[clamav-users] looks like I have a problem too
Gene Heskett
gheskett at shentel.net
Wed Mar 17 00:34:19 UTC 2021
On Tuesday 16 March 2021 15:29:04 Micah Snyder (micasnyd) wrote:
> Hi Gene,
>
> Regarding the errors you're observing:
>
> I don't know why the daily.cld check is failing with:
> WARNING: [LibClamAV] cli_tgzload: Invalid checksum for file
> daily.hsb
>
> My guess is that there was a truncated download but that Freshclam
> didn't realize it (see below).
>
> The second issue I see is that database verification failed, but then
> it claimed the database test passed. This is a knowns issue that we
> fixed recently, here: - ticket:
> https://bugzilla.clamav.net/show_bug.cgi?id=12522
> - commit:
> https://github.com/Cisco-Talos/clamav-devel/commit/ade9352d9a168f3560f
>28da806b48e010ff009b7
>
> I believe this issue was fixed in 0.103.1:
> https://blog.clamav.net/2021/02/clamav-01031-patch-release.html
>
> This does raise a point that we could improve the error handling in
> freshclam to try to not only verify the database with a load test, but
> also first verify that the content-length in the HTTP headers matches
> the size of the downloaded files. I'll make a ticket to add this
> extra check just in case users have database verification disabled (or
> the verification is broken again in some unexpected way).
>
> Sorry for all the trouble!
>
Well, I'm not sure why it errored, it has not repeated, ahh, logrotate
killed my tail on the 13th. What its doing is showing that message
everytime it increments the database serial number, but on the next
wakeup, the new version is used and it goes on its merry way until the
next number is released. Currently on 26110. So I'm inclined to think
the error is a corner case in handling the update of daily.cvd.
The reason I didn't see it before is theres so much bs being fed to the
syslog from stuff which did, a year ago, have its own log, so
freshclam's little 6 line thingy was lost in the noise. Something is
restarting cups quite a few times a day, and that is 30+ lines of
useless noise spamming the syslog. With 6 machines all capable of
hitting that printer, and they all have to reestablish connections, the
log is busier than that famous cat on the equally famous tin roof.
Many thanks for the reply Micah. Take care and stay safe and well.
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
If we desire respect for the law, we must first make the law respectable.
- Louis D. Brandeis
Genes Web page <http://geneslinuxbox.net:6309/gene>
More information about the clamav-users
mailing list