Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. ClamAV>
  3. users
ClamAV on RHEL9 with FIPS enabled
clamav-users at lists
Oct 24, 2022, 10:03 AM
Post #1 of 7 (409 views)
Permalink
Hello,

It would appear ClamAV will not run on RHEL9 with FIPS enabled.
Has anyone else seen this issue?

When I disable FIPS ClamAV will start.

# uname -a
Linux rhel9test 5.14.0-70.26.1.el9_0.x86_64 #1 SMP PREEMPT Fri Sep 2 16:07:40 EDT 2022 x86_64 x86_64 x86_64 GNU/Linux


# rpm -qa|grep clam
clamav-filesystem-0.103.7-1.el9.noarch
clamav-data-0.103.7-1.el9.noarch
clamav-lib-0.103.7-1.el9.x86_64
clamav-0.103.7-1.el9.x86_64
clamd-0.103.7-1.el9.x86_64


Oct 24 12:07:44 rhel9test systemd[1]: Starting clamd scanner daemon...
Oct 24 12:07:45 rhel9test clamd[46661]: LibClamAV Error: Can't load /var/lib/clamav/daily.cvd: Can't allocate memory
Oct 24 12:07:45 rhel9test clamd[46661]: LibClamAV Error: cli_loaddbdir(): error loading database /var/lib/clamav/daily.cvd
Oct 24 12:07:45 rhel9test clamd[46661]: ERROR: Can't allocate memory
Oct 24 12:07:45 rhel9test systemd[1]: clamd@service.service<mailto:clamd@service.service>: Control process exited, code=exited, status=1/FAILURE
Oct 24 12:07:45 rhel9test systemd[1]: clamd@service.service<mailto:clamd@service.service>: Failed with result 'exit-code'.
Oct 24 12:07:45 rhel9test systemd[1]: Failed to start clamd scanner daemon.


Thanks,
Jeff Hoevenaar
Re: ClamAV on RHEL9 with FIPS enabled [ In reply to ]
webmaster at securiteinfo
Oct 24, 2022, 10:43 AM
Post #2 of 7 (407 views)
Permalink
Hello,


> Oct 24 12:07:45 rhel9test clamd[46661]: ERROR: Can't allocate memory

You do not have enough RAM.
Do you have, at leaset 8Gb ?

--
Cordialement / Best regards,

Arnaud Jacques
Gérant de SecuriteInfo.com

Téléphone : +33-(0)3.60.47.09.81
E-mail : aj@securiteinfo.com
Site web : https://www.securiteinfo.com
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
Twitter : @SecuriteInfoCom
Signatures for ClamAV antivirus : http://ow.ly/LqfdL
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat
Re: ClamAV on RHEL9 with FIPS enabled [ In reply to ]
uhlar at fantomas
Oct 24, 2022, 11:07 AM
Post #3 of 7 (407 views)
Permalink
>>Oct 24 12:07:45 rhel9test clamd[46661]: ERROR: Can't allocate memory

On 24.10.22 19:43, Arnaud Jacques wrote:
>You do not have enough RAM.
>Do you have, at leaset 8Gb ?

1 GB is not enough, 2GB should be enough to run clamav scanner.
reloading virus database in memory uses temporarily 2-times as much RAM.

with 3rd party virus signatures, you may need even more ram

--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
The only substitute for good manners is fast reflexes.
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat
Re: ClamAV on RHEL9 with FIPS enabled [ In reply to ]
clamav-users at lists
Oct 24, 2022, 12:31 PM
Post #4 of 7 (406 views)
Permalink
I have enough RAM. It is an issue with running in FIPS mode.


Thanks,
Jeff Hoevenaar



-----Original Message-----
From: Arnaud Jacques <webmaster@securiteinfo.com>
Sent: Monday, October 24, 2022 1:43 PM
To: ClamAV users ML <clamav-users@lists.clamav.net>
Cc: Hoevenaar, Jeffrey (GE Aerospace, US) <Jeffrey.Hoevenaar@ge.com>
Subject: EXT: Re: [clamav-users] ClamAV on RHEL9 with FIPS enabled

WARNING: This email originated from outside of GE. Please validate the sender's email address before clicking on links or attachments as they may not be safe.

Hello,


> Oct 24 12:07:45 rhel9test clamd[46661]: ERROR: Can't allocate memory

You do not have enough RAM.
Do you have, at leaset 8Gb ?

--
Cordialement / Best regards,

Arnaud Jacques
Gérant de SecuriteInfo.com

Téléphone : +33-(0)3.60.47.09.81
E-mail : aj@securiteinfo.com
Site web : https://www.securiteinfo.com
Facebook : https://www.facebook.com/pages/SecuriteInfocom/132872523492286
Twitter : @SecuriteInfoCom
Signatures for ClamAV antivirus : http://ow.ly/LqfdL
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat
Re: ClamAV on RHEL9 with FIPS enabled [ In reply to ]
clamav-users at lists
Oct 26, 2022, 6:33 PM
Post #5 of 7 (397 views)
Permalink
On 10/24/22 11:03, Hoevenaar, Jeffrey (GE Aerospace, US) via
clamav-users wrote:
> Hello,
>
> It would appear ClamAV will not run on RHEL9 with FIPS enabled.
>
> Has anyone else seen this issue?

Known issue: https://github.com/Cisco-Talos/clamav/issues/564

which it seems you have already found.

--
Orion Poplawski
he/him/his - surely the least important thing about me
IT Systems Manager 720-772-5637
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion@nwra.com
Boulder, CO 80301 https://www.nwra.com/

Attached Files:

Re: ClamAV on RHEL9 with FIPS enabled [ In reply to ]
clamav-users at lists
Oct 27, 2022, 12:40 AM
Post #6 of 7 (394 views)
Permalink
On Wed, 26 Oct 2022, Orion Poplawski via clamav-users wrote:

> On 10/24/22 11:03, Hoevenaar, Jeffrey (GE Aerospace, US) via clamav-users
> wrote:
>> Hello,
>>
>> It would appear ClamAV will not run on RHEL9 with FIPS enabled.
>>
>> Has anyone else seen this issue?
>
> Known issue: https://github.com/Cisco-Talos/clamav/issues/564
>
> which it seems you have already found.

I guess that including an internal implementation of md5 would
enable ClamAV to run on FIPS enabled/compliant machines,
but that even so, this would not be the right thing to do ?

--
Andrew C. Aitchison Kendal, UK
andrew@aitchison.me.uk
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat
Re: ClamAV on RHEL9 with FIPS enabled [ In reply to ]
clamav-users at lists
Oct 27, 2022, 9:54 AM
Post #7 of 7 (393 views)
Permalink
We plan to migrate away from MD5, and eventually stop supporting MD5 hash signatures as well. I'm hopeful we can do it in the next feature version. An internal MD5 implementation may be required if we can't fully migrate, but I suspect we should be able to.

Regards,
Micah


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
________________________________
From: clamav-users <clamav-users-bounces@lists.clamav.net> on behalf of Andrew C Aitchison via clamav-users <clamav-users@lists.clamav.net>
Sent: Thursday, October 27, 2022 12:40 AM
To: Orion Poplawski via clamav-users <clamav-users@lists.clamav.net>
Cc: Andrew C Aitchison <clamav@aitchison.me.uk>
Subject: Re: [clamav-users] ClamAV on RHEL9 with FIPS enabled

On Wed, 26 Oct 2022, Orion Poplawski via clamav-users wrote:

> On 10/24/22 11:03, Hoevenaar, Jeffrey (GE Aerospace, US) via clamav-users
> wrote:
>> Hello,
>>
>> It would appear ClamAV will not run on RHEL9 with FIPS enabled.
>>
>> Has anyone else seen this issue?
>
> Known issue: https://github.com/Cisco-Talos/clamav/issues/564
>
> which it seems you have already found.

I guess that including an internal implementation of md5 would
enable ClamAV to run on FIPS enabled/compliant machines,
but that even so, this would not be the right thing to do ?

--
Andrew C. Aitchison Kendal, UK
andrew@aitchison.me.uk
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal