Freshclam busted on CentOS6.2 VirtualminGPL latest release

Hi, folks.
I’m having an issue now with freshclam, and when I boot the server scanner for email.
When the clamd server launches, it says something about:

Starting Clam AntiVirus Daemon: LibClamAV Warning: ************************************************** LibClamAV Warning: *** The virus database is older than 7 days! *** LibClamAV Warning: *** Please update it as soon as possible. *** LibClamAV Warning: ************************************************** [ OK ]
If I then run freshclam (of course as the administrator of the server):

ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!). ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).

I can’t determine why it’s doing this at all.
As far as I know, the Clamav directory in /var/log/ does exist, and even changing one thing didn’t help.
Freshclam.conf pointed at /var/lib/clamav for database stuff vs the path of /var/clamav where the /etc/clamd.conf pointed, so I adjusted that.
But no, that didn’t do one thign to change the situation.
Short of reinstalling the entire OS, does anybody have suggestions?
BC reinstalling the OS wasn’t what I had in mind.

By the way, I did forget to mention that nothing is out of date package wise.


You certainly shouldn’t need to reinstall the OS.

Now, ClamAV does have a habit of being a bit noisy, even when things are fairly normal.

However, in your case, I’d be curious those freshclam log errors.

What is the output of this command:

ls -l /var/log/clamav/freshclam.log

Hear is the code you requested from ls -l /var/log/clamav/freshclam.log.

-rw-rw-rw- 1 clamav clamav 0 May 20 03:13 /var/log/clamav/freshclam.log 

In case this helps on why I can’t run freshclam successfully, the directory /var/log/clamav/ is set to permissions 750 I believe.
Not sure if that makes a difference.
Inside the log file, if a tail -f /var/log/clamav/freshclam.log is ran, I get:
Nothign at all.
In other words, nothing returns.
Similarly, a tail -10 /var/log/clamav/freshclam.log returns:
nothing (other than the shell directly). Not even a shell error in that case (just a user@shell).

Jo. Eric.
Apparently, the rpm forge repo installed a clamav over Virtualmins, so…

Just one question.
I need to know if prior to disabling the rpm forge repository, if doing so will uninstall say fail2ban, for instance.
I’m not sure if installed packages will be effected at that point.


Disabling a repo doesn’t uninstall anything – it just prevents future packages from being installed from that repo.

So Fail2ban should be safe!

And ClamAV would be too – what you’d need to do is remove the ClamAV packages that you currently have on there, disable the repo, then reinstall ClamAV, which would pull it in from Virtualmin.


Already done, Freshclam works as expected!
I didn’t realise primarily when enabling RPMFForge (mainly for the purpose of installing fail2ban) because i couldn’t find it in CentOS core, that it was going to pull in a later version of ClamAv.
Well, I think during one of the last system package updates that I ran, it sure did.
Made ClamAv stop working etc.
Thanks Eric!