Koozali.org: home of the SME Server

[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE

Offline Knuddi

  • *
  • 540
  • +0/-0
    • http://www.scanmailx.com
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« on: April 13, 2007, 12:58:51 PM »
All,

I have finally found the problem that has prevented an upgrade to later version of ClamAV.  Since the upgrade requires a patch to be applied and if not done correctly will kill Clam and close your mail I have decied not to start an automatic update this time.

This means you HAVE to download and run the install/upgrade script which is available from my site:

# wget -N http://sme.swerts-knudsen.dk/downloads/AntiVirus/antivirus_install.sh
# sh antivirus_install.sh

Enjoy,
Jesper

Offline Confucius

  • ****
  • 235
  • +0/-0
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #1 on: April 13, 2007, 02:10:42 PM »
Maybe good to mention that this is NOT intended for SME7

Offline Knuddi

  • *
  • 540
  • +0/-0
    • http://www.scanmailx.com
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #2 on: April 13, 2007, 02:31:45 PM »
Absolutely - that's why its in the SME 6.x contribs area :-)

Anyways, the script will bail out and not run under SME 7x

Better safe than sorry...

Offline Confucius

  • ****
  • 235
  • +0/-0
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #3 on: April 13, 2007, 03:44:54 PM »
Jesper,

What happened in these updates. I still have 3 servers doing 601 and they vary in structure & apps. But no matter what server I check they all become seriously faster (when I have to make an estimate, 20%)

Wish this had come earlier... I'm in the process of upgrading to 7

Offline Knuddi

  • *
  • 540
  • +0/-0
    • http://www.scanmailx.com
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #4 on: April 13, 2007, 07:15:03 PM »
Clamd's RAWSCAN command which is used by amavis simply hangs so I had to change amavis-ng to use another (SCAN) command.

What do you mean about faster? Sure SME6 is based on an ancient kernel and all others are newer and faster. I have 4 servers with SME6 and 1 with SME7. My main company mailserver is still SME6 (this is why I needed this thing to work...)

Offline Confucius

  • ****
  • 235
  • +0/-0
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #5 on: April 13, 2007, 07:32:56 PM »
I meant that the SME6 servers became faster after installing the new scanner you just handed out.

Harro

cc_skavenger

[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #6 on: April 14, 2007, 06:18:12 AM »
thanks again for all your hard work!!

Offline Normando

  • *
  • 841
  • +2/-1
    • Unixlan
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #7 on: April 14, 2007, 06:30:19 PM »
Thank Knuddi for your efforts.

stefan_gk

[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #8 on: April 17, 2007, 09:01:29 AM »
I successfuly installed 0.90.2 version of clamav with antivirus_install.sh, but today I got the following message in admin mailbox:

Code: [Select]

...
Subject: Clam Antivirus was updated

The following updates were downloaded and installed:
  - clamav-es-0.88.7-es01.i386.rpm
  - clamav-es-libs-0.88.7-es01.i386.rpm
  - sme-antivirus-1.4.6-1.noarch.rpm

regards,
The Automatic Clam Antivirus updater


Maybe UCA script is doing something wrong?

Offline hartmut

  • 11
  • +0/-0
    • trepkau.de
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #9 on: April 18, 2007, 09:44:16 PM »
Hi Knuddi,

great job, but there is an error in the /etc/freshclam.conf.

The content of the template fragment

/etc/e-smith/templates/etc/freshclam.conf/55NotifiyClamd

should be

NotifiyClamd /etc/clamd.conf

otherwise clamd is NOT reloaded after an db update.

CU Hartmut

Offline Confucius

  • ****
  • 235
  • +0/-0
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #10 on: April 19, 2007, 12:04:44 AM »
Wondering how you came to that conclusion...

Code: [Select]

# Send the RELOAD command to clamd.
NotifyClamd yes

# Run command after database update.
OnUpdateExecute /bin/date -R > /usr/share/clamav/last_update


The Update Reload command is below it. NotifyClamd is no more then a true or false parameter and not a reference.

Harro

Offline Knuddi

  • *
  • 540
  • +0/-0
    • http://www.scanmailx.com
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #11 on: April 19, 2007, 04:31:49 PM »
I am aware of three bugs/problems in this release.

1) freshclam.conf: NotifyClamd should be /etc/clamd.conf rather than just Yes. Clam updates the database on a regular basis (every 1 hour) as far as I know so its not critical.

2) The clamscan command (scan if ibays, etc.) has an incorrect archive command (--unace) which has been obsoleted.

3) The UCA script is a little confused since the current installed version (0.90.2) is newer than what it sees when checking for updates. This is an unfortunate issue that is a consequence of the way this update is applied. I think that you should only see this once.

I will around and send and update out one of the next days - none of the above problems are critical.

Maybe I will release as normal release and you will all be normally and automatically updated.

Sorry all of you (that has not read this thread) and who will get a sick server - I hope you find this quickly....

Rgds,
Jesper

Offline Knuddi

  • *
  • 540
  • +0/-0
    • http://www.scanmailx.com
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #12 on: April 20, 2007, 09:06:18 AM »
I have now compiled a new release of the sme-antivirus package that should solve the above mentioned problems.

Can be installed directly via:

# rpm -Uvh http://mirror.contribs.org/smeserver/contribs/swerts-knudsen/AntiVirus/clam_090/sme-antivirus-1.4.8-1.noarch.rpm

and I will make it auto update as well. Users with <0.90 will be notified that there is a new release and a failing admin mail but do dead mail system.

Rgds,
Jesper

Offline Knuddi

  • *
  • 540
  • +0/-0
    • http://www.scanmailx.com
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #13 on: April 22, 2007, 09:05:25 PM »
And now yet another version that does the patch has been released. Together with this is have released Clam 0.90.2 for auto update.

Hope that this will be successful for the ~1300 user/servers that I expect to get updated over the next 24 hours......

BTW: I had a strange problem today that I have not been able to figure out where originated from. Suddenly my server-manager panels didn't work anymore and I got permanent qmail-queue errors. It turned out that my /tmp directory had wrong right setting (yey it took a while to figure that out).

If you /tmp has the following rights (see with ls -la /):

drwxr-xr-t    8 root     root ...

then change with

# chmod uga=+rxwt /tmp

and restart server.

Offline allun

  • **
  • 46
  • +0/-0
    • http://www.protechnz.com
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #14 on: April 22, 2007, 11:10:35 PM »
Heya - just wanted to let ya know we had the same problem this morning with our server's AV stopping and mail being put into problems directory -  the /tmp permissions error was also present.
 After reading this thread up to this point and updating as instructed it is all working again.  

Thanks for your efforts Knuddi :-)
...

Offline Confucius

  • ****
  • 235
  • +0/-0
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #15 on: April 23, 2007, 02:22:56 AM »
Jesper,

I can report you that I had the rights-trouble on 3 different servers. Maybe it's a good thing to add this to the RPM or better, put this in a newer version so the servers that can't be approached anymore (for whatever reason, I have 1 now out of reach) will automatically get back in shape because the reboot doesn't seem to be needed to make the panels come back again alltho I would advise still to do it.

Harro

Offline allun

  • **
  • 46
  • +0/-0
    • http://www.protechnz.com
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #16 on: April 23, 2007, 02:31:26 AM »
Quote from: "Confucius"
Jesper,

I can report you that I had the rights-trouble on 3 different servers. Maybe it's a good thing to add this to the RPM or better, put this in a newer version so the servers that can't be approached anymore (for whatever reason, I have 1 now out of reach) will automatically get back in shape because the reboot doesn't seem to be needed to make the panels come back again alltho I would advise still to do it.

Harro


Ah yes - if it helps anyone, we simply did
Code: [Select]

service httpd restart
service httpd-admin restart


and our server manager panels worked again.....it seems httpd didn't like not having a tmp dir to write to![/quote]
...

Offline CharlieBrady

  • *
  • 6,918
  • +3/-0
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #17 on: April 23, 2007, 03:11:23 AM »
Quote from: Knuddi

BTW: I had a strange problem today that I have not been able to figure out where originated from.
/quote]

Try "rpm -qf /tmp". You might have installed a badly built rpm which claimed ownership of /tmp with the wrong permissions set.

Are you taking over the maintenance of SME6? If not, then I'd recommend you encourage all your users to upgrade to SME7.

Offline sages

  • *
  • 182
  • +0/-0
    • http://www.sages.com.au
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #18 on: April 23, 2007, 03:46:06 AM »
had the same permission errors on /tmp on a couple of legacy servers i have running sme 6 on.
yet another hint to upgrade to sme7 :)
just have to divert the time to upgrade instead of fixing things.
...

xyannix

Blank Emails
« Reply #19 on: April 23, 2007, 05:01:13 AM »
I did a restore with backup2ws because my server was totally locked up.

I then installed the antivirus-1.4.9-2.

I had to CHOWN all my users because backup2ws didnt bring over the permissions correctly.

Now I am receiving emails but they are totally blank. Any idea how to fix this?

This is the only info in the source of the email.

Received: (qmail 2369 invoked by alias); 23 Apr 2007 02:53:12 -0000
Delivered-To: alias-localdelivery-myusername@mydomain.com
Received: (qmail 2362 invoked from network); 23 Apr 2007 02:53:12 -0000

xyannix

[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #20 on: April 23, 2007, 05:22:40 AM »
Also, Any email is send are blank.

xyannix

[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #21 on: April 23, 2007, 05:50:23 AM »
I ended up doing a

rpm -e sme-antivirus-1.4.9-2

And then running the install script again and also reinstalled spam assasin and things seem to be working.

By the way. Thank you Jesper for all your work. It is really appreciated !!!

Offline olivers

  • 10
  • +0/-0
amavis-ng scanning
« Reply #22 on: April 23, 2007, 06:43:37 AM »
Per Jesper's advice, I fixed the /tmp permissions and all new mails are going through successfully.  
.
I now have the various emails that were unpacked by amavis-ng in /var/spool/amavis-ng directory.  How do I resend them?

Thanks,
Oliver

Offline Knuddi

  • *
  • 540
  • +0/-0
    • http://www.scanmailx.com
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #23 on: April 23, 2007, 10:22:34 AM »
The problem is exactly as CharlieBrady indicated. I had placed the needed patch in the /tmp directory and when the RPM got installed it claimed ownership of /tmp. I have released a new RPM that #1 will not use /tmp #2 and will fix the rights again (chmod uga=+wrxt /tmp).

This can be forced installed via (and will auto update soon when mirrors are synced):

rpm -Uvh http://sme.swerts-knudsen.dk/downloads/AntiVirus/sme-antivirus-1.4.9-3.noarch.rpm

Sure I would recommend all that can to update to SME7 - SME6 is dead from contribs.org point of view but I know that there are at least 2500 servers out there still running happily as any new SpamAssassin or Clam release I do get that amount of updates.

With the activity I see in the forum on SME6 I guess it will slowly go away and we will all move on to SME7 when we find it needed. I have already moved 2 of 4 servers from SME6 to SME7 in my company and will migrate all over the summer (and my SME6 support will slowly go away as well).

Sorry for this major hick-up....

/Jesper

Offline Confucius

  • ****
  • 235
  • +0/-0
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #24 on: April 23, 2007, 11:28:15 AM »
Jesper,

Thanx for the hard work but mostly for the quick resolving :)

Already in a upgrade process but as you know these things take time when we're talking production use.
I'm happy you gave a timeline for us so we know what to expect.

Harro

Offline kryptos

  • ****
  • 245
  • +0/-0
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #25 on: April 24, 2007, 08:31:18 AM »
hi,
 i have trouble sending after i intalled the new sme-antivirus rpm. Recieving no problem only sending. It seems the it will not go out of the server. Where do i check for logs? thanks

Rocel

lord.quicksilver

[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #26 on: April 24, 2007, 01:42:21 PM »
I had the same problem as kryptos': no way to send an email if clamav was scanning outgoing emails. On SME 6.0-04

First, I solved the problem by telling clamav NOT to scan outgoing email, which is BAD :-(
Also, email sending was really slow at that point.
Then, I followed knuddi's instruction (thank you!) in this forum, and all worked again:
1) # wget -N http://sme.swerts-knudsen.dk/downloads/AntiVirus/antivirus_install.sh
# sh antivirus_install.sh

,
2) # chmod uga=+rxwt /tmp

(reboot)

and

3) # rpm -Uvh http://sme.swerts-knudsen.dk/downloads/AntiVirus/sme-antivirus-1.4.9-3.noarch.rpm

The only problem which remains is that email sending is "a bit" slower than before, but I can stand it, since I'm going to upgrade to 7.0 a.s.a.p.

L.Q.

Offline kryptos

  • ****
  • 245
  • +0/-0
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #27 on: April 25, 2007, 04:12:39 AM »
hi all
 I have sort out the problem it seems my ISP smtp server which im using is the problem. It was at that same time i installed the new sme-antivirus rpm so i thought because of the installation.I only discover after I reinstall the script again...huh.. but it seems ok right now. I'll just post here again if i have a problem. Thanks knudi for this script we waited for this.

P.S We are still planning on moving to SME7

Offline bowhuntr

  • 18
  • +0/-0
failed install
« Reply #28 on: August 08, 2007, 01:21:30 AM »
I tried to upgrade using the script today and it uninstalled the old version I had and the script gives me this series of errors:

Checking for existing installations.... Please wait!
Installing ClamAntivirus on SME 6.0.....
Downloading RPMs from
/clamav-es-libs-0.91.1-es01.i386.rpm: Unsupported scheme.
/clamav-es-0.91.1-es01.i386.rpm: Unsupported scheme.
/sme-antivirus-1.4.9-3.noarch.rpm: Unsupported scheme.
Amavis-ng Already patched
Amavis-ng Already patched for Clam 0.90+
Default mirror not set - setting to default (USA)
mkdir: cannot create directory `/var/log/clamav': File exists
ERROR: No templates were found for /etc/freshclam.conf.
 at /sbin/e-smith/expand-template line 49
ERROR: No templates were found for /etc/clamd.conf.
 at /sbin/e-smith/expand-template line 49
antivirus_install.sh: /etc/init.d/clamd: No such file or directory
Updating the Clam Virus database - Please wait....
antivirus_install.sh: /usr/bin/freshclam: No such file or directory
Updating the automatic update site to new defaults...
Installation failed, exiting
all downloaded file are located in /root/antivirus_install


HELP!  please

Offline Confucius

  • ****
  • 235
  • +0/-0
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #29 on: August 08, 2007, 09:46:09 AM »
Suffered the same

To get my system back into action (for the time I'm still doing no upgrade yet) I did :

Code: [Select]

wget http://sme.swerts-knudsen.dk/downloads/AntiVirus/clamav-es-0.91.1-es01.i386.rpm
wget http://sme.swerts-knudsen.dk/downloads/AntiVirus/clamav-es-libs-0.91.1-es01.i386.rpm
wget http://sme.swerts-knudsen.dk/downloads/AntiVirus/sme-antivirus-1.4.9-3.noarch.rpm

rpm -Uvh clamav-es*
rpm -Uvh sme-antivirus*

And got mail functionality back... at least it looks that way..

Offline bowhuntr

  • 18
  • +0/-0
[Announce]: ClamAV updated to 0.90.2 - IMPORTANT UPDATE
« Reply #30 on: August 08, 2007, 02:26:10 PM »
Thanks for the response. I went ahead and did a clean install to 7.2.