Bug#1031896: [Pkg-clamav-devel] Bug#1031896: libclamav11: LibClamAV Error: Can't verify database integrity, breaks amavis
On February 24, 2023 8:50:47 PM UTC, Sebastian Andrzej Siewior wrote: >On 2023-02-24 12:44:49 [-0800], Nye Liu wrote: >> On Fri, Feb 24, 2023 at 09:39:03PM +0100, Sebastian Andrzej Siewior wrote: >> > Can you re-install libtfm1 and ensure that both point to that lib? >> >> libtfm1 0.13-4.1 fixed the problem. Should probably be version bumped in the >> pkg dependency, 0.13.1-1 seems broken. > >Why did I say that you version looks since it clearly did not. >Hmm. This may break upgrades as it seems. > >Scott? Just this tiny change or do we have something else pending? I don't know of anything. I'd go ahead and upload the fix. Scott K
Bug#1031896: [Pkg-clamav-devel] Bug#1031896: libclamav11: LibClamAV Error: Can't verify database integrity, breaks amavis
On Fri, Feb 24, 2023 at 09:50:47PM +0100, Sebastian Andrzej Siewior wrote: > On 2023-02-24 12:44:49 [-0800], Nye Liu wrote: > > On Fri, Feb 24, 2023 at 09:39:03PM +0100, Sebastian Andrzej Siewior wrote: > > > Can you re-install libtfm1 and ensure that both point to that lib? > > > > libtfm1 0.13-4.1 fixed the problem. Should probably be version bumped in the > > pkg dependency, 0.13.1-1 seems broken. > > Why did I say that you version looks since it clearly did not. > Hmm. This may break upgrades as it seems. This is really odd, as i clearly see 0.13.4-1 in the dependency, but for some reason apt did not upgrade from 0.13.1-1
Bug#1031896: [Pkg-clamav-devel] Bug#1031896: libclamav11: LibClamAV Error: Can't verify database integrity, breaks amavis
On 2023-02-24 12:44:49 [-0800], Nye Liu wrote: > On Fri, Feb 24, 2023 at 09:39:03PM +0100, Sebastian Andrzej Siewior wrote: > > Can you re-install libtfm1 and ensure that both point to that lib? > > libtfm1 0.13-4.1 fixed the problem. Should probably be version bumped in the > pkg dependency, 0.13.1-1 seems broken. Why did I say that you version looks since it clearly did not. Hmm. This may break upgrades as it seems. Scott? Just this tiny change or do we have something else pending? Sebastian
Bug#1031896: [Pkg-clamav-devel] Bug#1031896: libclamav11: LibClamAV Error: Can't verify database integrity, breaks amavis
On Fri, Feb 24, 2023 at 09:39:03PM +0100, Sebastian Andrzej Siewior wrote: > Can you re-install libtfm1 and ensure that both point to that lib? libtfm1 0.13-4.1 fixed the problem. Should probably be version bumped in the pkg dependency, 0.13.1-1 seems broken.
Bug#1031896: [Pkg-clamav-devel] Bug#1031896: libclamav11: LibClamAV Error: Can't verify database integrity, breaks amavis
On 2023-02-24 12:21:48 [-0800], Nye Liu wrote: > Feb 24 12:19:44 ln clamd[1537504]: LibClamAV debug: in cli_cvdload() > Feb 24 12:19:44 ln clamd[1537504]: LibClamAV debug: MD5(.tar.gz) = > f7eaac9ce4a83cc4c2526fe8f7d669db > Feb 24 12:19:44 ln clamd[1537504]: LibClamAV debug: cli_versig: Decoded > signature: Can you re-install libtfm1 and ensure that both point to that lib? | # ldd /lib/x86_64-linux-gnu/libclamav.so.11 | grep tfm | libtfm.so.1 => /lib/x86_64-linux-gnu/libtfm.so.1 (0x7f2d37989000) | # ldd /usr/sbin/clamd |grep tfm | libtfm.so.1 => /lib/x86_64-linux-gnu/libtfm.so.1 (0x7f2c277a8000) | # grep tfm /proc/clamd_pid/maps | 7f76e6fc6000-7f76e6fc8000 r--p 08:01 8536033 /usr/lib/x86_64-linux-gnu/libtfm.so.1.0.0 | 7f76e6fc8000-7f76e7039000 r-xp 2000 08:01 8536033 /usr/lib/x86_64-linux-gnu/libtfm.so.1.0.0 | 7f76e7039000-7f76e703b000 r--p 00073000 08:01 8536033 /usr/lib/x86_64-linux-gnu/libtfm.so.1.0.0 | 7f76e703b000-7f76e703c000 r--p 00075000 08:01 8536033 /usr/lib/x86_64-linux-gnu/libtfm.so.1.0.0 | 7f76e703c000-7f76e703d000 rw-p 00076000 08:01 8536033 /usr/lib/x86_64-linux-gnu/libtfm.so.1.0.0 That 0…0 in decoded signature looks like badly computed. Sebastian
Bug#1031896: [Pkg-clamav-devel] Bug#1031896: libclamav11: LibClamAV Error: Can't verify database integrity, breaks amavis
On Fri, Feb 24, 2023 at 09:16:06PM +0100, Sebastian Andrzej Siewior wrote:
> Is this a debian box or do you have other additions?
No other additions, pure sid
> You could set Debug true in /etc/clamav/clamav.conf and check what the
> additionial debug says.
Feb 24 12:09:38 ln freshclam[1499626]: Fri Feb 24 12:09:38 2023 -> Received
signal: wake up
Feb 24 12:09:38 ln freshclam[1499626]: Fri Feb 24 12:09:38 2023 -> ClamAV
update process started at Fri Feb 24 12:09:38 2023
Feb 24 12:09:38 ln freshclam[1499626]: Fri Feb 24 12:09:38 2023 -> daily.cvd
database is up-to-date (version: 26822, sigs: 2021791, f-level: 90, builder:
raynman)
Feb 24 12:09:38 ln freshclam[1499626]: Fri Feb 24 12:09:38 2023 -> main.cvd
database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder:
sigmgr)
Feb 24 12:09:38 ln freshclam[1499626]: Fri Feb 24 12:09:38 2023 -> bytecode.cvd
database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
Feb 24 12:19:44 ln clamd[1537504]: LibClamAV debug: Initialized 1.0.1 engine
Feb 24 12:19:44 ln clamd[1537504]: LibClamAV debug: Initializing phishcheck
module
Feb 24 12:19:44 ln clamd[1537504]: LibClamAV debug: Phishcheck: Compiling
regex: ^ *(http|https|ftp:(//)?)?[0-9]{1,3}(\.[0-9]{1,3}){3}[/?:]? *$
Feb 24 12:19:44 ln clamd[1537504]: LibClamAV debug: Phishcheck module
initialized
Feb 24 12:19:44 ln clamd[1537504]: LibClamAV debug: Bytecode initialized in
interpreter mode
Feb 24 12:19:44 ln clamd[1537504]: LibClamAV debug: Loading databases from
/var/lib/clamav
Feb 24 12:19:44 ln clamd[1537504]: LibClamAV debug: in cli_cvdload()
Feb 24 12:19:44 ln clamd[1537504]: LibClamAV debug: MD5(.tar.gz) =
f7eaac9ce4a83cc4c2526fe8f7d669db
Feb 24 12:19:44 ln clamd[1537504]: LibClamAV debug: cli_versig: Decoded
signature:
Feb 24 12:19:44 ln clamd[1537504]: LibClamAV debug: cli_versig: Signature
doesn't match.
Feb 24 12:19:44 ln clamd[1537504]: LibClamAV debug: cli_cvdverify: Digital
signature verification error
Feb 24 12:19:44 ln clamd[1537504]: LibClamAV Error: Can't load
/var/lib/clamav/daily.cvd: Can't verify database integrity
Feb 24 12:19:44 ln clamd[1537504]: LibClamAV Error: cli_loaddbdir: error
loading database /var/lib/clamav/daily.cvd
Feb 24 12:19:44 ln clamd[1537504]: ERROR: Fri Feb 24 12:19:44 2023 -> Can't
verify database integrity
Feb 24 12:19:44 ln systemd[1]: clamav-daemon.service: Main process exited,
code=exited, status=1/FAILURE
Feb 24 12:19:44 ln systemd[1]: clamav-daemon.service: Failed with result
'exit-code'.
Bug#1031896: [Pkg-clamav-devel] Bug#1031896: libclamav11: LibClamAV Error: Can't verify database integrity, breaks amavis
On 2023-02-24 11:22:12 [-0800], Nye Liu wrote: > Tried mirroring working cvds from another machine > > $ md5sum * > 09c62fbb8d2de9cfeca516b3927347ba bytecode.cvd > 7294b378c7bd3bf86314365d96aea3e4 daily.cvd > a7bd2fc1eafcb260e76769a5821cb204 freshclam.dat > 3a42e5027c90fba0e54d2abdaa9e86b4 main.cvd on a production box I have | # md5sum * | 6cfebae5fcddb7b948bc4cd8b0f37601 bytecode.cld | 731d8081d1f1b16bf878629091422717 daily.cld | 0c358509cd3252b93d4d2ce2ad12b7f6 main.cld However on my devel VM I installed it fresh, dowloaded the DB and have also: | 09c62fbb8d2de9cfeca516b3927347ba bytecode.cvd | 7294b378c7bd3bf86314365d96aea3e4 daily.cvd | 3a42e5027c90fba0e54d2abdaa9e86b4 main.cvd and here clamav starts up. > Architecture: amd64 (x86_64) > Foreign Architectures: i386 have this, too. > Kernel: Linux 5.8.3-x86_64-linode137 (SMP w/4 CPU threads; PREEMPT) Is this a debian box or do you have other additions? > Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not > set > Shell: /bin/sh linked to /usr/bin/dash > Init: systemd (via /run/systemd/system) > > Versions of packages libclamav11 depends on: > ii libtfm1 0.13-4.1 This looks good, too. You could set Debug true in /etc/clamav/clamav.conf and check what the additionial debug says. Sebastian
