SOLVED /usr/local/cpanel/3rdparty/bin/freshclam --quiet --no-warnings

Hello
I have the same issue: for 5 days running now my ClamAV does not update... with the same email cron output warning. There was previously some issue with the server (hosting providers sorted it) and the server was down and had a hard reboot. Since then clam has not been able to update.

I have tried to locate ClamAV but can't find it on the server. I have accessed to usr/local/cpanel/3rdparty/ but can not run any clam files here (as root).

In all aspects, all locations, I can "see" the files but can't seem to run them, the command line stating that file not recognised.

Thus, I can not find the location of ClamAV on my server. I have read about possibly removing the daily.cvd file but I cant find it to do this. Also there are various files on the server relating to freshclam but they do no run from the command line (from usr/local/cpanel/3rdparty/... and again both with or without sudo )

Can you tell me where the logs are located (referenced in your answer above)? I can't see this log in /var/logs .

I tried to restart clam with scripts/restartsrv_clamd and this also fails to run (file not recognised, although it's there)

What is the method process for resolving this and
- 1) deleting the older daily.cvd to initiate a new fresh download
- 2) checking the install of ClamAV is good and current?
- 3) restarting clamAV?

Cheers

p.s> WHM version 68.0.28

 

You might be able to repair everything by going to WHM > cPanel > Manage Plugins and Uninstall "ClamAV for cPanel"

Then reinstall it, and see if it works

 

While this may work; I can not see how to install the ClamAV once it's uninstalled.... any clues?

 

Hi InfoPro -- No, well, maybe. Clam has been installed on the system since inception before I was running it. I will try uninstalling and reinstalling it. and seeing how that fairs,
THanks, to you both .

 

This did not fix the issue, but the issue has changed:


ERROR: getpatch: Can't download main-55.cdiff from database.clamav.net
ERROR: Can't download main.cvd from database.clamav.net

 

Yes, It seems to be installed ok. It comes up correctly in the "Service manager" and appears and runs correctly in the CPanel --> Virus Scanner window.

 

The thing is, that

1) I never had this issue before the server crash on Sunday.
2) Since reinstalling Clam the error has changed; daily.cvd doesn't raise an error but now it's main.cvd

Is there any info you can share about how to establish if the issue is on the server or is remote or how to etablish at what point in the chain the failures are occurring?

Cheers

Martin

 

You should find the clamav data files in /usr/local/cpanel/3rdparty/share/clamav

I believe the cld and dat files should all be chowned to clamav:clamav in a standard cPanel install
You can try and re-download any of the bytecode/daily/main cld files by renaming it and then running
/usr/local/cpanel/3rdparty/bin/freshclam

The output I just got was

Code:

ClamAV update process started at Thu Feb  8 15:33:13 2018
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.99.2 Recommended version: 0.99.3
DON'T PANIC! Read http://www.clamav.net/documents/upgrading-clamav
main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
WARNING: getfile: daily-24296.cdiff not found on database.clamav.net (IP: 193.1.193.64)
WARNING: getpatch: Can't download daily-24296.cdiff from database.clamav.net
WARNING: getfile: daily-24296.cdiff not found on database.clamav.net (IP: 78.158.65.73)
WARNING: getpatch: Can't download daily-24296.cdiff from database.clamav.net
Downloading daily-24296.cdiff [100%]
daily.cld updated (version: 24296, sigs: 1847795, f-level: 63, builder: neo)
bytecode.cld is up to date (version: 319, sigs: 75, f-level: 63, builder: neo)
Database updated (6414119 signatures) from database.clamav.net (IP: 81.91.100.173)

Also check out this post for some additional cool command line tips New Security Advisor notifications with Medium importance

 

Code:

[INDENT]Current working dir is /usr/local/cpanel/3rdparty/share/clamav
Max retries == 3
ClamAV update process started at Thu Feb  8 17:58:28 2018
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 95
Software version from DNS: 0.99.3
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.99.2 Recommended version: 0.99.3
DON'T PANIC! Read ClamavNet
main.cvd version from DNS: 58
Retrieving http://database.clamav.net/main-55.cdiff
Ignoring mirror 130.59.113.36 (due to previous errors)
Ignoring mirror 78.96.7.8 (due to previous errors)
Ignoring mirror 130.59.113.36 (due to previous errors)
Ignoring mirror 78.96.7.8 (due to previous errors)
WARNING: getpatch: Can't download main-55.cdiff from database.clamav.net
Retrieving http://database.clamav.net/main-55.cdiff
Ignoring mirror 130.59.113.36 (due to previous errors)
Ignoring mirror 78.96.7.8 (due to previous errors)
WARNING: getpatch: Can't download main-55.cdiff from database.clamav.net
Retrieving http://database.clamav.net/main-55.cdiff
Ignoring mirror 78.96.7.8 (due to previous errors)
Ignoring mirror 130.59.113.36 (due to previous errors)
WARNING: getpatch: Can't download main-55.cdiff from database.clamav.net
WARNING: Incremental update failed, trying to download main.cvd
Whitelisting short-term blacklisted mirrors
Retrieving http://database.clamav.net/main.cvd
Ignoring mirror 130.59.113.36 (due to previous errors)
connect_error: getsockopt(SO_ERROR): fd=3 error=111: Connection refused
Can't connect to port 80 of host database.clamav.net (IP: 78.96.7.8)
Ignoring mirror 78.96.7.8 (due to previous errors)
Ignoring mirror 130.59.113.36 (due to previous errors)
WARNING: Can't download main.cvd from database.clamav.net
Trying again in 5 secs...

[/INDENT]

 

Hello
I have a curious situation whereby I can run freshclam with the full URI but not in the local folder; is this normal?

example images are attached. THe file is there but it's not "found"?(previous command was 'ls')