Problem updating ClamAV

jlucho

Well-Known Member
Aug 5, 2006
85
1
158
hi

I have a problem with updating clamav

=====================================
[[email protected] ~]# freshclam

ClamAV update process started at Mon Nov 26 11:25:09 2018
WARNING: getpatch: Can't download main-55.cdiff from database.clamav.net
WARNING: getpatch: Can't download main-55.cdiff from database.clamav.net
ERROR: getpatch: Can't download main-55.cdiff from database.clamav.net
WARNING: Incremental update failed, trying to download main.cvd
ERROR: Can't download main.cvd from database.clamav.net
Giving up on database.clamav.net...
Update failed. Your network may be down or none of the mirrors listed in /usr/local/cpanel/3rdparty/etc/freshclam.conf is working. Check ClamavNet for possible reasons.
[[email protected] ~]#

=====================================


Likewise, when I try to restart exim, it shows the following error message



=====================================
Startup Log
Starting clamd: LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
LibClamAV Warning: Detected duplicate databases /usr/local/cpanel/3rdparty/share/clamav/main.cvd and /usr/local/cpanel/3rdparty/share/clamav/main.cld. The /usr/local/cpanel/3rdparty/share/clamav/main.cvd database is older and will not be loaded, you should manually remove it from the database directory.
=====================================


How can I solve this problem?

Thank
 

jlucho

Well-Known Member
Aug 5, 2006
85
1
158
Thanks for your quick response

Effectively, I made the recommendation, delete main.cvd file, but, the problem persists

==================================================
ClamAV update process started at Mon Nov 26 11:58:00 2018
main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
WARNING: getpatch: Can't download daily-17559.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-17559.cdiff from database.clamav.net
ERROR: getpatch: Can't download daily-17559.cdiff from database.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
ERROR: Can't download daily.cvd from database.clamav.net
Giving up on database.clamav.net...
Update failed. Your network may be down or none of the mirrors listed in /usr/local/cpanel/3rdparty/etc/freshclam.conf is working. Check ClamavNet for possible reasons.
==================================================


when restarting exim, it no longer shows any error message


==================================================
Startup Log
Starting clamd: LibClamAV Warning: **************************************************
LibClamAV Warning: *** The virus database is older than 7 days! ***
LibClamAV Warning: *** Please update it as soon as possible. ***
LibClamAV Warning: **************************************************
[ OK ]
==================================================


How to solve the update problem?
 

jlucho

Well-Known Member
Aug 5, 2006
85
1
158
Yes, yes there is an answer

[[email protected] ~]# dig database.clamav.net

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.68.rc1.el6_10.1 <<>> database.clamav.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9419
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;database.clamav.net. IN A

;; ANSWER SECTION:
database.clamav.net. 37 IN CNAME database.clamav.net.cdn.cloudflare.net.
database.clamav.net.cdn.cloudflare.net. 300 IN A 104.16.189.138
database.clamav.net.cdn.cloudflare.net. 300 IN A 104.16.188.138
database.clamav.net.cdn.cloudflare.net. 300 IN A 104.16.186.138
database.clamav.net.cdn.cloudflare.net. 300 IN A 104.16.187.138
database.clamav.net.cdn.cloudflare.net. 300 IN A 104.16.185.138

;; Query time: 11 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Mon Nov 26 14:06:06 2018
;; MSG SIZE rcvd: 166
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,272
313
Houston
Hi @jlucho


Not only would it be useful to check if the firewall is accepting connections from database.clamav.net but it might also be useful to check the conf file to ensure that you don't have any private mirrors set.


Thanks!
 

jlucho

Well-Known Member
Aug 5, 2006
85
1
158
deactivate CSF, to avoid some kind of blocking

try to update clamav, and the problem persists


=====================================
[[email protected] ~]# freshclam

ClamAV update process started at Tue Nov 27 21:07:14 2018
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
WARNING: getpatch: Can't download daily-25156.cdiff from database.clamav.net
WARNING: getpatch: Can't download daily-25156.cdiff from database.clamav.net
ERROR: getpatch: Can't download daily-25156.cdiff from database.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
ERROR: Can't download daily.cvd from database.clamav.net
Giving up on database.clamav.net...
Update failed. Your network may be down or none of the mirrors listed in /usr/local/cpanel/3rdparty/etc/freshclam.conf is working. Check ClamavNet for possible reasons.


[[email protected] ~]#

=====================================


in file "freshclam.conf" , show :

DatabaseMirror database.clamav.net


Now, what could be the cause of the problem?
 
Last edited:

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,272
313
Houston
Hi @jlucho

The problem is specifically:

Code:
ERROR: getpatch: Can't download daily-25156.cdiff from database.clamav.net
If your firewall isn't blocking connections it must be something else. It's not a universal issue as I was able to update ClamAV on my server using freshclam without issue. You're more than welcome to open a ticket using the link in my signature. Once open please reply with the Ticket ID here so that we can update this thread with the resolution once the ticket is resolved.


Thanks!
 

rpvw

Well-Known Member
Jul 18, 2013
1,101
462
113
UK
cPanel Access Level
Root Administrator

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,296
1,272
313
Houston
Hello @jlucho

That ticket is from Nov 16th for the same issue. The analyst in the ticket told you the following:

1. The ClamAV installation isn't provided by cPanel in this instance (it's a custom installation) though the issue does occur with our installed ClamAV package
2. The issue is specific to your server. They were not able to replicate the issue anywhere else.
3. They told you to contact ClamAV about the issue which can be done through their mailing list: ClamavNet

Thanks!