In your freshclam.conf there is a path option - sometimes it goes straight into /var/log for the freshclam.log
Make a /var/log/clamav and move the freshclam.log into that directory, make sure your clam acc has proper perms, and try again.
-----Original Message-----
From: clamav-users <clamav-users-bounces@lists.clamav.net> On Behalf Of Mark Fortescue
Sent: Wednesday, August 9, 2023 10:12 AM
To: clamav-users@lists.clamav.net
Subject: EXT :Re: [clamav-users] ERROR: Can't create temporary directory
Hi Nozomi,
Check that the /var/lib filing system has > 2G of free space to allow for the fully unpacked databases. Without this free space you will get lots of odd almost unexplainable issues at random intervals.
If it dose have the free space then the issue is most likely not a clamav issue but an apparmor/isolinux issue.
My experience of sorting out apparmor issues is that it is painful.
You need to look in the logs to find out what is actually going on.
Start by taking a look at /var/log/auth.log, /var/log/kern.log and /var/log/syslog.
It is usually simple to fix having found the issue. A single entry into a file and restart the protection program that has been blocking access.
Regards
Mark.
On 09/08/2023 03:42, Tachibanaki Nozomi (橘木 希美) wrote:
> Hi Mark,
>
> thank you for your reply.
>
> I checked the environment with the command you suggested.
>
> The error message that is output is as follows.
> # ClamAV update process started at Tue Aug 8 15:47:54 2023 # ERROR:
> Can't create temporary directory /var/lib/clamav/tmp.fa0a69ba96 #
> Hint: The database directory must be writable for UID 1000 or GID 1000
> # ERROR: Update failed.
>
> Default DatabaseOwner in freshclam.conf.
> # By default when started freshclam drops privileges and switches to
> the # "clamav" user. This directive allows you to change the database owner.
> # Default: clamav (may depend on installation options) # DatabaseOwner
> clamav
>
> I checked the UID and GID in the error message.
> # grep ":1000:" /etc/passwd
> clamav:x:1000:1000:Clam Antivirus:/home/clamav:/bin/false # grep
> ":1000:" /etc/group
> clamav:x:1000:
>
> Changed directory permissions for /var/lib/clamav.
> # chmod 775 /var/lib/clamav
> # ls -ld /var/lib/clamav
> drwxrwxr-x 1 clamav clamav 4096 8月 8 15:27 /var/lib/clamav
>
> After doing the above, I tried running freshclam again, but the error message did not change.
> This error only occurred when running on AWS ECS.
>
> Please let me know if there is anything else I should check.
>
> Thank you and regards,
> Nozomi Tachibanaki
>
> -----Original Message-----
> From: Mark Fortescue <mark.lists@thurning-instruments.co.uk>
> Sent: Monday, August 7, 2023 6:24 PM
> To: clamav-users@lists.clamav.net
> Subject: Re: [clamav-users] ERROR: Can't create temporary directory
>
> Hi Nozomi,
>
> The following commands will tell you the user/group information for user=1000, group=1000 (as per the error message):
>
> grep ":1000:" /etc/passwd
> grep ":1000:" /etc/group
>
> This will give you text name of the user/group that /var/lib/clamav should be set to.
>
> You can change the user/group to the correct versions using 'chown' or 'chgrp' commands without using the names:
>
> Both:
> sudo chown 1000:1000 /var/lib/clamav
>
> User Only:
> sudo chown 1000 /var/lib/clamav
>
> Group Only:
> sudo chgrp 1000 /var/lib/clamav
>
> Set the permissions to 0775:
> sudo chmod 775 /var/lib/clamav
>
> Get information on the directory owner/group and permissions:
> ls -ld /var/lib/clamav
>
> I hope this helps you get further.
>
> Regards
> Mark.
>
> On 07/08/2023 08:40, Tachibanaki Nozomi (橘木 希美) wrote:
>> Thank you for your reply.
>>
>> I tried creating a vscan service account and changing the owner as
>> you suggested, The result of running freshclam did not change.
>>
>> # ls -l /var/lib/
>> drwxr-xr-x 1 vscan vscan 4096 Aug 7 15:59 clamav
>>
>> # freshclam
>> ClamAV update process started at Mon Aug 7 16:09:30 2023.
>> ERROR: Cannot create temporary directory /var/lib/clamav/tmp.9f3f4fab8d.
>> TIP: Database directory must be writable with UID 1000 or GID 1000.
>> ERROR: Update failed.
>>
>> Please let us know if there are other possible causes.
>>
>> Thank you and regards,
>> Nozomi Tachibanaki
>>
>> -----Original Message-----
>> From: Masaru Nomiya <nomiya@lake.dti.ne.jp>
>> Sent: Wednesday, August 2, 2023 7:29 PM
>> To: clamav-users@lists.clamav.net
>> Subject: Re: [clamav-users] ERROR: Can't create temporary directory
>>
>> Hello,
>>
>> In the Message;
>>
>> Subject : Re: [clamav-users] ERROR: Can't create temporary directory
>> Message-ID : <87bkfq7xvx.wl-nomiya@lake.dti.ne.jp>
>> Date & Time: Wed, 02 Aug 2023 15:37:38 +0900
>>
>> [MN] == Masaru Nomiya via clamav-users <clamav-users@lists.clamav.net> has written:
>>
>> MN> Hello,
>>
>> MN> In the Message;
>>
>> MN> Subject : [clamav-users] ERROR: Can't create temporary directory
>> MN> Message-ID : <TY3PR01MB9682707691AB77A2514491D5B90BA@TY3PR01MB9682.jpnprd01.prod.outlook.com>
>> MN> Date & Time: Wed, 2 Aug 2023 06:00:24 +0000
>>
>> MN> [NT] == Tachibanaki Nozomi (橘木 希美) <nozomi.tachibanaki@jp.ricoh.com> has written:
>>
>> MN> [...]
>> NT> ClamAV update process started at Wed Aug 2 14:10:27 2023
>> NT> ERROR: Can't create temporary directory
>> NT> /var/lib/clamav/tmp.463bd76e97
>> NT> Hint: The database directory must be writable for UID 1000 or
>> NT> GID
>> NT> 1000
>> NT> ERROR: Update failed.
>>
>> NT> 1. The owner of /var/lib/clamav is as follows.
>> NT> drwxr-xr-x 1 clamav clamav 4096 Aug 2 13:51 clamav
>> MN> [...]
>>
>> MN> In my case;
>>
>> MN> drwxr-xr-x 3 vscan vscan 4096 8月 2 15:13 clamav
>>
>> MN> I thought File Ownership could not be calmav?
>>
>> MN> Just like this;
>>
>> MN> # chown clamav /var/lib/clamav
>> MN> chown: invalid user: ‘clamav’
>>
>> Sorry, this is not an answer.
>>
>> How about this?
>>
>> # chown vscan /var/lib/clamav
>>
>> The only problem is the permissions.
>>
>> Regards.
>>
>> ---
>> ┏━━┓彡 野宮 賢 mail-to: nomiya @ lake.dti.ne.jp
>> ┃\/彡
>> ┗━━┛ " Hassabis says that no one really knows for sure that AI will
>> become a major danger. But he is certain that if progress
>> continues at its current pace, there isn’t much time to develop
>> safeguards. "I can see the kinds of things we're building into
>> the Gemini series right, and we have no reason to believe that
>> they won't work," he says."
>>
>> -- "Google DeepMind's CEO Says Its Next Algorithm Will Eclipse
>> ChatGPT" --
>>
>> _______________________________________________
>>
>> Manage your clamav-users mailing list subscription / unsubscribe:
>> https://lists.clamav.net/mailman/listinfo/clamav-users
>>
>>
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/Cisco-Talos/clamav-documentation
>>
>> https://docs.clamav.net/#mailing-lists-and-chat
>>
>
> _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat
>
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
Make a /var/log/clamav and move the freshclam.log into that directory, make sure your clam acc has proper perms, and try again.
-----Original Message-----
From: clamav-users <clamav-users-bounces@lists.clamav.net> On Behalf Of Mark Fortescue
Sent: Wednesday, August 9, 2023 10:12 AM
To: clamav-users@lists.clamav.net
Subject: EXT :Re: [clamav-users] ERROR: Can't create temporary directory
Hi Nozomi,
Check that the /var/lib filing system has > 2G of free space to allow for the fully unpacked databases. Without this free space you will get lots of odd almost unexplainable issues at random intervals.
If it dose have the free space then the issue is most likely not a clamav issue but an apparmor/isolinux issue.
My experience of sorting out apparmor issues is that it is painful.
You need to look in the logs to find out what is actually going on.
Start by taking a look at /var/log/auth.log, /var/log/kern.log and /var/log/syslog.
It is usually simple to fix having found the issue. A single entry into a file and restart the protection program that has been blocking access.
Regards
Mark.
On 09/08/2023 03:42, Tachibanaki Nozomi (橘木 希美) wrote:
> Hi Mark,
>
> thank you for your reply.
>
> I checked the environment with the command you suggested.
>
> The error message that is output is as follows.
> # ClamAV update process started at Tue Aug 8 15:47:54 2023 # ERROR:
> Can't create temporary directory /var/lib/clamav/tmp.fa0a69ba96 #
> Hint: The database directory must be writable for UID 1000 or GID 1000
> # ERROR: Update failed.
>
> Default DatabaseOwner in freshclam.conf.
> # By default when started freshclam drops privileges and switches to
> the # "clamav" user. This directive allows you to change the database owner.
> # Default: clamav (may depend on installation options) # DatabaseOwner
> clamav
>
> I checked the UID and GID in the error message.
> # grep ":1000:" /etc/passwd
> clamav:x:1000:1000:Clam Antivirus:/home/clamav:/bin/false # grep
> ":1000:" /etc/group
> clamav:x:1000:
>
> Changed directory permissions for /var/lib/clamav.
> # chmod 775 /var/lib/clamav
> # ls -ld /var/lib/clamav
> drwxrwxr-x 1 clamav clamav 4096 8月 8 15:27 /var/lib/clamav
>
> After doing the above, I tried running freshclam again, but the error message did not change.
> This error only occurred when running on AWS ECS.
>
> Please let me know if there is anything else I should check.
>
> Thank you and regards,
> Nozomi Tachibanaki
>
> -----Original Message-----
> From: Mark Fortescue <mark.lists@thurning-instruments.co.uk>
> Sent: Monday, August 7, 2023 6:24 PM
> To: clamav-users@lists.clamav.net
> Subject: Re: [clamav-users] ERROR: Can't create temporary directory
>
> Hi Nozomi,
>
> The following commands will tell you the user/group information for user=1000, group=1000 (as per the error message):
>
> grep ":1000:" /etc/passwd
> grep ":1000:" /etc/group
>
> This will give you text name of the user/group that /var/lib/clamav should be set to.
>
> You can change the user/group to the correct versions using 'chown' or 'chgrp' commands without using the names:
>
> Both:
> sudo chown 1000:1000 /var/lib/clamav
>
> User Only:
> sudo chown 1000 /var/lib/clamav
>
> Group Only:
> sudo chgrp 1000 /var/lib/clamav
>
> Set the permissions to 0775:
> sudo chmod 775 /var/lib/clamav
>
> Get information on the directory owner/group and permissions:
> ls -ld /var/lib/clamav
>
> I hope this helps you get further.
>
> Regards
> Mark.
>
> On 07/08/2023 08:40, Tachibanaki Nozomi (橘木 希美) wrote:
>> Thank you for your reply.
>>
>> I tried creating a vscan service account and changing the owner as
>> you suggested, The result of running freshclam did not change.
>>
>> # ls -l /var/lib/
>> drwxr-xr-x 1 vscan vscan 4096 Aug 7 15:59 clamav
>>
>> # freshclam
>> ClamAV update process started at Mon Aug 7 16:09:30 2023.
>> ERROR: Cannot create temporary directory /var/lib/clamav/tmp.9f3f4fab8d.
>> TIP: Database directory must be writable with UID 1000 or GID 1000.
>> ERROR: Update failed.
>>
>> Please let us know if there are other possible causes.
>>
>> Thank you and regards,
>> Nozomi Tachibanaki
>>
>> -----Original Message-----
>> From: Masaru Nomiya <nomiya@lake.dti.ne.jp>
>> Sent: Wednesday, August 2, 2023 7:29 PM
>> To: clamav-users@lists.clamav.net
>> Subject: Re: [clamav-users] ERROR: Can't create temporary directory
>>
>> Hello,
>>
>> In the Message;
>>
>> Subject : Re: [clamav-users] ERROR: Can't create temporary directory
>> Message-ID : <87bkfq7xvx.wl-nomiya@lake.dti.ne.jp>
>> Date & Time: Wed, 02 Aug 2023 15:37:38 +0900
>>
>> [MN] == Masaru Nomiya via clamav-users <clamav-users@lists.clamav.net> has written:
>>
>> MN> Hello,
>>
>> MN> In the Message;
>>
>> MN> Subject : [clamav-users] ERROR: Can't create temporary directory
>> MN> Message-ID : <TY3PR01MB9682707691AB77A2514491D5B90BA@TY3PR01MB9682.jpnprd01.prod.outlook.com>
>> MN> Date & Time: Wed, 2 Aug 2023 06:00:24 +0000
>>
>> MN> [NT] == Tachibanaki Nozomi (橘木 希美) <nozomi.tachibanaki@jp.ricoh.com> has written:
>>
>> MN> [...]
>> NT> ClamAV update process started at Wed Aug 2 14:10:27 2023
>> NT> ERROR: Can't create temporary directory
>> NT> /var/lib/clamav/tmp.463bd76e97
>> NT> Hint: The database directory must be writable for UID 1000 or
>> NT> GID
>> NT> 1000
>> NT> ERROR: Update failed.
>>
>> NT> 1. The owner of /var/lib/clamav is as follows.
>> NT> drwxr-xr-x 1 clamav clamav 4096 Aug 2 13:51 clamav
>> MN> [...]
>>
>> MN> In my case;
>>
>> MN> drwxr-xr-x 3 vscan vscan 4096 8月 2 15:13 clamav
>>
>> MN> I thought File Ownership could not be calmav?
>>
>> MN> Just like this;
>>
>> MN> # chown clamav /var/lib/clamav
>> MN> chown: invalid user: ‘clamav’
>>
>> Sorry, this is not an answer.
>>
>> How about this?
>>
>> # chown vscan /var/lib/clamav
>>
>> The only problem is the permissions.
>>
>> Regards.
>>
>> ---
>> ┏━━┓彡 野宮 賢 mail-to: nomiya @ lake.dti.ne.jp
>> ┃\/彡
>> ┗━━┛ " Hassabis says that no one really knows for sure that AI will
>> become a major danger. But he is certain that if progress
>> continues at its current pace, there isn’t much time to develop
>> safeguards. "I can see the kinds of things we're building into
>> the Gemini series right, and we have no reason to believe that
>> they won't work," he says."
>>
>> -- "Google DeepMind's CEO Says Its Next Algorithm Will Eclipse
>> ChatGPT" --
>>
>> _______________________________________________
>>
>> Manage your clamav-users mailing list subscription / unsubscribe:
>> https://lists.clamav.net/mailman/listinfo/clamav-users
>>
>>
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/Cisco-Talos/clamav-documentation
>>
>> https://docs.clamav.net/#mailing-lists-and-chat
>>
>
> _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat
>
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat