[clamav-users] Freshclam or clamav-database

Al Varnell alvarnell at mac.com
Wed Jul 12 08:45:29 UTC 2017 

On Wed, Jul 12, 2017 at 01:09 AM, Bob Williams wrote:
> 
> I installed clamav from the openSUSE repositories. Every few days, the openSUSE update repository offers an updated version of the clamav-database, which I download.
> 
> OTOH, I see that freshclam also runs, but the logs say:
> 
> 08:59 bob at blackbox:~> journalctl -u freshclam
> -- Logs begin at Wed 2017-07-12 08:57:12 BST, end at Wed 2017-07-12 09:03:00 BST. --
> Jul 12 08:57:43 blackbox systemd[1]: Starting Freshclam virus definitions downloader...
> Jul 12 08:57:43 blackbox freshclam[3321]: freshclam daemon 0.99.2 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
> Jul 12 08:57:43 blackbox freshclam[3321]: ClamAV update process started at Wed Jul 12 08:57:43 2017
> Jul 12 08:57:43 blackbox systemd[1]: Started Freshclam virus definitions downloader.
> Jul 12 08:57:43 blackbox freshclam[3321]: main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, build
> Jul 12 08:57:43 blackbox freshclam[3321]: Downloading daily-23550.cdiff [100%]
> Jul 12 08:57:43 blackbox freshclam[3321]: Downloading daily-23551.cdiff [100%]
> Jul 12 08:57:43 blackbox freshclam[3321]: Downloading daily-23552.cdiff [100%]
> Jul 12 08:57:43 blackbox freshclam[3321]: Downloading daily-23553.cdiff [100%]
> Jul 12 08:57:45 blackbox freshclam[3321]: daily.cld updated (version: 23553, sigs: 1739483, f-level: 63, builder
> Jul 12 08:57:45 blackbox freshclam[3321]: Downloading bytecode-306.cdiff [100%]
> Jul 12 08:57:45 blackbox freshclam[3321]: bytecode.cld updated (version: 306, sigs: 65, f-level: 63, builder: ra
> Jul 12 08:57:46 blackbox freshclam[3321]: Database updated (6305797 signatures) from database.clamav.net (IP: 81
> Jul 12 08:57:46 blackbox freshclam[3321]: Clamd was NOT notified: Can't connect to clamd through /var/run/clamav
> Jul 12 08:57:46 blackbox freshclam[3321]: --------------------------------------
> 
> Which update method is best, and if it's freshclam, how do I get it to notify clamd?
> 
> Regards, Bob

There are normally three updates per day (every 8 hours) so running freshclam at least daily will clearly be best if you want to stay up-to-date.

Freshclam is looking for clamd.socket in /var/run/clamav, so check your clamd.conf file to see if that is where it is specified:
> # Path to a local socket file the daemon will listen on.
> # Default: disabled (must be specified by a user)
> LocalSocket <PathTo clamd.socket>

and that freshclam.conf is checking for clamd.conf in the correct location:
> # Send the RELOAD command to clamd.
> # Default: no
> NotifyClamd <PathTo clamd.conf>

If clamd is not running, then there will be no clamd.socket and there is no need to notify it.  If and when clamd starts up, it will load the current database and only needs to know if it has been updated while running, at which time it will reload the new database.

-Al-
-- 
Al Varnell
Mountain View, CA





-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3569 bytes
Desc: not available
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20170712/5fc8c679/attachment.bin>

More information about the clamav-users mailing list