[Case 82549] clamav / freshclam cron errors after 11.40 upgrade

sneader

Well-Known Member
Aug 21, 2003
1,178
57
178
La Crosse, WI
cPanel Access Level
Root Administrator
After I received the auto-update to 11.40 Stable, I am getting nightly emails from all upgraded servers that say:

Subject: Cron <[email protected]> /usr/local/cpanel/3rdparty/bin/freshclam --quiet --no-warnings
Body: ERROR: Can't create temporary directory /usr/local/cpanel/3rdparty/share/clamav/clamav-f71fc59af56332934ef9ef55768bd6bc.tmp

The /usr/local/cpanel/3rdparty/share/clamav/ directory exists with 755 permissions, owned by root. So, if freshclam is running as clamav, then I can see why it can't create files/folders.

Known issue? Should I open a ticket? Should I just change permissions or ownership to let clamav write?

- Scott
 

domhandy

Member
Nov 3, 2008
7
0
51
United Kingdom
cPanel Access Level
Root Administrator
Apparently, this is a known issue which should be fixed at the next update, but in the meantime you can just run this command to solve it.

chown clamav:clamav /usr/local/cpanel/3rdparty/share/clamav
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
Hello :)

There is an internal case open to address this issue. For reference, the case number is 82549. The temporary workaround is to update the ownership of the directory via:

Code:
chown clamav:clamav /usr/local/cpanel/3rdparty/share/clamav
Please monitor our Change Log for this case number to see when a resolution has been pushed out.

Thank you.
 

sneader

Well-Known Member
Aug 21, 2003
1,178
57
178
La Crosse, WI
cPanel Access Level
Root Administrator
Thanks! Always amazes me that these things get through Edge, Release and Current, and make it to my Stable releases. :)

- Scott
 

Kent Brockman

Well-Known Member
PartnerNOC
Jan 20, 2008
1,248
50
178
Buenos Aires, Argentina
cPanel Access Level
Root Administrator
Hi. Same here. It looks like this chown solution reduced the high load in the server.

BTW, I wanted to ask a question regarding clamd services: In the Service Manager I see an entry for clamd, and at the bottom of page, under Additional Services, there is another one: clamd.rpmorig
I checked the options to enable and monitor, both options. Is that ok? should I disable one of them?

I'm also running WHM 11.40.0 (build 26) "STABLE"

Thanks!
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,201
363
BTW, I wanted to ask a question regarding clamd services: In the Service Manager I see an entry for clamd, and at the bottom of page, under Additional Services, there is another one: clamd.rpmorig
I checked the options to enable and monitor, both options. Is that ok? should I disable one of them?
It's better to post separate issues to new threads so they are handled individually. I have copied your last post to a new thread at:

"clamd.rpmorig" and "clamd.rpmsave" service

Thank you.
 

Frank Broughton

Active Member
Feb 8, 2006
32
0
156
Thanks Michael... quick search and issue solved. I like it when as issue is easily solved (as we all do eh?).
 

Trane Francks

Well-Known Member
Jun 19, 2012
100
19
68
Machida, Tokyo, Japan
cPanel Access Level
Root Administrator
Thanks! Always amazes me that these things get through Edge, Release and Current, and make it to my Stable releases. :)

- Scott
Yep, gotta agree with that one. You'd think that something as simple as that would be sorted by the time Stable gets updated. Apparently not. (That's kinda the whole idea behind being ON Stable in the first place.)
 

nibb

Well-Known Member
Mar 22, 2008
319
5
68
It also amazes me how this things get trough several beta and edge versions before going into stable. Also, cPanel is pretty much standarized now with just supporting a single OS, RHEL/CENTOS so how exactly are this things not popping up in your lab testing?

I´m just curious how some of this bugs are found when versions go live.
 
Last edited:

manokiss

Well-Known Member
Mar 31, 2002
575
0
316
We had the same problem, chowned the directory and ran freshclam to update the dbase...but again after it if we try to scan a directory it keeps saying the following at the beginning of the scan:

LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************

Any idea what is going on? we are on 11.40.0 build 31

Thanx in advance!
 

manokiss

Well-Known Member
Mar 31, 2002
575
0
316
Please update cPanel to the latest version available on your build tier. Currently, all build tiers are at cPanel version 11.40.1.9.

Thank you.
Thanx Michael, but that did not fix the problem. I did open a ticket and looks like on 11.40 update there was a bug with the symlinks. Here is the tech reply/fix in case someone else have the same problem.

---
# which clamscan
/usr/bin/clamscan

# mv /usr/bin/clamscan{,.old}
# ln -s /usr/local/cpanel/3rdparty/bin/clamscan /usr/bin/clamscan
---

Thanx!