that there is spyware, what file contains it, and display a notification as such on stdout. Seems to me that this is something simple that ClamAV could easily implement in a very short amount of time. For those who don't want to scan for spyware, include a command-line switch to turn off scanning for psychological manipulators (spyware, pranks, etc.). However, since ClamAV is uninterested in doing anything even remotely simple like this, I need someone to point out a _reputable_ tool that is better than ClamAV that does psychological manipulator scanning from the command-line - preferably open source, but since nothing is turning up on SourceForge or Google, I'll be impressed if someone finds anything. -- Thomas Hruska What your asking for sounds simple however, how do you establish detection?? Currently what little there is that accomplishes this feat looks for specific files by name and watches specific ports in an attempt to determine what is spyware. ClamAV currently has the ability to determine these things with some additional programming but then an additional database would have to be implemented to perform the matches of files and some extra coding to watch ports for activity with the ability to either check on the calling app or from a list of ports to not watch. Then what will occur is that spyware writers will then target these ports making detection more difficult and change the name of the app. Currently you are the spyware detector, you seek out these files and examine apps that access ports that you know shouldn't have activity so if you want something, how about writing something and calling it ClamSPY??? -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] HELP ME.
On Aug 29, 2005, at 12:25 AM, Shahzad Abid wrote: I am getting following error, please HELP ME. service clamd start Starting Clam AV daemon: LibClamAV debug: Setting /tmp/tmp as global temporary directory LibClamAV debug: Loading databases from /var/lib/clamav LibClamAV debug: Loading /var/lib/clamav/daily.cvd LibClamAV debug: in cli_cvdload() LibClamAV debug: MD5(.tar.gz) = 50b3e77a53aa574ba90b2221532313c0 LibClamAV debug: Decoded signature: 50b3e77a53aa574ba90b2221532313c0 LibClamAV debug: Digital signature is correct. LibClamAV Warning: LibClamAV Warning: *** This version of ClamAV engine is outdated. *** LibClamAV Warning: *** Please update it IMMEDIATELY! *** LibClamAV Warning: LibClamAV Error: cli_cvdload(): Can't create temporary directory / tmp/tmp/clamav-68bb43dcb0d6a6e8 LibClamAV Error: Can't load /var/lib/clamav/daily.cvd: Unable to create temporary directory LibClamAV debug: cl_loaddbdir(): error loading database /var/lib/ clamav/daily.cvd ERROR: Unable to create temporary directory [FAILED] From a quick glance you have a permission issue and your ClamAV is outdated. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] LIST MODERATOR
For several days now I have been flooded with the following messages, can you do something about this please. -- Dale On Aug 29, 2005, at 12:48 AM, [EMAIL PROTECTED] wrote: Hi. This is the qmail-send program at mail.internet.co.nz. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: Sorry, no mailbox here by that name. vpopmail (#5.1.1) --- Below this line is a copy of the message. Return-Path: [EMAIL PROTECTED] Received: (qmail 23905 invoked by uid 89); 29 Aug 2005 16:48:38 +1200 Delivered-To: [EMAIL PROTECTED] Received: (qmail 23901 invoked from network); 29 Aug 2005 16:48:38 +1200 Received: from unknown (HELO d2s.iconz.co.nz) (210.48.22.37) by mail.iconz.net with SMTP; 29 Aug 2005 16:48:38 +1200 Received: from sif.iconz.co.nz (sif.iconz.co.nz [210.48.22.32]) by d2s.iconz.co.nz (Death2Spam SMTP Sentinel Server 2.1.1 (23-Aug-05)) for [EMAIL PROTECTED]; Mon, 29 Aug 2005 16:48:35 +1200 Received: from localhost (localhost.localdomain [127.0.0.1]) by sif.iconz.co.nz (Postfix) with ESMTP id CE07048942 for [EMAIL PROTECTED]; Mon, 29 Aug 2005 16:48:37 +1200 (NZST) Received: from sif.iconz.co.nz ([127.0.0.1]) by localhost (sif [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 17094-18 for [EMAIL PROTECTED]; Mon, 29 Aug 2005 16:48:31 +1200 (NZST) Received: from mail.oltrelinux.com (krisma.oltrelinux.com [194.242.226.43]) by sif.iconz.co.nz (Postfix) with ESMTP id 36A6F48AD2 for [EMAIL PROTECTED]; Mon, 29 Aug 2005 16:48:30 +1200 (NZST) Received: from [127.0.0.1] (krisma [127.0.0.1]) by mail.oltrelinux.com (Postfix) with ESMTP id 80CAA11AE82; Mon, 29 Aug 2005 06:47:41 +0200 (CEST) X-Original-To: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] Received: from daleenterprise.com (mustangrestomods.com [67.78.11.228]) by mail.oltrelinux.com (Postfix) with ESMTP id C652011AE82 for clamav-users@lists.clamav.net; Mon, 29 Aug 2005 06:47:25 +0200 (CEST) Received: from daleenterprise.com ([127.0.0.1]) by localhost (mustangrestomods.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 18087-18 for clamav-users@lists.clamav.net; Mon, 29 Aug 2005 00:47:22 -0400 (EDT) Received: from [10.1.100.11] (relay.mustangrestomods.com [67.78.11.226]) by daleenterprise.com (Postfix) with ESMTP id B8D40BE9618 for clamav-users@lists.clamav.net; Mon, 29 Aug 2005 00:47:22 -0400 (EDT) Mime-Version: 1.0 (Apple Message framework v733) In-Reply-To: [EMAIL PROTECTED] References: [EMAIL PROTECTED] Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: [EMAIL PROTECTED] Content-Transfer-Encoding: 7bit From: Dale Walsh [EMAIL PROTECTED] Subject: Re: [Clamav-users] HELP ME. Date: Mon, 29 Aug 2005 00:47:22 -0400 To: ClamAV users ML clamav-users@lists.clamav.net X-Mailer: Apple Mail (2.733) MTA-Interface: amavisd-new-2.3.3 (20050822) at mustangrestomods.com X-Spam-Scanned: using SpamAssassin 3.0.4 (2005-06-05) at mustangrestomods.com X-Virus-Scanned: by ClamAV-0.86.2 (2005-07-25) at mustangrestomods.com X-BeenThere: clamav-users@lists.clamav.net X-Mailman-Version: 2.1.5 Precedence: list Reply-To: ClamAV users ML clamav-users@lists.clamav.net List-Id: ClamAV users ML clamav-users.lists.clamav.net List-Unsubscribe: http://lists.clamav.net/cgi-bin/mailman/listinfo/ clamav-users, mailto:[EMAIL PROTECTED] List-Post: mailto:clamav-users@lists.clamav.net List-Help: mailto:[EMAIL PROTECTED] List-Subscribe: http://lists.clamav.net/cgi-bin/mailman/listinfo/ clamav-users, mailto:[EMAIL PROTECTED] Sender: [EMAIL PROTECTED] Errors-To: [EMAIL PROTECTED] X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at krisma.oltrelinux.com X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at sif.iconz.co.nz X-Spam-Status: No, hits=0.0 tagged_above=-100.0 required=4.0 tests= X-Spam-Level: X-Spam-SMTP-Helo: sif.iconz.co.nz X-Spam-SMTP-From: [EMAIL PROTECTED] X-Spam-SMTP-Rcpt: [EMAIL PROTECTED] X-Spam-Classification: good X-Spam-Probability: 0.2762 (blacklist=0.0373 envelope=0.2263 contents=0.3627) X-Spam-Server: d2s.iconz.co.nz X-Spam-File: [EMAIL PROTECTED]/good/68d12e69 On Aug 29, 2005, at 12:25 AM, Shahzad Abid wrote: I am getting following error, please HELP ME. service clamd start Starting Clam AV daemon: LibClamAV debug: Setting /tmp/tmp as global temporary directory LibClamAV debug: Loading databases from /var/lib/clamav LibClamAV debug: Loading /var/lib/clamav/daily.cvd LibClamAV debug: in cli_cvdload() LibClamAV debug: MD5(.tar.gz) = 50b3e77a53aa574ba90b2221532313c0 LibClamAV debug: Decoded signature: 50b3e77a53aa574ba90b2221532313c0 LibClamAV debug: Digital signature is correct. LibClamAV Warning: LibClamAV Warning: *** This version of ClamAV engine is outdated. *** LibClamAV Warning: *** Please
Re: [Clamav-users] ClamAV compile problem on Sol9 with Sun Studio 10
On Aug 10, 2005, at 08:12 AM, Andrés Yacopino wrote: I have solaris too and compiled with gcc, this works great. I compiled it with this parameters: First i do: in /usr/local/lib ln -s /opt/sfw/gcc-3/lib/libgcc_s.so.1 libgcc_s.so.1 Then ./configure --build=sparc-sun-solaris2.9 LDFLAGS='-L/usr/local/lib' Wouldn't it be easier to just do: ./configure --build=sparc-sun-solaris2.9 LDFLAGS='-L/opt/sfw/gcc-3/lib' and skip making the link??? Greetings, Andres -- Dale___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] good newbie guide?
On Aug 06, 2005, at 05:15 AM, Terry Allen wrote: Hi all, I am trying to get clamav working on a Mac OS X server 10.4 with CommunigatePro 4.18. I have downloaded the binary, created my user and group, ran compile, make and make install, but I'm still having no luck. The make install gives a couple of errors at the end and I don't ever get anything in my /usr/local/bin/ Is there a good guide for me to follow to find out what I'm doing wrong? Or can any of you help me off the top of your head? Thanks, David Green Systems Analyst Magna-Tel, Inc. Hi again, Correct me if I'm wrong, but doesn't OSX server have ClamAV already installed for use under the onboard Postfix? If I am right, probably the Mac OSX admin list might be the best for advice on this if you don't get any replies. hope this helps. -- Bye for now, Terry Allen Terry, you're too funny L.O.L. Yes, you can modify CommuniGatePro to work with the installed ClamAV however, you method isn't going to work. First you need to get CGP installed and running, then skip the ClamAV build and configure CGP to work with the installed ClamAV. This requires knowledge of paths which isn't too difficult if you start poking around in /etc and /var you should find all you're looking for. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] CLAMAV SITE DOWN?
I've been trying to access the clamav.net site but it isn't responding, problems??? -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] WARNING: Your ClamAV installation is OUTDATED
On Jul 28, 2005, at 06:26 PM, OpenMacNews wrote: It looks like you have installed different versions of clamav in / usr and /usr/local oops. missed that, sorry ... nice catch. r One of the biggest issues I've seen is when building ClamAV on a Mac prior to 10.4.x The majority of the problem comes from supplied ltmain.sh, I've been substituting the supplied one from libxml2-2.6.17 and finding I get a much more stable build and it builds proper shared libraries in 10.2.x - 10.3.x. As well, I've gone a step further and have started using a newer libzzip (0.13.38) than the one supplied (0.10.27 - severely outdated). I've generated a patch that solves this problem. Of course if you haven't installed zzip it will still use the internal supplied zzip so other than an additional configure option (--with-zzip), nothing has changed if you don't use it or don't want to use an external zzip library. I've submitted the patch to the ClamAV dev team and we'll see if these improvements can be utilized. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] WARNING: Your ClamAV installation is OUTDATED
On Jul 28, 2005, at 06:59 PM, Dale Walsh wrote: On Jul 28, 2005, at 06:26 PM, OpenMacNews wrote: It looks like you have installed different versions of clamav in / usr and /usr/local oops. missed that, sorry ... nice catch. r One of the biggest issues I've seen is when building ClamAV on a Mac prior to 10.4.x The majority of the problem comes from supplied ltmain.sh, I've been substituting the supplied one from libxml2-2.6.17 and finding I get a much more stable build and it builds proper shared libraries in 10.2.x - 10.3.x. As well, I've gone a step further and have started using a newer libzzip (0.13.38) than the one supplied (0.10.27 - severely outdated). I've generated a patch that solves this problem. Of course if you haven't installed zzip it will still use the internal supplied zzip so other than an additional configure option (--with-zzip), nothing has changed if you don't use it or don't want to use an external zzip library. I've submitted the patch to the ClamAV dev team and we'll see if these improvements can be utilized. -- Dale For those interested in the build differences (aside from being significantly smaller). OLD BUILD: 1384 -rwxr-xr-x 1 root wheel 705508 Jul 19 22:48 /usr/local/lib/ libclamav.1..dylib /usr/local/lib/libclamav.dylib: /usr/local/lib/libclamav.1.dylib (compatibility version 2.0.0, current version 2.16.0) /usr/lib/libbz2.1.0.dylib (compatibility version 1.0.0, current version 1.0.2) /usr/local/lib/libgmp.3.dylib (compatibility version 7.0.0, current version 7.3.0) /usr/lib/libcurl.3.dylib (compatibility version 4.0.0, current version 4.0.0) /usr/lib/libssl.0.9.7.dylib (compatibility version 0.9.7, current version 0.9.7) /usr/lib/libcrypto.0.9.7.dylib (compatibility version 0.9.7, current version 0.9.7) /usr/local/lib/libz.1.2.2.dylib (compatibility version 1.2.0, current version 1.2.2) /usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 88.0.0) /usr/lib/libgcc_s.1.dylib (compatibility version 1.0.0, current version 1.0.0) /usr/lib/libmx.A.dylib (compatibility version 1.0.0, current version 92.0.0) /usr/local/lib/libclamav.dylib: Table of contents (250 entries) module name symbol name md5.lo _MD5_Final md5.lo _MD5_Init md5.lo _MD5_Update zzip-zip.lo ___zzip_aligned4 zzip-zip.lo ___zzip_find_disk_trailer zzip-zip.lo ___zzip_get16 zzip-zip.lo ___zzip_get32 zzip-zip.lo ___zzip_parse_root_directory zzip-zip.lo ___zzip_try_open message.lo _binhexBegin blob.lo _blobAddData blob.lo _blobArrayDestroy blob.lo _blobClose blob.lo _blobCreate blob.lo _blobDestroy blob.lo _blobGetData blob.lo _blobGetDataSize blob.lo _blobGetFilename blob.lo _blobGrow blob.lo _blobSetFilename blob.lo _blobcmp message.lo _bounceBegin chmunpack.lo _chm_copy_file_data chmunpack.lo _chm_read_data chmunpack.lo _chm_unpack matcher.lo _cl_build matcher.lo _cl_buildtrie cvd.lo _cl_cvdfree cvd.lo _cl_cvdhead cvd.lo _cl_cvdparse cvd.lo _cl_cvdverify others.lo_cl_debug matcher.lo _cl_dup matcher.lo _cl_free matcher.lo _cl_freetrie readdb.lo_cl_loaddb readdb.lo_cl_loaddbdir others.lo_cl_perror readdb.lo_cl_retdbdir others.lo_cl_retflevel others.lo_cl_retver matcher.lo _cl_scanbuff scanners.lo _cl_scandesc scanners.lo _cl_scanfile others.lo_cl_settempdir readdb.lo_cl_statchkdir readdb.lo_cl_statfree readdb.lo_cl_statinidir others.lo_cl_strerror matcher-ac.lo_cli_ac_addpatt matcher-ac.lo_cli_ac_buildtrie matcher-ac.lo_cli_ac_free matcher-ac.lo_cli_ac_scanbuff filetypes.lo _cli_addtypesigs binhex.lo_cli_binhex matcher-bm.lo_cli_bm_addpatt matcher-bm.lo_cli_bm_free matcher-bm.lo_cli_bm_init matcher-bm.lo_cli_bm_scanbuff others.lo_cli_calloc special.lo _cli_check_jpeg_exploit special.lo _cli_check_mydoom_log special.lo _cli_check_riff_exploit matcher.lo _cli_checkfp str.lo _cli_chomp cvd.lo _cli_cvdload cvd.lo _cli_cvdverify others.lo_cli_dbgmsg others.lo_cli_debug_flag others.lo_cli_errmsg others.lo_cli_filecopy filetypes.lo _cli_filetype filetypes.lo _cli_filetype2 others.lo_cli_gentemp str.lo _cli_hex2num str.lo _cli_hex2si str.lo _cli_hex2str others.lo_cli_leavetemps_flag scanners.lo _cli_magic_scandesc others.lo_cli_malloc mbox.lo _cli_mbox others.lo_cli_md5digest others.lo_cli_md5file others.lo_cli_md5stream str.lo _cli_memstr msexpand.lo _cli_msexpand
Re: [Clamav-users] Analyze Perl Script
On Jun 21, 2005, at 04:40 AM, Dave Wells wrote: Hi, A few people have asked for an attachement instead of the script being in-line so I have re-posted this as an attachment. Regards Dave Wells -Original Message- From: Ed Kasky [mailto:[EMAIL PROTECTED] Sent: 20 June 2005 17:56 To: Dave Wells Subject: Re: [Clamav-users] Analyze Perl Script At 02:51 AM Monday, 6/20/2005, you wrote -= Hi, I have written a perl script called Analyze that will run through sendmail's log files and pull out information regarding Infected mails captured by ClamAV. I wrote this script as we needed greater visibilty of what ClamAV was dropping and I couldn't find anything that would give me the info I required. Dave, Unfortunately, most of the lines got wrapped in the email. Would you mind sending me the script as an attachment in a tar? thanks a million! Also, have you ever seen Virus Scan Stats? http://www.bandsman.co.uk/cgi-bin/virus/display.pl?name Ed Kasky How about http://www.daleenterprise.com/amavis-stats ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] ClamAV and PHP
Well, I've finally got all of the code working with PHP without crashing FreeBSD or Mac OS X and it even seems to like ClamAV 0.85. http://www.daleenterprise.com/info.php and http://www.daleenterprise.com/clamav_info.php I've tried it on several different version of PHP from 4.3.2 to 5.0.4 and have had no problems with the module crashing or causing any unwanted problems. It was originally someone elses project, I've just made some changes and added a couple of distinguishable marks making it easy to identify. It's a simple process to add it to your existing php source, it can be build as a shared module so it can be installed without rebuilding your PHP if you wish to take the time to go that extra step. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] log entries.
I've been examine the log entries since I've updated to 2.3.1-rc3, I'm seeing 'quarantine' which I wasn't seeing in 2.2.1, is this normal entries for mail being delivered? May 12 11:59:12 daleenterprise.com /usr/bin/amavisd[18983]: (18983-04) Passed, [EMAIL PROTECTED] - [EMAIL PROTECTED], quarantine kSXnXLNeGF+H, Message-ID: [EMAIL PROTECTED], Hits: 0 May 12 12:00:42 daleenterprise.com /usr/bin/amavisd[18983]: (18983-05) Passed, [EMAIL PROTECTED] - [EMAIL PROTECTED], quarantine Z6zKXPMW8diz, Message-ID: [EMAIL PROTECTED], Hits: 0 May 12 12:07:20 daleenterprise.com /usr/bin/amavisd[18983]: (18983-06) Passed, [EMAIL PROTECTED] - [EMAIL PROTECTED], quarantine G3MD9CxfuVKh, Message-ID: [EMAIL PROTECTED], Hits: 0 -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] log entries. [disregard - wrong list]
On May 12, 2005, at 12:19 PM, Rob MacGregor wrote: On 5/12/05, Dale Walsh [EMAIL PROTECTED] wrote: I've been examine the log entries since I've updated to 2.3.1-rc3, I'm seeing 'quarantine' which I wasn't seeing in 2.2.1, is this normal entries for mail being delivered? The real question is - upgraded WHAT to 2.3.1-rc3? -- Please keep list traffic on the list. Rob MacGregor Whoever fights monsters should see to it that in the process he doesn't become a monster. Friedrich Nietzsche ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: Cannot get new update
On May 11, 2005, at 16:20, Dennis Peterson wrote: Dennis Peterson said: Dale Walsh wrote: The issue boils down to syntax and format, there are several, fixing the easy ones leaves you with the zziplib problem, the only solution that works is what is outlined in the 3 part e-mail I posted, many have tried other routes but the one I provided is the best overall solution I've been told. dp -- Dale This patch cleared up the zziplib problem. It now builds fine in standard versions of both 3.3 and 4.0 of gcc. http://ftp.ale.org/pub/mirrors/openpkg/sources/SRC/clamav/ clamav.patch dp This patch is incorporated into 0.85 which builds fine in Mac OS X 10.4 (Tiger). Nice job, doods and doodettes. dp I knew someone would eventually fix the zziplib issue, nice job for the person who figured it out. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: Cannot get new update
On May 10, 2005, at 02:04, Dennis Peterson wrote: Dale Walsh wrote: On May 09, 2005, at 13:02, Dennis Peterson wrote: Dale Walsh said: The user assigned to the cron job was clamav, same user that freshclam runs under, I set perms to 0777 and tried again but it wont update when it's run as a cron. dp I'm content with it running as a daemon, I thought perhaps this would solve the issue for others who are running it as a cron job and the db refuses to update. -- Dale You're running under Tiger now? I'm about to upgrade one of my systems and would like to try this. Anomalous behavior like this usually bites you later. You did check the directory perms the data are in and are certain there's but one version of freshclam installed? (mandatory stupid questions :-) dp There is only one version on the system, also, search the archives for the instructions to build ClamAV, I made a simple 3 part post that explains the process of building/updating and if you don't follow it you wont be able to build it. -- Dale I saw that - thanks for going to the trouble. I did upgrade to Tiger today on two different systems and no surprise, ClamAV does not compile on either whereas it did compile fine just prior to the upgrade. And, the build from the previous OS runs fine in Tiger. I'll follow your lead on this and see where it goes - I got a different error than yours, though. The issue boils down to syntax and format, there are several, fixing the easy ones leaves you with the zziplib problem, the only solution that works is what is outlined in the 3 part e-mail I posted, many have tried other routes but the one I provided is the best overall solution I've been told. dp -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Cannot get new update
On May 09, 2005, at 10:33, Dennis Peterson wrote: Dale Walsh said: -- freshclam daemon 0.84 (OS: darwin8.0.0, ARCH: ppc, CPU: powerpc) ClamAV update process started at Mon May 9 09:27:02 2005 main.cvd is up to date (version: 31, sigs: 33079, f-level: 4, builder: tkojm) daily.cvd is up to date (version: 871, sigs: 1178, f-level: 4, builder: ccordes) I did not rebuild anything, I disabled the cron job and ran freshclam as a daemon and it updated the db's almost immediately. Reasons? -- Dale Almosts sounds like the cron process was running as an underprivileged users - no write permissions on the file being updated, or possibly no write permissions in the directory that file is located in. Or the cron environment doesn't have all the information it needs. Any interesting errors in cronlog? The user assigned to the cron job was clamav, same user that freshclam runs under, I set perms to 0777 and tried again but it wont update when it's run as a cron. dp I'm content with it running as a daemon, I thought perhaps this would solve the issue for others who are running it as a cron job and the db refuses to update. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Cannot get new update
On May 09, 2005, at 13:02, Dennis Peterson wrote: Dale Walsh said: The user assigned to the cron job was clamav, same user that freshclam runs under, I set perms to 0777 and tried again but it wont update when it's run as a cron. dp I'm content with it running as a daemon, I thought perhaps this would solve the issue for others who are running it as a cron job and the db refuses to update. -- Dale You're running under Tiger now? I'm about to upgrade one of my systems and would like to try this. Anomalous behavior like this usually bites you later. You did check the directory perms the data are in and are certain there's but one version of freshclam installed? (mandatory stupid questions :-) dp There is only one version on the system, also, search the archives for the instructions to build ClamAV, I made a simple 3 part post that explains the process of building/updating and if you don't follow it you wont be able to build it. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Cannot get new update
On May 09, 2005, at 13:24, Eric Cunningham wrote: We're having the same issue on RHEL 3 running clamav .83 Running freshclam manually works fine but when run from cron, we get the same error trying to download daily.cvd Cron user is clamav (same user runs freshclam manually). Permissions look fine. I'd look into it further but we're about to replace RH with debian sarge for various other reasons anyway. If we still have trouble, I'll post what I find. -eric I found running it as a daemon solved this issue. Dennis Peterson wrote: Dale Walsh said: The user assigned to the cron job was clamav, same user that freshclam runs under, I set perms to 0777 and tried again but it wont update when it's run as a cron. dp I'm content with it running as a daemon, I thought perhaps this would solve the issue for others who are running it as a cron job and the db refuses to update. -- Dale You're running under Tiger now? I'm about to upgrade one of my systems and would like to try this. Anomalous behavior like this usually bites you later. You did check the directory perms the data are in and are certain there's but one version of freshclam installed? (mandatory stupid questions :-) dp -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] ClamAV-0.84 on OSX 10.4 can be built easily.
Well, I'm glad to say, I've done it, I've been able to get ClamAV 0.84 to build with an additional makefile helper that is 20 lines long, contains 657 characters (returns included) and has been used on several systems from virgin 10.4 to heavily modified without any difficulties. It requires a modified SDK environment but so far everything that wouldn't build after switching to 10.4 now build again. It's long so I'll post if in three parts. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Part I - the environment
download gmp-4.1.4.tar.gz and clamav-0.84.tar.gz In terminal as root user do the following (it will become clear as you go) mkdir -p /SourceCache/gmp-1 cd /SourceCache/gmp-1 tar xzf /path/to/gmp/archive (I hope you understand you need your actual archive path) mv gmp-{version} gmp cd gmp (configure gmp with the following switches) --prefix=/usr --mandir=/usr/share/man --sysconfdir=/private/etc -- enable-devel --enable-mpbsd --enable-mpfr cd /Developer/SDKs/ tar czf temp.tar.gz MacOSX10.3.9.sdk cd MacOSX10.3.9.sdk/Developer ln -s /Developer/Makefiles Makefiles cd ../usr/lib cp -p /usr/lib/libgmp.3.3.3.dylib /usr/lib/libgmp.a /usr/lib/ libgmp.la ./ cp -p /usr/lib/libmp.a /usr/lib/libmp.la /usr/lib/libmpfr.a /usr/lib/ libmp.3.1.7.dylib ./ ln -s libmp.3.1.7.dylib lib/libmp.3.dylib ln -s libmp.3.1.7.dylib lib/libmp.dylib ln -s libgmp.3.3.3.dylib lib/libgmp.3.dylib ln -s libgmp.3.3.3.dylib lib/libgmp.dylib cd ../include cp /usr/include/gmp.h /usr/include/mp.h /usr/include/mpf2mpfr.h / usr/include/mpfr.h ./ cd /Developer/SDKs mv MacOSX10.3.9.sdk MacOSX10.3.9MOD.sdk tar xzf temp.tar.gz mkdir -p /SourceCache/clamav-1 cd /SourceCache/clamav-1 tar xzf /path/to/clamav/archive (I hope you understand you need your actual archive path) mv clamav-0.84 clamav -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Part II - the Makefile(s)
/SourceCache/clamav-1/Makefile: ## # Makefile for Projects ## # Project info Project= clamav UserType= Developer ToolType= Libraries GnuAfterInstall= Extra_CC_FLAGS= #It's a GNU Source Project include $(MAKEFILEPATH)/CoreOS/ReleaseControl/GNUSource.make Configure= rm -rf /tmp/$(Project)/Release mkdir -p /tmp/$ (Project)/Debug ln -sf /CLAMAV_BUILD/Release /tmp/$(Project)/ Release CFLAGS=-DFD_SETSIZE=2048 ./configure Configure_Flags= --prefix=$(Install_Prefix) --mandir=$ (Install_Prefix)/share/man --sysconfdir=/etc --enable-bigstack --with- user=clamav --with-group=clamav --with-dbdir=/var/clamav lazy_install_source:: shadow_source Target_Install= install /SourceCache/gmp-1/Makefile: ## # Makefile for Projects ## # Project info Project= gmp UserType= Developer ToolType= Libraries GnuAfterInstall= Extra_CC_FLAGS= #It's a GNU Source Project include $(MAKEFILEPATH)/CoreOS/ReleaseControl/GNUSource.make Configure= rm -rf /tmp/$(Project)/Release mkdir -p /tmp/$ (Project)/Debug ln -sf /CLAMAV_BUILD/Release /tmp/$(Project)/ Release CFLAGS=-DFD_SETSIZE=2048 ./configure Configure_Flags= --prefix=$(Install_Prefix) --mandir=/usr/share/ man --sysconfdir=$(ETCDIR) --enable-devel --enable-mpbsd --enable-mpfr lazy_install_source:: shadow_source Target_Install= install ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Part III - the commands
You have a couple of install options, you can install for a distribution package or you can install on the local build system First we need to make the binaries so lets get that out of the way now. in terminal execute the following commands: __ su setenv MACOSX_DEPLOYMENT_TARGET 10.3 setenv NEXT_ROOT /Developer/SDKs/MacOSX10.3.9MOD.sdk setenv C_INCLUDE_PATH /Developer/SDKs/MacOSX10.3.9MOD.sdk/usr/include gcc_select 3.3 cd /SourceCache/clamav-1 mkdir -p /CLAMAV_BUILD/Release make __ To install for distribution you would issue the make install command and the binaries will be installed in /tmp/clamav/Release/usr Remember that if you wish to target a system lower than 10.3.9 then you will also need to make a Makefile for libbz2 as it isn't included in the OS, just follow the same principles used to make the MacOSX10.3.9MOD.sdk in say your 10.3.0 SDK. Also remember that you will need to update your modified build SDK with dependent libraries and header files If you want to skip the distribution and just install the app on the local machine then you would first cd to /tmp/clamav/Build and then issue the make install command. __ In Part II, I provided 2 makefiles in case you wanted to build a package installer for ditribution of clamav for installation on other systems and to show you that this method can be used with pretty much any source package cause you now have two working examples. As a note, clamav and gmp are considered a ToolType Libraries, I've also built PHP with this method (see http://www.daleenterprise.com/ info.php) but I had to make it a ToolType Services so if the code wont build when it did in 10.3.x, change the ToolType and remember to update your SDK and keep a text file of the updates so you know what you've added and if a project you wish to distribute has a lib on the list you must include it in the distribution package. __ I've also used this concept to build postfix 2.1.5 with the additional lookup table options (I'm going for mysql based virtual users/domain e-mail for easier management without giving up any Apple supplied functionality) but the Makefile is considerably more complex. Here's the postconf -m output of the new build: daleenterprise:/tmp/postfix/Release root# usr/sbin/postconf -m static sdbm cidr pcre regexp environ mysql proxy ldap btree netinfo unix hash daleenterprise:/tmp/postfix/Release root# Here's the currently installed config: daleenterprise:/tmp/postfix/Release root# postconf -m static sdbm cidr regexp environ proxy btree unix hash daleenterprise:/tmp/postfix/Release root# ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Problems building 0.83
on a fresh clean e-mail, send me the output of the following commands. ls -lsa /usr/lib +++ ls -lsa /usr/local/lib ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] ClamAV-0.84 and Mac OSX 10.4
By now some of you have tried building ClamAV to get an updated version running because you found the 0.81 and the lack of digital signature support to be displeasing. You are now experiencing build issues and find that even selecting gcc3.3 as the default compiler it still wont build. With gcc3.3 selected you can now configure it but it fails to build citing zziplib syntax issues among others yet you can take the same source code onto a 10.2.x or 10.3.x machine and it builds just fine. Well this has been an accelerated learning curve and I proud to say I've been able to build it with digital signature support using the provided Apple configured paths making it a drop in replacement. I asked Tomasz to place an installer on his webpage so you Mac OSX/ Tiger fans can update to the latest version with digital signature support without too much difficulty but at the moment he doesn't want to offer MacOSX support on the ClamAV site so I'm not sure what the next move should be. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Problems building 0.83
Give me the output of the following commands (without changing them) because I am looking for correlations. ls -lsa /isr/lib + ls -lsa /lib ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] [Off-List]
On May 04, 2005, at 11:44, Nigel Horne wrote: On Wednesday 04 May 2005 16:35, Dale Walsh wrote: I asked Tomasz to place an installer on his webpage so you Mac OSX/ Tiger fans can update to the latest version with digital signature support without too much difficulty but at the moment he doesn't want to offer MacOSX support on the ClamAV site so I'm not sure what the next move should be. A couple of us use MacOS/X, but neither have access to 10.4 so for the moment there is no official support for 10.4. I have 10.1, and A. N. Other has 10.3. Speaking in a personal capacity I'd love to also support 10.4, but for the moment, while I remain out of work, I can't afford the price of the upgrade so all my tests will continue against 10.1. Sorry :-( -- Dale -Nigel If it will help and you'll cover the cost of shipping, I'll send you Original Apple 10.4 Server install CD's, I have several extras. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] clamav on Mac OS X 10.4 Server
On May 04, 2005, at 14:41, Brad Koehn wrote: I've just upgraded to Mac OS X Server, which according to all the literature includes clamav... version 0.81! Upon downloading clamav-0.84, I discovered that I cannot build it successfully. During ./configure, I get the following warning: configure: WARNING: resolv.h: present but cannot be compiled configure: WARNING: resolv.h: check for missing prerequisite headers? configure: WARNING: resolv.h: see the Autoconf documentation configure: WARNING: resolv.h: section Present But Cannot Be Compiled configure: WARNING: resolv.h: proceeding with the preprocessor's result configure: WARNING: resolv.h: in the future, the compiler will take precedence configure: WARNING: ## -- ## configure: WARNING: ## Report this to the AC_PACKAGE_NAME lists. ## configure: WARNING: ## -- ## During the build, I get lots of warnings similar to these: matcher.c: In function 'cli_checkfp': matcher.c:180: warning: pointer targets in assignment differ in signedness matcher.c:185: warning: pointer targets in passing argument 1 of 'cli_vermd5' differ in signedness In the end, make fails with: In file included from ./zziplib/zzip.h:21, from zziplib/zzip-dir.c:18: ./zziplib/zziplib.h:91: error: parse error before zzip_ssize_t ./zziplib/zziplib.h:91: warning: data definition has no type or storage class ./zziplib/zziplib.h:194: error: parse error before zzip_file_read ./zziplib/zziplib.h:194: warning: data definition has no type or storage class ./zziplib/zziplib.h:201: error: parse error before zzip_read ./zziplib/zziplib.h:201: warning: data definition has no type or storage class make[2]: *** [zzip-dir.lo] Error 1 Mac OS X 10.4 introduces gcc-4.0, which I initially suspected as the culprit. However, even after switching to gcc-3.3 (and validating with gcc-v), I still get the same errors. Anybody else have the same issues? It's more complicated than that, we'll have to wait for the rest of the world to catch up. We're using the new gcc3.3 and newer rules which are far more strict about sloppy coding. The issues with zziplib are based on incorrect syntax, the only reason it flew before was that gcc3.3 wasn't as strict and would allow improper syntax to pass unless it was fatal. I've been able to get it to build by hacking the configure and Makefile files to death and using a build/break method to alter the build environment. I've sent an installer to several people now but it sure would be nice if someone would host the installer (in tar.gz format) to alleviate the e-mail stress I'm under due to being the only one being able to build it in 10.4. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Another race condition in ClamAV ??
On Apr 24, 2005, at 19:16, Joanna Roman wrote: If freshdb overwrite the virus databases when clamd was in the middle of reloading them, clamd might end up having loaded corrupted databases. Does everyone agree that such a window exists ? After examining the source for clamd, I have concluded that it reloads the databases when it is either restarted or freshclam notifies it that new db's are available so this would mean that the only way for this to occur is that something else is modifying the db's externally. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] LibClamAV Error: Can't create temporary file [Solution]
On Apr 20, 2005, at 12:25, José Miguel López Coronado wrote: Hello everybody. I have been suffering the following problem in my clamd.log: LibClamAV Error: Can't create temporary file /tmp/clamav-d0a0c6a5466f36fc/: Argumento inválido LibClamAV Error: fileblobDestroy: file not saved: report to [EMAIL PROTECTED] This have happended since I changed to 0.83 clamav version and only in one of the three servers where I have it installed. The three of them are running RedHat 9.0. Any idea why is this happening? Thanks in advance. Chemi The only real solution I have seen that works on all OS's is to place the ClamAV sock, pid and tmp directory in /var/clamav since running chrooted causes problems with permissions. [daleenterprise:~] websrvr% ls -lsa /var/clamav total 16 0 drwxr-xr-x 6 vscan vscan 204 20 Apr 11:10 . 0 drwxr-xr-x 33 root wheel 1122 20 Apr 11:11 .. 8 -rw-rw 1 vscan vscan 3 20 Apr 11:10 clamd.pid 0 srwxrwxrwx 1 vscan vscan0 20 Apr 11:10 clamd.sock 8 -rw-rw 1 vscan vscan3 20 Apr 11:10 freshclam.pid 0 drwxrwxrwx 2 vscan vscan 68 20 Apr 20:18 tmp This allows it to run without any difficulties (don't forget to adjust your clamd.conf and freshclam.conf files). -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] LibClamAV Error: Can't create temporary file
On Apr 20, 2005, at 21:01, Gene Leung wrote: Hi All, You are not the only one, I even upgrade it to 0.84RC1 and still have the same problem. My machine is using Fedora Core 2. I posted this question previously. I was told to turn on the debug, i.e., --enable-debug. Any way, I even tried to fall back to use the old version in order to get rid of this problem but in vail. It gives me another problem. To the worst, I think I need to reinstall the whole machine. Since it really gives me a headache since the upgrade! Before I reinstall the whole machine, can anyone tell me what the best way to reinstall just the old version of clamd 0.80? Best Regards Gene Leung Jim Maul wrote: José Miguel López Coronado wrote: Hello everybody. I have been suffering the following problem in my clamd.log: LibClamAV Error: Can't create temporary file /tmp/clamav-d0a0c6a5466f36fc/: Argumento inválido LibClamAV Error: fileblobDestroy: file not saved: report to [EMAIL PROTECTED] This have happended since I changed to 0.83 clamav version and only in one of the three servers where I have it installed. The three of them are running RedHat 9.0. Any idea why is this happening? Thanks in advance. Chemi. I believe i saw on this list that 0.84RCx fixes this problem. Check the archives. -Jim This is occurring because the shared libraries are no longer built and the lazy binding or bind at load actually work differently on different OS's. I've already seen issues in Mac OSX with iostream and I have generated my own work-around that is unique to my OS due to heavy modification by manually (shell script) generating the shared libraries because everything seems to work better with them. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: no socket
On Apr 11, 2005, at 22:20, Kurt Albershardt wrote: 0.83 on Gentoo Linux I'm not able to see a socket created, either when I use /var/tmp/clamav or when I configure as /var/run/clamav/clamd.sock (after creating the clamav directory and changing permissions appropriately.) Works fine on an old RH8 box, I've diffed the clamd.conf files and there is nothing notably different. Where to look? Is there a verbose startup mode for the daemon? try using: lsof -c command here are actual examples. daleenterprise:~ root# lsof -c clamd COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME clamd 443 mailtransport cwd VDIR 14,2 96002 / (/dev/disk0s3) clamd 443 mailtransport0u unix 0x039134f0 0t0 /var/clamav/clamd.sock clamd 443 mailtransport1w VCHR3,2 0t0 54212356 /dev/null clamd 443 mailtransport2w VCHR3,2 0t0 54212356 /dev/null clamd 443 mailtransport3r 0x032d8688 file struct, ty=0x3, op=0x3167f4 clamd 443 mailtransport4w VREG 14,280335 7190019 /private/var/log/mailtransport/clamd.log clamd 443 mailtransport5w VCHR3,2 0t0 54212356 /dev/null daleenterprise:~ root# lsof -c freshclam COMMAND PID USER FD TYPE DEVICE SIZE/OFFNODE NAME freshclam 357 mailtransport cwd VDIR 14,2 512 2255453 /usr/share/clamav freshclam 357 mailtransport0r 0x032d86f4 file struct, ty=0x3, op=0x3167f4 freshclam 357 mailtransport3w VREG 14,217155 7190022 /private/var/log/mailtransport/freshclam.log daleenterprise:~ root# -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] GMP-Devel - Where?
On Apr 07, 2005, at 04:23, Andrew wrote: Author: Matt Date: 2004-10-04 21:32 +100 To: ClamAV users ML Subject: Re: [Clamav-users] GMP-Devel - Where? Daniel J McDonald wrote: On Mon, 2004-10-04 at 15:09 -0400, Scott Rothgaber wrote: On Jim's suggestion, I went looking for GMP-Devel. It does not appear to be available anywhere in non-RPM format. I also searched the list archives and didn't see any clear answers. If I built GMP from source, is -devel included? Yes, when building from source, the header files are saved so that you can compile other things with the same library. The load the -devel answer applies to RPM based Linux distributions. I don't know what the solution is for FreeBSD. GMP is already part of base FreeBSD, but worth copying GMP files to /usr/lib/libgmp.* if you have upgraded libgmp. Matt I have FreeBSD 5.2.1, added libgmp-4.1.4 via pkg_add but got the same Digital Signatures fault because of unfound GMP support. This was the solution I found: ln -s /usr/local/lib/libgmp.a /usr/lib/libgmp.a ln -s /usr/local/lib/libgmp.so.6 /usr/lib/libgmp.so.6 ln -s /usr/local/lib/libgmp.so.6 /usr/lib/libgmp.so ln -s /usr/local/include/gmp.h /usr/include/gmp.h Andrew Liles. build from source: ./configure --enable-devel recommend to whomever is making the pkg to build it this way for future references. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] GMP-Devel - Where?
On Apr 07, 2005, at 11:03, Dennis Peterson wrote: Dale Walsh said: On Apr 07, 2005, at 04:23, Andrew wrote: I have FreeBSD 5.2.1, added libgmp-4.1.4 via pkg_add but got the same Digital Signatures fault because of unfound GMP support. This was the solution I found: ln -s /usr/local/lib/libgmp.a /usr/lib/libgmp.a ln -s /usr/local/lib/libgmp.so.6 /usr/lib/libgmp.so.6 ln -s /usr/local/lib/libgmp.so.6 /usr/lib/libgmp.so ln -s /usr/local/include/gmp.h /usr/include/gmp.h Andrew Liles. build from source: ./configure --enable-devel recommend to whomever is making the pkg to build it this way for future references. I'd have thought modifying the lib config (crle, ldconfig) on the box would have corrected the problem without adding links or recompiling. But then I don't know a whole lot about Linux and BSD - is that a possibility? Unless, of course, the lib paths are hard-coded into the executables. dp If it was built without this option enabled then how do you expect it to be available when it wasn't built? if you don't want to break the existing build then consider this. if it's in /usr/local then just do: ./configure --enable-devel make install if it's in /usr then do: ./configure --prefix=/usr --enable-devel make install it wont break anything. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] GMP-Devel - Where?
On Apr 07, 2005, at 12:12, Dennis Peterson wrote: Dale Walsh said: On Apr 07, 2005, at 11:03, Dennis Peterson wrote: Dale Walsh said: On Apr 07, 2005, at 04:23, Andrew wrote: I have FreeBSD 5.2.1, added libgmp-4.1.4 via pkg_add but got the same Digital Signatures fault because of unfound GMP support. This was the solution I found: ln -s /usr/local/lib/libgmp.a /usr/lib/libgmp.a ln -s /usr/local/lib/libgmp.so.6 /usr/lib/libgmp.so.6 ln -s /usr/local/lib/libgmp.so.6 /usr/lib/libgmp.so ln -s /usr/local/include/gmp.h /usr/include/gmp.h Andrew Liles. build from source: ./configure --enable-devel recommend to whomever is making the pkg to build it this way for future references. I'd have thought modifying the lib config (crle, ldconfig) on the box would have corrected the problem without adding links or recompiling. But then I don't know a whole lot about Linux and BSD - is that a possibility? Unless, of course, the lib paths are hard-coded into the executables. dp If it was built without this option enabled then how do you expect it to be available when it wasn't built? Since it found the links he added it appears to have been built to use them but couldn't find them. There's usually a couple ways to deal with that including ld_library_path and by tweaking the system ld search path with ldconfig or crle, and probably others. if you don't want to break the existing build then consider this. if it's in /usr/local then just do: ./configure --enable-devel make install if it's in /usr then do: ./configure --prefix=/usr --enable-devel make install it wont break anything. Agreed - but you still haven't told it where to look for those libraries. dp In most cases ClamAV was built against a gmp with devel enabled, building a new gmp one on top of the supplied one will install all of the required gmp files and a restart of freshclam and clamd will result in the library being loaded without any additional work. In the rare event that ClamAV was not built against gmp with devel enabled, it will have to be built from source as well. This is one reason why I like to build all apps from source, then I get what I need until I know that a binary exists in the configuration I'm looking for. While everyone is becoming dependent on rpm's, they sacrifice personal requirement for availability, if you build it you always get what you want, the easy management excuse doesn't fly, you can make your own rpm once you have it installed the way you want, makes for a very nice backup. Of course these are just my personal opinions and not necessarily those of the author and other list users. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Mirrors are not fully synchronized.
On Apr 06, 2005, at 04:59, Dave Ewart wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Freshclam seems to be giving me ERROR: Mirrors are not fully synchronized. Please try again later. rather a lot in the last few weeks. Freshclam runs every two hours, i.e. 12 times per day, and maybe two or three per day give the above message. Is this something that needs to be fixed at my end? Dave. - -- Dave Ewart I've checked my log going back a few days and this is not in any, I think it may be a configuration issue, check it and if you can't figure it out post it and perhaps someone can point out the problem to you. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] LibClamAV ERROR with tar archives
On Mar 17, 2005, at 05:48, Administrator wrote: hi, Version of Clamav 0.83/764 with HP-UX 11.11. PROBLEM When i try to scan tar archives this is the message: hpux11# /opt/clamav/bin/clamscan -r -v --debug --leave-temps aa.tar LibClamAV debug: Loading databases from /opt/clamav/share/clamav LibClamAV debug: Loading /opt/clamav/share/clamav/main.cvd LibClamAV debug: in cli_cvdload() LibClamAV debug: MD5(.tar.gz) = 486d65d0e35f87e7bca148052cdc6e67 LibClamAV debug: in cli_untgz() LibClamAV debug: Unpacking /var/tmp//clamav-193666ae0ccf7750/COPYING LibClamAV debug: Unpacking /var/tmp//clamav-193666ae0ccf7750/main.db LibClamAV debug: Unpacking /var/tmp//clamav-193666ae0ccf7750/main.hdb LibClamAV debug: Unpacking /var/tmp//clamav-193666ae0ccf7750/main.ndb LibClamAV debug: Loading databases from /var/tmp//clamav-193666ae0ccf7750 LibClamAV debug: Loading /var/tmp//clamav-193666ae0ccf7750/main.db LibClamAV debug: Initializing main node LibClamAV debug: Initializing trie LibClamAV debug: Initializing BM tables LibClamAV debug: in cli_bm_init() LibClamAV debug: BM: Number of indexes = 63744 LibClamAV debug: Loading /var/tmp//clamav-193666ae0ccf7750/main.hdb LibClamAV debug: Initializing md5 list structure LibClamAV debug: Loading /var/tmp//clamav-193666ae0ccf7750/main.ndb LibClamAV debug: Loading /opt/clamav/share/clamav/daily.cvd LibClamAV debug: in cli_cvdload() LibClamAV debug: MD5(.tar.gz) = 3f5036d5adb949238c34b50c9ae6e2c6 LibClamAV debug: in cli_untgz() LibClamAV debug: Unpacking /var/tmp//clamav-d5a45cd07e2ee865/COPYING LibClamAV debug: Unpacking /var/tmp//clamav-d5a45cd07e2ee865/daily.db LibClamAV debug: Unpacking /var/tmp//clamav-d5a45cd07e2ee865/daily.hdb LibClamAV debug: Unpacking /var/tmp//clamav-d5a45cd07e2ee865/daily.ndb LibClamAV debug: Unpacking /var/tmp//clamav-d5a45cd07e2ee865/daily.zmd LibClamAV debug: Loading databases from /var/tmp//clamav-d5a45cd07e2ee865 LibClamAV debug: Loading /var/tmp//clamav-d5a45cd07e2ee865/daily.db LibClamAV debug: Loading /var/tmp//clamav-d5a45cd07e2ee865/daily.hdb LibClamAV debug: Loading /var/tmp//clamav-d5a45cd07e2ee865/daily.ndb Scanning aa.tar LibClamAV debug: Recognized POSIX tar file LibClamAV debug: in cli_scantar() LibClamAV debug: In untar(/var/tmp//clamav-60a3f46bcf4ced06, 4) LibClamAV Error: Can't create temporary file : No such file or directory LibClamAV debug: 4 15 0 LibClamAV debug: Tar: Unable to create temporary file LibClamAV debug: Virus offset: 1024, expected: 0 (Eicar-Test-Signature) LibClamAV debug: Virus offset: 2087, expected: 0 (Eicar-Test-Signature) LibClamAV debug: Calculated MD5 checksum: bd469cc4164007dac9ea45b14b479089 aa.tar: Unable to create temporary file --- SCAN SUMMARY --- Known viruses: 31633 Scanned directories: 0 Scanned files: 1 Infected files: 0 Data scanned: 0.01 MB I/O buffer size: 131072 bytes Time: 1.895 sec (0 m 1 s) Temporary directory /var/tmp//clamav-60a3f46bcf4ced06 created by clamscan have permission rwx-- and is owned by root:root but /var/tmp is rwxrwxrwx. Please help me. Looks like the wrong user/group is working this file. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] clamav-devel (20050316) and zlib-1.2.2
On Mar 16, 2005, at 10:24, Odhiambo Washington wrote: I am trying to statically compile zlib-1.2.2 into my clamav installation on FreeBSD 4.11. cd zlib-1.2.2 ./configure make cd ../clamav-devel ./configure --with-zlib=../zlib-1.2.2 [other opts] This is obviously wrong and wont give you the results you are after. I get this error: cut checking for pthread.h... yes checking for zlib installation... using ../zlib-1.2.2 configure: error: Please install zlib and zlib-devel packages /cut I'm thinking this should be the correct way. I don't intend to install zlib-1.2.2 over what is on my system until they import it into the base system ;) When you configure zlib without specifying a prefix it will defalut to /usr/local and wont overwrite your existing zlib if it is installed in /usr however, I offer the following advice. If libz.a is installed in /usr/lib then build zlib 1.2.2 with the following command. ./configure --prefix=/usr make make install. If libz.a is installed in /usr/local/lib then build zlib 1.2.2 with the following command. ./configure make make install. If libz.a is installed in another folder, let me know where and I'll give you a proper build/install command. By installing an updated zlib, it wont break your system or anything that depends on the zlib libraries and is a safe upgrade to perform from a user standpoint. Don't be afraid, no harm will come to your system and later when they get it into the RPM's, nothing will break when you update other apps. As well, I recommend building from source everything you require on your system rather than installing someone's RPM, most RPM's are generic in nature and you usually end up getting stuff you don't want or need, don't get me wrong, I think RPM's are useful as a base to work from and that is where I would start, a basic RPM of the latest OS and build from there. You also get less problems when you build your own over someone's RPM's and you don't have to wait on anybody to fix anything that doesn't work properly. -Wash -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] clamav-devel (20050316) and zlib-1.2.2
On Mar 16, 2005, at 14:08, Odhiambo Washington wrote: * Dale Walsh [EMAIL PROTECTED] [20050316 19:40]: wrote: On Mar 16, 2005, at 10:24, Odhiambo Washington wrote: I am trying to statically compile zlib-1.2.2 into my clamav installation on FreeBSD 4.11. cd zlib-1.2.2 ./configure make cd ../clamav-devel ./configure --with-zlib=../zlib-1.2.2 [other opts] This is obviously wrong and wont give you the results you are after. Oh! I get this error: cut checking for pthread.h... yes checking for zlib installation... using ../zlib-1.2.2 configure: error: Please install zlib and zlib-devel packages /cut I'm thinking this should be the correct way. I don't intend to install zlib-1.2.2 over what is on my system until they import it into the base system ;) When you configure zlib without specifying a prefix it will defalut to /usr/local and wont overwrite your existing zlib if it is installed in /usr. Well, that is what I actually expected! I don't want to overwrite the system's zlib. however, I offer the following advice. If libz.a is installed in /usr/lib then build zlib 1.2.2 with the following command. ./configure --prefix=/usr make make install. If libz.a is installed in /usr/local/lib then build zlib 1.2.2 with the following command. ./configure make make install. If libz.a is installed in another folder, let me know where and I'll give you a proper build/install command. I actually don't want to overwrite system zlib. I mentioned that in my post, no? By installing an updated zlib, it wont break your system or anything that depends on the zlib libraries and is a safe upgrade to perform from a user standpoint. I don't want to mess with this server at all. I just want to see the diff between two clamds compiled differently. Don't be afraid, no harm will come to your system and later when they get it into the RPM's, nothing will break when you update other apps. I run FreeBSD, so I'm allergic to RPMs ;-) As well, I recommend building from source ..that is what I always do with clamav... [The rest of the story snipped]. Where are the archives of this list, like for last week? I remember someone mentioned how to do what I want to do and I think I am almost right in how I was doing it... I don't intent to install zlib-1.2.2 over my system's zlib! -Wash I guess you didn't understand my response. Doing this upgrade is safe and wont break anything and is recommended. Installing it in a secondary location is not recommended and the reasons should be obvious!!! This upgrade is recommended because it fixes some bugs, improves performance and fixes some vulnerabilities. If you don't want to install it for any reason then give just give up on building anything that depends on it because without it they wont build. Is that any clearer for you? -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] clamav-devel (20050316) and zlib-1.2.2
On Mar 16, 2005, at 19:33, Dennis Peterson wrote: Dale Walsh said: Where are the archives of this list, like for last week? I remember someone mentioned how to do what I want to do and I think I am almost right in how I was doing it... I don't intent to install zlib-1.2.2 over my system's zlib! -Wash I guess you didn't understand my response. Doing this upgrade is safe and wont break anything and is recommended. Installing it in a secondary location is not recommended and the reasons should be obvious!!! This upgrade is recommended because it fixes some bugs, improves performance and fixes some vulnerabilities. If you don't want to install it for any reason then give just give up on building anything that depends on it because without it they wont build. Is that any clearer for you? -- Dale It's clear to me, Dale, and it's wrong. I wouldn't do it either. I get my system libs from Sun, for example, because they are guaranteed to work with my OS. Anything else goes into /usr/local where my compiled sources are told to look for it. Generalizations are usually a bad idea - including mine. It is best to leave it to each admin to manage the configuration of their OS's. In this instance the OP can put the path to his libs in his clamav configure. If that doesn't work (as revealed by ldd, for example) then he can hack the Makefile. dp Yes, you can hack the Makefile, but Sun doesn't do anything special to the zlib installation so upgrading this app/library wont have any ill effects. If you do a ./configure make make install, it will install in /usr/local and you can point ClamAV to this library and it will work as you expect however, you may experience other side-affects by having two versions of zlib installed when library loading/linking occurs by different applications. If you're doing this for test purposes, go ahead and do it this way but if you're wishing to use it in deployment, this is not recommended based on the problems that it causes unless soft-linking is employed and very few applications use this linking method. Considering the problem that occur with loading several different versions of the same application library, it should not pose any serious problem and System Engineers may consider this approach to determine compatibility on a test platform before deploying the application. It's your system and your opinion to deploy it in any way you wish, making a fuss over zlib doesn't make a whole lot of sense to most people but you don't need my permission to install it they way you want, just consider the consequences of following this path is all I suggest and recommend. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] clamav with apache
On Mar 16, 2005, at 21:37, Robin Lynn Frank wrote: I know it is an unusual question, but has anyone here used mod.clamav with apache 2 and clamav? Good? Bad? Ugly? -- Robin Lynn Frank I suspect it's a little outdated because I couldn't even get it to configure because of it's lack of ability to actually locate the installed library which is in /usr/lib, the file dates are prior to May 2004 and even hacking the configure.in didn't prove very successful because during the make process it complained about macro names and redefines before failing so I'm sorry I couldn't be of much help with this but perhaps someone else has had better luck. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] using the clamd daemon from another application.
I'm wondering if someone can help me, I've got an application that copies files, what I'd like to do is utilize the clamd daemon to scan the file if the daemon is running. Here is what I do know: (not much it looks like) clamav_socket holds the full path to the clamd.sock file and is assignable in the config file. file_source holds the full path (file name included) to the source file to be copied and is supplied by the calling function (copy_file[file_source,file_destin]). the actual copy routine uses basic open/read/write/close functions to copy the file. What I'd like to do is have the daemon (if it's running) scan the file and then copy it if it returns clean, unfortunately I have little experience using socket files to process anything so I'm looking for some assistance from someone who knows how to make this work. Basically all I need is a function to process the file (something like perform_filescan[file_source]), returning clean or the virus name so I can either copy the file or, display an alert with the virus name that was detected. Anyone have any experience in this area and willing to assist me? -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] clamav-devel (20050316) and zlib-1.2.2
On Mar 17, 2005, at 00:03, Dennis Peterson wrote: Dale Walsh said: On Mar 16, 2005, at 19:33, Dennis Peterson wrote: Dale Walsh said: Where are the archives of this list, like for last week? I remember someone mentioned how to do what I want to do and I think I am almost right in how I was doing it... I don't intent to install zlib-1.2.2 over my system's zlib! -Wash I guess you didn't understand my response. Doing this upgrade is safe and wont break anything and is recommended. Installing it in a secondary location is not recommended and the reasons should be obvious!!! This upgrade is recommended because it fixes some bugs, improves performance and fixes some vulnerabilities. If you don't want to install it for any reason then give just give up on building anything that depends on it because without it they wont build. Is that any clearer for you? -- Dale It's clear to me, Dale, and it's wrong. I wouldn't do it either. I get my system libs from Sun, for example, because they are guaranteed to work with my OS. Anything else goes into /usr/local where my compiled sources are told to look for it. Generalizations are usually a bad idea - including mine. It is best to leave it to each admin to manage the configuration of their OS's. In this instance the OP can put the path to his libs in his clamav configure. If that doesn't work (as revealed by ldd, for example) then he can hack the Makefile. dp Yes, you can hack the Makefile, but Sun doesn't do anything special to the zlib installation so upgrading this app/library wont have any ill effects. Rot. They give it a part number, they track dependancies, it becomes part of the total configuration management system, they upgrade it in a coordinated fashion and in concert with other dependent packages. Man pages are replaced, for example, and are placed where pkgadd/pkgrm expects to see them. pkginfo will give you accurate information about the running product. This is in no way limited to zlib. If you do a ./configure make make install, it will install in /usr/local and you can point ClamAV to this library and it will work as you expect however, you may experience other side-affects by having two versions of zlib installed when library loading/linking occurs by different applications. User error. If you're doing this for test purposes, go ahead and do it this way but if you're wishing to use it in deployment, this is not recommended based on the problems that it causes unless soft-linking is employed and very few applications use this linking method. I'd imagine that if you have 40 different systems to manage with your methodology you'd truely have 40 very different systems. Considering the problem that occur with loading several different versions of the same application library, it should not pose any serious problem and System Engineers may consider this approach to determine compatibility on a test platform before deploying the application. Thanks, no. The OP has it right. dp Unfortunately you have misunderstood the scope of this topic and the information I have offered as something I recommend as a way of life.. I do have 14 systems to manage and I don't play games with any of them. Fortunately, the methodology isn't mine, it is the original poster who wishes to install different version of ClamAV and by adding the latest, a version requirement for zlib is being encountered that he doesn't want to install. All I did was mention the potential problems, suggest that a temporary install for testing purposes as described to me is about his only possible option if he still wishes to test-install the latest ClamAV without overwriting the current system installed zlib. In your case, you are saying you're basically stuck with the whatever version is available based on your configuration system management provides for you, hopefully they have the latest versions available. I don't run into this problem, all my systems are the same, latest version of zlib installed, latest version of ClamAV, each system identical, I do a test install on an off-line server and if all works as intended I then deploy the application. Installing multiple version of zlib doesn't make sense to me because of dependancy issues and issues that System Engineers have explained regarding simultaneous loading/linking of multiple version and the potential problems based on this that I don't want to experience. Your comments on my comments haven't helped the original poster figure out he should do it the right way, your comments don't really help him at all, you spent too much time attacking what I suggested without acknowledging why it was suggested or even offering an alternative method for him to use. He doesn't want to overwrite the existing zlib or ClamAV, he wants to install it just to see what the differences are, if you have another way of installing both so he can see the differences I'm sure he'd be happy to read it as would I. Basically
Re: [Clamav-users] Graphical reporting tools
On Mar 07, 2005, at 10:28, Ken Jones wrote: On Sunday 06 March 2005 11:08 am, Sam wrote: Hi I'm looking for something that's been written that will display the number of viruses/malware that Clam has stopped and pipe it to an html file I can provide to my customers. I found one by Vijay (AT ericavijay.net) but it doesn't seem to work with (possibly) the newer output to /var/log/messages (It appears to be grepping for something that's no longer therenot being a programmer however I cannot say for sure.) The install ran smoothly, but it shows 0 for viruses found, but cat/grep/word count in /var/log/messages indicates that there have been 627 hits on viruses found today so far.) Has anyone found a reporting tool that will do this and had good luck with it? QmailMrtg7 can graph the number of viruses in an mrtg format. Here is a link to our live qmailmrtg7 graphs. http://mail.inter7.com/qmailmrtg/ The software is available here: http://www.inter7.com/?page=qmailmrtg7 Ken Jones Ken, you may want to repost this with links that actually work or fix your DNS problem, seems that http://mail.inter7.com; and http://www.inter7.com; don't work but http://inter7.com; does. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Graphical reporting tools
How about amavis-stats, while I have rewritten a lot of it, this version has not been publicly released as of yet, it supports multiple hosts and a view other nice features, you can view it at: http://www.daleenterprise.com/amavis-stats -- Dale On Mar 06, 2005, at 16:06, Gian Carlo wrote: On Sun, Mar 06, 2005 at 01:04:04PM -0500, John Fleming wrote: Vijay's script works fine - see http://www.bandsman.co.uk/cgi-bin/virus/display.pl How to get that script? The www.ericavijay.net/cgi-bin/virus/display.pl link on ericavijay.net just points to a sample html page rather than the script... http://pandaemail.sourceforge.net/download/perl-install.tgz Bye, gc :-) ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Tool to upgrade
On Mar 03, 2005, at 07:37, Matt Fretwell wrote: Allori Lorenzo wrote: I'm starting from another point of view.. i want to do a script that can understand how i first installed clamav (meaning what ./configure options i used) and downloads the last clamav version untars it and compile and install the last version on the old one (replacing the old conf files with the new ones). Most of that can be done with a basic shell script. The problems are: 1) What happens if there is a problem with the compilation? 2) What happens when there are new options that require adding and setting to the existing conf file? Would they be okay at the defaults? That is why human intervention is required to some degree. The idea is very basic and straight forward. The implemantation is not. Matt A solution to this problem would be to force everyone to use the same build parameters, this would not only make maintenence easier, it would help in debugging because all of the parameters and options would be the same. If the software was configured with a prefix of /usr and a user/group of #30, (the user/group names could be anything even system specific) the build is then controlled, with the exception of custom config options which could be parsed with grep/sed, adding any new features would not become an issue. Of course this also means that upon a clean installation, dependent libraries would also have to be included or at least version tested before adding which is a simple task and a preinstall function to save the existing install in case of an error as a safety precaution to restore and notify the installer an error occured. There is a solution for everything, just everything would have to be taken into consideration. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Tool to upgrade
On Mar 03, 2005, at 10:22, Dennis Peterson wrote: Dale Walsh said: On Mar 03, 2005, at 07:37, Matt Fretwell wrote: That is why human intervention is required to some degree. The idea is very basic and straight forward. The implemantation is not. Matt A solution to this problem would be to force everyone to use the same build parameters, this would not only make maintenence easier, it would help in debugging because all of the parameters and options would be the same. Fine. I'd like all builds to be 64-bit starting today. No reason that should be a problem. dp Funny that you make a remark like that but taking into account the lowest common denominator of system types, making it 64bit only would be project failing contributor and I think it would be better for the machines building tools to make that determination. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Tool to upgrade
On Mar 02, 2005, at 05:02, Steffen Heil wrote: Hi I've just rebuilt ClamAV from source on an FC1 and a Mac OSX server after making minor source code edits, the time involved on both machines was less than 15 minutes, this also included a complete rebuild of Apache and PHP on the Mac (I have fast machines) so using old and outdated software because your waiting on an updated RPM doesn't make any logical sense. You miss the point. This is not about having less work to update, this is about having NO work to update. An example: We so have some Windows servers running since years which use McAfee VirusScan Enterprise 7.0. It loads DAT-File (definitions) a few times a day (as freshclam does). But it also loads Engine-Updates every few months. Some of these servers have not been touched for more than a year. It simply works. Your talking about windows machines and support features, while mcafee does offer a mac package, it does utilize the same dat files I believe but, the programmers were lazy and did not build the same engine update support so you have to manually download and install engine updates and pushing better support features for the windows platform is only beneficial to you and others running windows. This is what should be archieved, IMHO. Exspecially on virus scanner updates, I would think it is very important to have that, because most administrators of smaller systems will NOT monitor which versions become available and will immediately update everything, exspecially when compiling is involved. Most admins of small companies need to do this additionally to their primary job and only work on it, if required. For most of them required is just then, when a new virus already made it into their system. I know, it would be better to have full time admins which keep track and update immediately, but this is life. McAfee DOES a great job on this - even though I assume this is way easier on windows. (Yes, I assume this IS an advantage of windows.) Anyway, there must be a way to give this advantage to linux users. Not using libraries but statically linking all required dependencies would put more memory footprint to the system, but would make engine update schemes possible. This might become possible utilizing a fink type of foot-print to handle downloading of updated source files and building on the fly or modifying freshclam to handle this, it then creates more burden on the providers to program something that is outside the scope of their package based on the lazyness of the end user and this doesn't seem fair to to them when this is all provided for free. Think about it. This doesn't require a lot of thought, it does make logical sense however, supporting multiple platforms means the offering source and building could only be circumvented by the authors providing unilateral and equilateral support for platforms/OS's and environments that becomes non-feasible without financial support and are forced to charge for their product to offset these expenditures. Regards, Steffen -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav issues, possible cause of crashing/freezing of ClamAV software.
On Mar 02, 2005, at 07:18, Tomasz Kojm wrote: On Tue, 1 Mar 2005 22:34:45 -0500 Dale Walsh [EMAIL PROTECTED]> wrote: I feel confident in reporting that the freezing issue on my FC1 server has been eliminated by the info/change that Tomasz provided me with, I have disabled the cron job that was restarting the process every two hours to keep it from freezing and it's been humming along fine for 9 hours and I was lucky if it would go 4 hours without freezing. Here's a diff for those who wish to try it. It's not needed. You're the only special case who has reported such strange problems. -- oo. Tomasz Kojm [EMAIL PROTECTED]> Tomasz, can you explain what this change actually did so I can understand why it made it work? I've tested this on several different Mac's and OS versions with the same results. I have tested other app implementations utilizing the static library on the Mac and all that load the library into memory and stay active crash with a segfault, yet if the app loads the library, does it thing and quits, no crashing occurs. I thought it may be a binding issue but using -x-tad-smallerbind_at_load/x-tad-smaller flag didn't seem to do anything. I don't believe that this issue is Mac specific, I think that perhaps I'm doing a little more than the average user and this is why I am having some issues not experienced by others. Also a query, is clamdscan a daemon app? -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Tool to upgrade
On Mar 02, 2005, at 11:04, Allori Lorenzo wrote: Dear Group, I think i will make a script to automate the process myself.. I really think the clamav developers have already done a great work providing us clamav sources, so why bothering them for creating a new system for upgrading the clamav itself i think we can still compile from sources: i will see how to manage and I'll post in the list how solved this problem, if someone needs it. Cheers, Lorenzo Lorenzo, I already had previously started working on a software update routine for a different project that I believe could be a solution to this. It requires a couple of things, a host with an xml file that holds the latest version number to test against, a repository of binary builds to obtain the updates from and finally someone who can generate all of the platform binaries and place them on the server within a reasonable time frame. Here is what I can provide. A server with space specifically donated for this task, the ability to mirror this site to reduce load, the xml file that auto updates itself based on the ClamAV websites main page that uses a robot (or other acceptable method) to extracts the version number for the latest stable release. All I would need would be an A record from the DNS providers of ClamAV pointing to the IP in question (something like update.clamav.net A xxx.xxx.xxx.xxx ), additional mirror sites and the binaries for other platforms that are non Macintosh and the code required to install these binaries based on their respective platforms (this could be as simple as un-tarring and moving to the destination location or as complicated as building and installing the source). This would require a commitment from specific people to generate/provide the binaries in a timely manner and a lot of behind the scenes work would have to take place to make it all happen. Specifics like the frequency of version checks, a realm established for communication between the update server and ClamAV to prevent any unnecessary or unwanted access at the ClamAV websites update communication protocols and, other issues would have to be addressed. This would require participation and input from the ClamAV team to make it all work together and is something very doable but, I'm not the one to give authorization on this side project and I believe a proper proposal would have to be generated and submitted to Tomasz for authorization unless you strictly wanted to undergo the entire update project on your own. While I trust the ClamAV team is dedicated to providing the very best in their product, because of this dedication, I am more than willing to bend over backwards to do anything I can to assist in any way I can as my way to show my appreciation for the invaluable product they generate and everything else is icing on the cake. A public discussion on this subjects intricate details would not be appropriate, I see no reason in not discussing the public aspects openly but I think that the first order of business would be to assign/elect/appoint someone to spearhead this side project and then design an acceptable proposal for submission to the ClamAV team. In a public discussion, it would be reduced to an interest in the project or not, programming details while public input will be required, it's not a general topic for everyone to participate in so a kinda feature survey would be the most likely route to follow as a starting point. These are just my thoughts and opinions and do not represent the thoughts and opinions of the ClamAV team and are currently not endorsed, expressed or approved by the ClamAV team to the best of my knowledge. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav issues, possible cause of crashing/freezing of ClamAV software.
On Mar 02, 2005, at 09:40, Dale Walsh wrote: On Mar 02, 2005, at 07:18, Tomasz Kojm wrote: On Tue, 1 Mar 2005 22:34:45 -0500 Dale Walsh [EMAIL PROTECTED] wrote: I feel confident in reporting that the freezing issue on my FC1 server has been eliminated by the info/change that Tomasz provided me with, I have disabled the cron job that was restarting the process every two hours to keep it from freezing and it's been humming along fine for 9 hours and I was lucky if it would go 4 hours without freezing. Here's a diff for those who wish to try it. It's not needed. You're the only special case who has reported such strange problems. -- oo. Tomasz Kojm [EMAIL PROTECTED] Well, I guess I spoke too soon, looks like ClamAV hung on the FC1 server last night after I went to bed. Fortunately, the Mac is still running and I'm contemplating taking it off of gdb. There was a recent patch offered on the list that I questioned and never got a response on so I'll go look through the archives and see if I can locate it. -- Dale Looks like I really spoke to soon, the Mac just crashed, seems the hack supplied by Tomasz only delayed the crash on the Mac. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] libclamav issues, possible cause of crashing/freezing of ClamAV software.
I've been poking around with gdb and I came across a couple of things, first, libclamav doesn't remove temp files created in /var/tmp, second, it looks like it's trying to deal with two or more handlers at one time by hanging on to the old tmp dir structure and I don't believe it's supposed to do this. Not sure what the fix is at the moment, still poking around but it might give the person working on libclamav something to look at. Also, who is heading up the libclamav portion of the project? -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Tool to upgrade
clamav-config already exists, so far they haven't tied into it to examine a previous installation. On Mar 01, 2005, at 06:45, Allori Lorenzo wrote: Dear Clamav Experts, - this is just a useful suggestion: why don't you create a script that detects personal settings of a working clamav installation and permits to compile and upgrade the old version of clamav with from the new sources? Every time I need to upgrade I have to remember the different installations i have on different servers : it is very annoying =). Thanks a lot, Lorenzo Lorenzo Allori Systems Administrator Office: +393491924516 Mobile: +393398612411 The Medici Archive Project [EMAIL PROTECTED] ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav issues, possible cause of crashing/freezing of ClamAV software.
On Mar 01, 2005, at 06:08, Tomasz Kojm wrote: On Tue, 1 Mar 2005 05:58:19 -0500 Dale Walsh [EMAIL PROTECTED] wrote: I've been poking around with gdb and I came across a couple of things, first, libclamav doesn't remove temp files created in /var/tmp, This is not a bug in libclamav but in php-clamav and was already described here. Tomasz, no where in php-clam is a call to cli_bm_addpatt made and this appears to be the fatal function so how can you say it is php-clam when it never calls this function? second, it looks like it's trying to deal with two or more handlers at one time by hanging on to the old tmp dir structure and I don't believe it's supposed to do this. ? Not sure what the fix is at the moment, still poking around but it Rewrite php-clamav from scratch? Also, who is heading up the libclamav portion of the project? A few developers, check on the top of source files. -- oo. Tomasz Kojm [EMAIL PROTECTED] -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav issues, possible cause of crashing/freezing of ClamAV software.
On Mar 01, 2005, at 07:16, Tomasz Kojm wrote: On Tue, 1 Mar 2005 06:55:05 -0500 Dale Walsh [EMAIL PROTECTED] wrote: On Mar 01, 2005, at 06:08, Tomasz Kojm wrote: On Tue, 1 Mar 2005 05:58:19 -0500 Dale Walsh [EMAIL PROTECTED] wrote: I've been poking around with gdb and I came across a couple of things, first, libclamav doesn't remove temp files created in /var/tmp, This is not a bug in libclamav but in php-clamav and was already described here. Tomasz, no where in php-clam is a call to cli_bm_addpatt made and this appears to be the fatal function so how can you say it is php-clam when it never calls this function? As you can see above, I was referring to libclamav doesn't remove temp files. -- oo. Tomasz Kojm [EMAIL PROTECTED] My misunderstanding. What about the other issue regarding handlers and not releasing calls to cli_bm_addpatt? -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Tool to upgrade
On Mar 01, 2005, at 06:59, Tomasz Kojm wrote: On Tue, 1 Mar 2005 06:50:54 -0500 Dale Walsh [EMAIL PROTECTED] wrote: clamav-config already exists, so far they haven't tied into it to examine a previous installation. It's a tool for software developers and not admins. -- oo. Tomasz Kojm [EMAIL PROTECTED] I understand it's intended purpose but I also believe that software can make use of the information provided by these scripts for programming purposes, during upgrades and/or testing for installation information. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav issues, possible cause of crashing/freezing of ClamAV software.
On Mar 01, 2005, at 09:04, Tomasz Kojm wrote: On Tue, 1 Mar 2005 08:03:35 -0500 Dale Walsh [EMAIL PROTECTED] wrote: What about the other issue regarding handlers and not releasing calls to cli_bm_addpatt? That's most likely improper use of libclamav (although I don't really understand what you're talking about ;-)). -- oo. Tomasz Kojm [EMAIL PROTECTED] Tomasz, I don't have to do anything but load the library and wait, I don't have to scan any files, I only have to wait, when something using libclamav calls cli_bm_addpatt it causes a segfault. ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav issues, possible cause of crashing/freezing of ClamAV software.
On Mar 01, 2005, at 09:04, Tomasz Kojm wrote: On Tue, 1 Mar 2005 08:03:35 -0500 Dale Walsh [EMAIL PROTECTED] wrote: What about the other issue regarding handlers and not releasing calls to cli_bm_addpatt? That's most likely improper use of libclamav (although I don't really understand what you're talking about ;-)). -- oo. Tomasz Kojm [EMAIL PROTECTED] Well Tomasz, it just crashed, I'm sitting at the gdb prompt, anything you want to examine from here? Program received signal EXC_BAD_ACCESS, Could not access memory. cli_bm_addpatt (root=0x205c80, pattern=0x21dd890) at matcher-bm.c:62 62 matcher-bm.c: No such file or directory. in matcher-bm.c (gdb) bt #0 cli_bm_addpatt (root=0x205c80, pattern=0x21dd890) at matcher-bm.c:62 #1 0x037eac80 in cli_parse_add (root=0x205c80, virname=0xbfffc240 Worm.JS.Redlof.A (Clam), hexsig=0xbfffc258 272f74765f706f7075702e68746d272c272f7669657765722e63666d3f2a7069643d272 c27302e63612f696e6465782e272c2733646c7576722e636f2a2f7769702f272c, type=0, offset=0x0, target=0) at readdb.c:413 #2 0x037eae70 in cli_loaddb (fd=0x0, root=0x21dd890, signo=0x205c80) at readdb.c:472 #3 0x037eb664 in cl_loaddb (filename=0x21dbaf0 /var/tmp//clamav-e72b5566372f1baf/daily.db, root=0x39e0b3c, signo=0x39e0b40) at readdb.c:735 #4 0x037eb870 in cl_loaddbdir (dirname=0x39e0b40 , root=0x39e0b3c, signo=0x39e0b40) at readdb.c:793 #5 0x0380b14c in cli_cvdload (fd=0xa0009b88, root=0x39e0b3c, signo=0xbfffc240, warn=-25632) at cvd.c:425 #6 0x037eb5ec in cl_loaddb (filename=0x21dbac0 /var/tmp//clamav-e72b5566372f1baf, root=0xa0009be0, signo=0xa0009b88) at readdb.c:725 #7 0x037eb870 in cl_loaddbdir (dirname=0xa0009b88 , root=0x21dbaf0, signo=0x39e0b3c) at readdb.c:793 #8 0x0354f39c in zm_activate_clam (type=1, module_number=25) at /SourceCache/apache_mod_php/apache_mod_php-17.5/php/ext/clam/clam.c:136 #9 0x037c570c in module_registry_request_startup (module=0x21f6240) at /SourceCache/apache_mod_php/apache_mod_php-17.5/php/Zend/zend_API.c: 1148 #10 0x037c9be0 in zend_hash_apply (ht=0x3a43f50, apply_func=0x37c56b0 module_registry_request_startup) at /SourceCache/apache_mod_php/apache_mod_php-17.5/php/Zend/zend_hash.c: 701 #11 0x037c013c in zend_activate_modules () at /SourceCache/apache_mod_php/apache_mod_php-17.5/php/Zend/zend.c:670 #12 0x0376ef28 in php_request_startup () at /SourceCache/apache_mod_php/apache_mod_php-17.5/php/main/main.c:937 #13 0x037e2d30 in apache_php_module_main (r=0x849480, display_source_mode=0) at /SourceCache/apache_mod_php/apache_mod_php-17.5/php/sapi/apache/ sapi_apache.c:33 #14 0x037e41b0 in send_php (r=0x849480, display_source_mode=0, filename=0x849d58 /www/mustangrestomods/index.php) at /SourceCache/apache_mod_php/apache_mod_php-17.5/php/sapi/apache/ mod_php4.c:621 #15 0x037e4230 in send_parsed_php (r=0x849480) at /SourceCache/apache_mod_php/apache_mod_php-17.5/php/sapi/apache/ mod_php4.c:636 #16 0x00013504 in ap_invoke_handler () #17 0x00023c60 in process_request_internal () #18 0x000241d0 in ap_internal_redirect () #19 0x0008ac70 in handle_dir () #20 0x00013504 in ap_invoke_handler () #21 0x00023c60 in process_request_internal () #22 0x00023cf0 in ap_process_request () #23 0x7c6c in child_main () #24 0x7ea8 in make_child () #25 0x808c in startup_children () #26 0x8a88 in standalone_main () #27 0x95e8 in main () #28 0x1bc4 in _start () #29 0x8fe1a558 in __dyld__dyld_start () (gdb) ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav issues, possible cause of crashing/freezing of ClamAV software.
On Mar 01, 2005, at 13:21, Tomasz Kojm wrote: On Tue, 1 Mar 2005 12:52:29 -0500 Dale Walsh [EMAIL PROTECTED] wrote: Well Tomasz, it just crashed, I'm sitting at the gdb prompt, anything you want to examine from here? Program received signal EXC_BAD_ACCESS, Could not access memory. cli_bm_addpatt (root=0x205c80, pattern=0x21dd890) at matcher-bm.c:62 62 matcher-bm.c: No such file or directory. in matcher-bm.c (gdb) bt #0 cli_bm_addpatt (root=0x205c80, pattern=0x21dd890) at matcher-bm.c:62 #1 0x037eac80 in cli_parse_add (root=0x205c80, virname=0xbfffc240 Worm.JS.Redlof.A (Clam), hexsig=0xbfffc258 272f74765f706f7075702e68746d272c272f7669657765722e63666d3f2a7069643d Is the problem reproducible with clamscan or clamd? In matcher-bm.c:62 change unsigned int size = DHASH(256, 256, 256); to unsigned int size = 131072; Does it help? So far, the FC1 looks like it doesn't hang any more and the Mac hasn't crashed since I've implemented the change (made an additional change as well). What I don't understand is how increasing the value of size in cli_bm_init() from 62.25k (127488 - DHASH( 211 *256 + 37 * 256 + 256)) to 128k (131072) is going to make that much of a difference but perhaps I'm missing something that is transpiring somewhere else that has a dramatic affect based on this value. Also, shouldn't I also adjust cli_bm_free() to be equivalent? (I did this already because it seemed to be the logical thing to do) -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav issues, possible cause of crashing/freezing of ClamAV software.
On Mar 01, 2005, at 16:05, Tomasz Kojm wrote: On Tue, 1 Mar 2005 15:56:51 -0500 Dale Walsh [EMAIL PROTECTED] wrote: 62.25k (127488 - DHASH( 211 *256 + 37 * 256 + 256)) Upon what have you based this (incorrect) calculation? -- oo. Tomasz Kojm [EMAIL PROTECTED] This calculation was based on the code from matcher-bm.c #define DHASH(a,b,c) 211 * a + 37 * b + c The value returned from DHASH(256,256,256) is 63744 or 62.25k so how can my calculation be wrong if this is what you wrote. Try this. pico dhash.c /*** * * test of DHASH(a,b,c) 211 * a + 37 * b + c * ***/ #include stdio.h #define DHASH(a,b,c) 211 * a + 37 * b + c int main (int argc, char * const argv[]){ int a, b, c; a=strtol(argv[1], 0, 10); b=strtol(argv[2], 0, 10); c=strtol(argv[3], 0, 10); int size = DHASH(a,b,c); printf(value is: %7d\n,size); } compile with gcc dhash.c -o dhash ./dhash 256 256 256 results is 63744 ./dhash 528 528 128 results is 131072 ./dhash 621 0 41 result is 131072 Based on your routine my calculations are correct and can be verified with a calculator. Also, what about the additional change I made to clI_bm_free(), was it appropriate to make it the same? If not why? Here are the actual changes I made to matcher-bm.c in case you aren't sure what I'm talking about. _ int cli_bm_init(struct cl_node *root) { int i; // unsigned int size = DHASH(256, 256, 256); unsigned int size = 131072; [snip...] void cli_bm_free(struct cl_node *root) { struct cli_bm_patt *b1, *b2; int i; // unsigned int size = DHASH(256, 256, 256); unsigned int size = 131072; ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav issues, possible cause of crashing/freezing of ClamAV software.
On Mar 01, 2005, at 16:41, Tomasz Kojm wrote: On Tue, 1 Mar 2005 16:33:20 -0500 Dale Walsh [EMAIL PROTECTED] wrote: On Mar 01, 2005, at 16:05, Tomasz Kojm wrote: On Tue, 1 Mar 2005 15:56:51 -0500 Dale Walsh [EMAIL PROTECTED] wrote: 62.25k (127488 - DHASH( 211 *256 + 37 * 256 + 256)) Upon what have you based this (incorrect) calculation? -- oo. Tomasz Kojm [EMAIL PROTECTED] From your code in matcher-bm.c No. Point me to the value of 127488 in my code. The subtraction is mysterious as well. BTW: Please subscribe to clamav-devel and answer this mail there. This discussion is out of scope of the user mailing list. -- oo. Tomasz Kojm [EMAIL PROTECTED] I was wondering how you figured my calculation was wrong, that was a typo... sorry... I did write the 63744 but I see where I wrote 127488, not sure what I was typing, must have been thinking of something else at that exact moment. I didn't even catch the type on your response, I do apologize... -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav issues, possible cause of crashing/freezing of ClamAV software.
The FC1 server hasn't froze and is still humming along and the Mac hasn't crashed so I'd say it may be resolved but I'll wait for a few db updates before I give a final update on this. ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Tool to upgrade
On Mar 01, 2005, at 19:59, Stephen Gran wrote: On Wed, Mar 02, 2005 at 12:34:33AM +0100, Steffen Heil said: Hi Now you're comparing ClamAV to close source software where such a model is easy and painless. And you are misunderstanding him. He voted for distinction between engine and host software. Which I think is really a great idea (not a new one though). This would require some major architectural changes to the way clamav operates, but would not in and of itself be impossible - it already is, for the most part, possible to upgrade the libraries that the binaries use, and then just restart the processes so they pick up the new library. And no reboot :) Show us an open-source security _software_ (and not Linux distributions, etc.) which serves binary updates to its users. This is not about serving binaries, this is about serving separated compile packages for engine and other software parts. Image having the engine (using some very well defined api) in a separate dll/so. Updates could be installed by copying the dll/so to the target systems and restarting the service. You understand that an .so file is a compiled binary, right? For which cpu platforms would you like the .so to be made available? And compiled against which versions of glibc, curl, lwrap, lmilter, and so on? Which kernel version, and which OS and OS version? If you want binary distribution, use a binary distribution. There are plenty to choose from out there. It is not the job of the people writing the code to make it available for every platform under the sun, and with every possible combination of compilers, libraries, kernels, and other OS quirks. Take care, It is my opinion that installing from an RPM package is a lazy way to get what you want in a kinda sorta way. You have to rely on the entire package if you don't know how to extract what you want and it may not have exactly what you want so you sacrifice and compromise to achieve your goal. I believe that building from source against your already installed, tested and proven environment is by far the best process to obtain exactly what you want and need without making any sacrifices or compromises. Ultimately, the environment is yours to manage in the way that you see fit. Installing ClamAV from someone else's RPM may work for you but you may wish to consider what it's actually costing you in the end. I've just rebuilt ClamAV from source on an FC1 and a Mac OSX server after making minor source code edits, the time involved on both machines was less than 15 minutes, this also included a complete rebuild of Apache and PHP on the Mac (I have fast machines) so using old and outdated software because your waiting on an updated RPM doesn't make any logical sense. I think your time would be better spent learning how to build from raw source to get what you need when you need it. Of course this is just my opinion and doesn't bear any weight to what you decide to do. ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav issues, possible cause of crashing/freezing of ClamAV software.
I feel confident in reporting that the freezing issue on my FC1 server has been eliminated by the info/change that Tomasz provided me with, I have disabled the cron job that was restarting the process every two hours to keep it from freezing and it's been humming along fine for 9 hours and I was lucky if it would go 4 hours without freezing. Here's a diff for those who wish to try it. ___ --- libclamav/matcher-bm.c.orig2004-11-26 12:22:13.0 -0700 +++ libclamav/matcher-bm.c2004-11-26 12:22:15.0 -0700 @@ -79,5 +79,5 @@ int cli_bm_init(struct cl_node *root) { int i; - unsigned int size = DHASH(256, 256, 256); + unsigned int size = DHASH(528, 528, 128); /* updated to 128k instead of 62.25k - DHASH(256, 256, 256) */ @@ -103,5 +103,5 @@ { struct cli_bm_patt *b1, *b2; int i; - unsigned int size = DHASH(256, 256, 256); + unsigned int size = DHASH(528, 528, 128); /* updated to 128k instead of 62.25k - DHASH(256, 256, 256) */ ___ -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] php-clamav
I'm rewriting this module based on some functionality issues with the original code. If your interested, examne: (these are built in functions including the logo) http://www.daleenterprise.com/info.php (scroll down to see it, click the logo) and http://www.daleenterprise.com/clamav_info.php (click the logo) To see it in action: http://www.daleenterprise.com/test.php It's still under development and I'm having a crash issue with a clamav function [cli_bm_addpatt + 0xbc (matcher-bm.c:62)] but I am working on it and hopefully I can get Tomasz to enable the shared libraries which have been disabled since 0.80. It can be built embedded into PHP (bundled) or as an extension (extension) as denoted in the visible version of the info. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] socket-addr doesn't agree with sendmail.cf ... !!
in your sendmail, all that is important is anything related to ClamAV. Look in all your conf file and find where you specify the .sock file It's also not the only CLamAV conf file used in your install. -- Dale On Feb 28, 2005, at 08:34, Dave Smith wrote: Clamav.conf has this in it: Title = Clamav LogFile = messages *OnlyService = clamd *RemoveHeaders sendmail.cf is probably too long t post here. What should I be looking for? On Mon, 2005-02-28 at 20:04 -0500, Dale Walsh wrote: On Feb 28, 2005, at 07:49, Dave Smith wrote: I use Fedora Core 3. On booting up I notice an error message which suggests a problem with the way in which ClamAV is set up. The following four lines from the boot log give an indication of what I mean: Feb 28 07:14:58 localhost clamav-milter: clamav-milter: socket-addr (local:/var/clamav/clmilter.socket) doesn't agree with sendmail.cf Feb 28 07:14:58 localhost clamav-milter: clamav-milter startup failed Feb 28 07:14:59 localhost sendmail: sendmail startup succeeded Feb 28 07:14:59 localhost sendmail: sm-client startup succeeded Can anyone quickly tell me what this means and what I need to do to correct he problem? Thanks. Dave It looks like you have defined 2 instances clamav-milter.sock or you defined one location and set a pointer to another. What's in your sendmail.cf file and what's in your clamav conf files? ___ http://lurker.clamav.net/list/clamav-users.html Dave Smith Struggle - Solidarity - Socialism E-mail: [EMAIL PROTECTED] Tel: (868) 683-5305 SMS: [EMAIL PROTECTED] ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] php-clamav
++)); free(data); } zend_hash_update(return_value-value.ht, ds_namv, sizeof(ds_namv), (void *)p_ds_namv, sizeof(zval *), NULL); zend_hash_update(return_value-value.ht, data, sizeof(data), (void *)p_data, sizeof(zval *), NULL); } else { RETVAL_FALSE; } for (i = 1; i argc; i++) efree(argv[i]); efree(argv); } else { WRONG_PARAM_COUNT; } return; } /* }}} */ PHP_FUNCTION(rrdtool_info) { if (ZEND_NUM_ARGS()!=0) { ZEND_WRONG_PARAM_COUNT(); RETURN_FALSE; } PUTS(!DOCTYPE html PUBLIC \-//W3C//DTD XHTML 1.0 Transitional//EN\ \DTD/xhtml1-transitional.dtd\\n); PUTS(html); PUTS(head\n); php_info_print_style(TSRMLS_C); PUTS(titlegd_info()/title); PUTS(/head\n); PUTS(bodydiv class=\center\\n); php_info_print_box_start(1); php_printf(h1 class=\p\RRDTool Version %s/h1\n, PHP_RRD_VERSION_STRING); php_info_print_box_end(); php_info_print_table_start(); php_info_print_table_row(2, System, PHP_UNAME ); php_info_print_table_row(2, Build Date, __DATE__ __TIME__ ); php_info_print_table_header(2, rrdtool Support,Enabled); php_info_print_table_end(); PUTS(h2RRDTOOL Copyright/h2\n); php_info_print_box_start(0); PUTS(COPYRIGHT STATEMENT FOLLOWS THIS LINE/p\nblockquote\n); PUTS(pPortions copyright 2005 by Dale Walsh ([EMAIL PROTECTED])./p\n); PUTS(pPortions relating to rrdtool 1999, 2000, 2001, 2002, 2003, 2004, 2005 by Tobias Oetiker./p\n); php_info_print_box_end(); PUTS(h2RRDTOOL License/h2\n); php_info_print_box_start(0); PUTS(pbPermission has been granted to copy, distribute and modify rrd in any context without fee, including a commercial application, provided that this notice is present in user-accessible supporting documentation. /b/p); PUTS(pThis does not affect your ownership of the derived work itself, and the intent is to assure proper credit for the authors of rrdtool, not to interfere with your productive use of rrdtool. If you have questions, ask. \Derived works\ ); PUTS(includes all programs that utilize the library. Credit must be given in user-accessible documentation./p\n); PUTS(pbThis software is provided \AS IS.\/b The copyright holders disclaim all warranties, either express or implied, including but not limited to implied warranties of merchantability and fitness for a particular purpose, ); PUTS(with respect to this code and accompanying documentation./p\n); php_info_print_box_end(); PUTS(h2Special Thanks/h2\n); php_info_print_box_start(0); PUTS(pPerl by Larry Wall); PUTS(pgd library by Thomas Boutell); PUTS(pgifcode from David Koblas); PUTS(plibpng by Glenn Randers-Pehrson / Andreas Eric Dilger / Guy Eric Schalnat); PUTS(pcgilib by Martin Schulze); PUTS(pzlib by Jean-loup Gailly and Mark Adler); PUTS(pPortions relating to php4 and php5 bindings, Dale Walsh ([EMAIL PROTECTED])); php_info_print_box_end(); PUTS(/div/body/html); } /* }}} */ #endif /* HAVE_RRDTOOL */ test.php Description: application/text ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Does ClamAV crash?
On Feb 23, 2005, at 21:06, Tomasz Kojm wrote: On Mon, 21 Feb 2005 08:15:51 -0500 Dale Walsh [EMAIL PROTECTED] wrote: exactly the same problem and I have been tracing the process and it seems to occur during a freshclam cvd update (when it actually updates the virus db files) and now appears to have little to do with external use of the shared libraries because I have nothing accessing them on any system yet it continues to hang on the FC1 server after a couple of db updates and the FreeBSD system clamd just dies so I'll wait until the next time it dies and see where it leads me. Sounds like a known problem with 0.81. Upgrade to 0.83. -- oo. Tomasz Kojm [EMAIL PROTECTED] I have currently downgraded one of my servers to 0.80, it has been running for several days now without a single crash or restart required. Are you aware of the actual problem and are working on a solution or should I continue with the debug in the hopes of finding the problem (time permitting)? Learning gdb basics overnight wasn't fun. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: SV: [Clamav-users] Clamav.conf parameters revisited
On Feb 24, 2005, at 04:23, [EMAIL PROTECTED] wrote: - Tomasz Now I am confused on a higher level :-) My spamassassin shows: C:\Perl\binspamassassin.bat -V SpamAssassin version 3.0.2 running on Perl version 5.8.6 So what is 0.8x a reference to ? L.O.L. It's a version reference for ClamAV. Best regards Harald Villemoes [EMAIL PROTECTED] -Oprindelig meddelelse- Fra: Tomasz Kojm [mailto:[EMAIL PROTECTED] Sendt: 24. februar 2005 03:40 Til: ClamAV users ML Emne: Re: [Clamav-users] Clamav.conf parameters revisited On Mon, 21 Feb 2005 21:21:09 +0100 Harald Villemoes [EMAIL PROTECTED] wrote: I have a novice question. I am running clamav on a W2003server (clamWin / cygwin) and are very happy with it. I use it through the clamscan interface, but expect to be able to run much faster using clamav and clamdscan. Unfortunately I cannot read the man pages except in raw format, which is not very convenient. Can I read the clamav.conf parameter description somewhere on the net ? First upgrade to 0.8x which uses clamd.conf instead of clamav.conf. You will find a well commented example in clamav-0.8x/etc/clamd.conf -- oo. Tomasz Kojm [EMAIL PROTECTED] (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg \..._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Thu Feb 24 03:39:19 CET 2005 ___ http://lurker.clamav.net/list/clamav-users.html ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] libclamav
On Feb 24, 2005, at 07:12, Victor wrote: Hello, Why my ClamAV don't install libclamav ??? I've looked for in /usr/lib , /usr/local/lib and /var/lib. My install commands: ./configure --prefix=/usr --sysconfdir=/etc make make check make install Thanks :-) When building use the following command (substitute [user_name] and [group_name] for actual names) ./configure ---prefix=/usr --mandir=/usr/share/man --sysconfdir=/etc --enable-bigstack --with-user=[user_name] --with-group=[group_name] --enable-shared -- Dale___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: Freshclam and Cron
On Feb 22, 2005, at 14:46, René Berber wrote: [EMAIL PROTECTED] wrote: Freshclam via cron What sort of update intervals are people using, and can someone show me a working crontab entry? I've tried calling freshclam like this via a crontab entry 06 0 * * * /usr/local/bin/freshclam BUt it doesn't seem to work. Which means I'm probably missing somethign obvious. I have # ClamAV 57 12 * * * /usr/bin/freshclam --quiet and it means run once a day, at 12:57, every day, every month, every week day, and (cron) don't send me messages that it ran. If you have a mail server you should run it more often, your cron line says once at 0:06 hours. In different implementations of cron there is the possibility of using several variants, for instance: 57 12/2 * * * /usr/bin/freshclam --quiet would mean run every 2 hours starting at 12:57, this is for Paul Vixie's cron implementation. In other cron implementations (the one in Solaris for instance) the same would have to be written explicitly: 57 12,14,16,18,20,22,0,2,4,6,8,10 * * * /usr/bin/freshclam --quiet So, read your cron and crontab (usually 2) manuals. -- René I can't understand why everyone runs this through cron when it doesn't eat much memory or cpu cycles when run as a daemon? -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Does ClamAV crash?
On Feb 21, 2005, at 01:52, Tomasz Kojm wrote: On Mon, 21 Feb 2005 01:39:20 -0500 Dale Walsh [EMAIL PROTECTED] wrote: These are systems I have been able to see ClamAV either crash or freeze on (can only do gdb on Mac due to access, I own them.) and the problem appears to be related to the shared library more than anything else from what I can tell (meaning, if you use the library, it will crash and I'm assuming it does when it's adding a new viri def as I believe is being noted in the bt on frame 1) Digging back, problems seems to have been introduced in 0.81. OSX 10.3.4, 10.3.7, 10.3.8 FreeBSD 5.2, 5.3 FC1 It's most likely a programming bug. You know what my last (private) advice to you was... -- oo. Tomasz Kojm [EMAIL PROTECTED] I do recall the last private message and I can't see how that applies to several different OS environments. I didn't do the FC1 or FreeBSD 5.2 install but I did do the others, I have since been able to get gbd installed on the FreeBSd 5.2 server and have been keeping an eye on it and it looks like it hangs with exactly the same problem and I have been tracing the process and it seems to occur during a freshclam cvd update (when it actually updates the virus db files) and now appears to have little to do with external use of the shared libraries because I have nothing accessing them on any system yet it continues to hang on the FC1 server after a couple of db updates and the FreeBSD system clamd just dies so I'll wait until the next time it dies and see where it leads me. Building the source on FreeBSD gives warnings about redefines of int8_t and some others while on the Mac, I get other warnings but nothing that stops the build process. The issue with linking on the Mac has been resolved by the latest OS/Dev Tools update. -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] moving ml
On Feb 20, 2005, at 04:24, Luca Gibelli wrote: Please bear with us as we move the ml. our primary ml server is back online. Should you encounter any problem, please contact me or Mike Cathey privately. Our contacts are on the website. Best regards -- That was smooth, never even noticed a hickup... -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Does ClamAV crash?
Seems to be a problem with the latest software, here's some debug info: gdb /usr/sbin/clamd GNU gdb 5.3-20030128 (Apple version gdb-330.1) (Fri Jul 16 21:42:28 GMT 2004) Copyright 2003 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type show copying to see the conditions. There is absolutely no warranty for GDB. Type show warranty for details. This GDB was configured as powerpc-apple-darwin. Reading symbols for shared libraries .. done (gdb) run Starting program: /usr/sbin/clamd Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries .+ done Reading symbols for shared libraries . done Reading symbols for shared libraries . done Reading symbols for shared libraries done Program received signal EXC_BAD_ACCESS, Could not access memory. cli_bm_addpatt (root=0x2308040, pattern=0x2308020) at matcher-bm.c:62 62 if(pt[0] = next-pattern[0]) (gdb) bt #0 cli_bm_addpatt (root=0x2308040, pattern=0x2308020) at matcher-bm.c:62 #1 0x03145c50 in cli_parse_add (root=0x2308040, virname=0xbfffc440 Worm.JS.Redlof.A (Clam), hexsig=0xbfffc458 272f74765f706f7075702e68746d272c272f7669657765722e63666d3f2a7069643d272 c27302e63612f696e6465782e272c2733646c7576722e636f2a2f7769702f272c, type=0, offset=0x0, target=0) at readdb.c:413 #2 0x03145e40 in cli_loaddb (fd=0x0, root=0x2308020, signo=0x2308040) at readdb.c:472 #3 0x03146634 in cl_loaddb (filename=0x1e2d20 /var/tmp//clamav-7d05d42b969f88ba/daily.db, root=0x332f91c, signo=0x332f920) at readdb.c:735 #4 0x03146840 in cl_loaddbdir (dirname=0x332f920 , root=0x332f91c, signo=0x332f920) at readdb.c:793 #5 0x03165ccc in cli_cvdload (fd=0xa0009ad8, root=0x332f91c, signo=0xbfffc440, warn=-25808) at cvd.c:425 #6 0x031465bc in cl_loaddb (filename=0x2307ff0 /var/tmp//clamav-7d05d42b969f88ba, root=0xa0009b30, signo=0xa0009ad8) at readdb.c:725 #7 0x03146840 in cl_loaddbdir (dirname=0xa0009ad8 , root=0x1e2d20, signo=0x332f91c) at readdb.c:793 ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Does ClamAV crash?
These are systems I have been able to see ClamAV either crash or freeze on (can only do gdb on Mac due to access, I own them.) and the problem appears to be related to the shared library more than anything else from what I can tell (meaning, if you use the library, it will crash and I'm assuming it does when it's adding a new viri def as I believe is being noted in the bt on frame 1) Digging back, problems seems to have been introduced in 0.81. OSX 10.3.4, 10.3.7, 10.3.8 FreeBSD 5.2, 5.3 FC1 On Feb 20, 2005, at 18:40, Tomasz Kojm wrote: On Sun, 20 Feb 2005 13:34:07 -0500 Dale Walsh [EMAIL PROTECTED] wrote: Seems to be a problem with the latest software, here's some debug info: [...] Program received signal EXC_BAD_ACCESS, Could not access memory. cli_bm_addpatt (root=0x2308040, pattern=0x2308020) at matcher-bm.c:62 62 if(pt[0] = next-pattern[0]) (gdb) bt #0 cli_bm_addpatt (root=0x2308040, pattern=0x2308020) at matcher-bm.c:62 #1 0x03145c50 in cli_parse_add (root=0x2308040, virname=0xbfffc440 Worm.JS.Redlof.A (Clam), hexsig=0xbfffc458 272f74765f706f7075702e68746d272c272f7669657765722e63666d3f2a7069643d OS? Architecture? Is the problem reproducible? -- oo. Tomasz Kojm [EMAIL PROTECTED] (\/)\. http://www.ClamAV.net/gpg/tkojm.gpg \..._ 0DCA5A08407D5288279DB43454822DC8985A444B //\ /\ Mon Feb 21 00:38:24 CET 2005 ___ http://lurker.clamav.net/list/clamav-users.html mime-attachment Description: Binary data ___ http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] no socket
On Feb 17, 2005, at 21:26, shams rahman wrote: hi, I installed the clamav-0.83.tar.gz,and conigure it for local socket,and enabled the /var/run/clamav/clamd.sock,then i run the freshclam and get an error, this is the output: ClamAV update process started at Thu Feb 17 17:41:13 2005 main.cvd is up to date (version: 29, sigs: 29086, f-level: 3, builder: tomek) Downloading daily.cvd [*] daily.cvd updated (version: 708, sigs: 1817, f-level: 4, builder: ccordes) Database updated (30903 signatures) from db.pk.clamav.net ERROR: Clamd was NOT notified: Can't connect to clamd through /var/run/clamav/clamd.sock connect(): No such file or directory when i checked realy there is no folder named clamav in /var/run,and abviously the no clamd.sock, plz help me how i can create or add this socket the /var/run? create the clamav folder in run and set the appropriate attributes. regards -- Dale ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Re: [Clamav-users] No announcement of 0.83 on clamav-announce ML
On Feb 16, 2005, at 02:44, Dennis Peterson wrote: christian laubscher said: On Tue, Feb 15, 2005 at 06:40:42PM -0700, Hal Goldfarb wrote: [...] I also think RPM binaries should be made available before an official release. [...] please not! Piggy-backing: Maybe they could stick a broom up their bum and sweep the floor at the same time, too. Dayum, guy - this stuff is free. Get off your butt and build your own binaries - hell, it takes maybe 10 minutes, is repeatable, and you get all the credit. Don't even suggest they put my Solaris source builds in limbo until all the weenies have their little rpm's all bundled up, ribboned, bowed, and ready for a point and click install. This is not rocket science - rocket science is loud and makes smoke trails. Y'all are giving Unix a bad name. dp Well put... -- Dale ___ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users