Mailing List Archive

> Date: Thursday, December 29, 2022 14:36:28 +0000
> From: newcomer01 via clamav-users <clamav-users@lists.clamav.net>
>
> i have this problem with freshclam since long time and I can't fix
> it (Ubuntu 22.04.1)
> When i run freshclam  with a cron job (@rebot) this log come's up:
>
>> Thu Dec 29 13:36:51 2022 -> --------------------------------------
>> Thu Dec 29 13:36:51 2022 -> ClamAV update process started at Thu
Dec 29 13:36:51 2022
>> Thu Dec 29 13:36:51 2022 -> WARNING: Can't query
current.cvd.clamav.net
>> Thu Dec 29 13:36:51 2022 -> WARNING: Invalid DNS reply. Falling
back to HTTP mode.
>> Thu Dec 29 13:36:51 2022 -> Trying to retrieve CVD header from
https://database.clamav.net/daily.cvd
>> Thu Dec 29 13:36:51 2022 -> WARNING: remote_cvdhead: Download
failed (6)
>> Thu Dec 29 13:36:51 2022 -> WARNING:  Message: Couldn't resolve
host name
>> Thu Dec 29 13:36:51 2022 -> Trying again in 5 secs...

. . .

>> Thu Dec 29 13:36:56 2022 -> WARNING:? Message: Couldn't resolve
host name
>> Thu Dec 29 13:36:56 2022 -> Trying again in 5 secs...

. . .

>> Thu Dec 29 13:37:01 2022 -> Trying to retrieve CVD header from
https://database.clamav.net/daily.cvd
>> Thu Dec 29 13:37:01 2022 -> OK
>> Thu Dec 29 13:37:01 2022 -> daily database available for download
(remote version: 26765)

. . .

> When I run the same command later in the day, all is fine.
> What can I do to solve the issue?

When you have a problem like this it's good to carefully read down
through the error messages provided as you'll often find hints there.

As shown in your log, the first couple of attempts failed due to dns
name resolution failures, then it worked on its retry.

You will need to use a tool like dig to work through why your machine
is having these lookup failures. It could be latency in the response
from the nameservers you have configured or a problem is how [or
what] you have configured [as] the nameservers that this machine is
using. It is possible that there is an issue with the nameservers on
the clamav.net side, but that seems less likely as there would
probably be more general reporting of a problem if that were the case.



_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Hi all!

I've just ran freshclam again, and it worked.
I'll keep an eye on it.

Regards,
Alex

On 29.12.22 15:36, newcomer01 via clamav-users wrote:
> Hi @ all,
>
> i have this problem with freshclam since long time and I can't fix it
> (Ubuntu 22.04.1)
> When i run freshclam  with a cron job (@rebot) this log come's up:
>
>> Thu Dec 29 13:36:51 2022 -> --------------------------------------
>> Thu Dec 29 13:36:51 2022 -> ClamAV update process started at Thu Dec
>> 29 13:36:51 2022
>> Thu Dec 29 13:36:51 2022 -> WARNING: Can't query current.cvd.clamav.net
>> Thu Dec 29 13:36:51 2022 -> WARNING: Invalid DNS reply. Falling back
>> to HTTP mode.
>> Thu Dec 29 13:36:51 2022 -> Trying to retrieve CVD header from
>> https://database.clamav.net/daily.cvd
>> Thu Dec 29 13:36:51 2022 -> WARNING: remote_cvdhead: Download failed
>> (6) Thu Dec 29 13:36:51 2022 -> WARNING:  Message: Couldn't resolve
>> host name
>> Thu Dec 29 13:36:51 2022 -> WARNING: Failed to get daily database
>> version information from server: https://database.clamav.net
>> Thu Dec 29 13:36:51 2022 -> ERROR: check_for_new_database_version:
>> Failed to find daily database using server https://database.clamav.net.
>> Thu Dec 29 13:36:51 2022 -> Trying again in 5 secs...
>> Thu Dec 29 13:36:56 2022 -> Trying to retrieve CVD header from
>> https://database.clamav.net/daily.cvd
>> Thu Dec 29 13:36:56 2022 -> WARNING: remote_cvdhead: Download failed
>> (6) Thu Dec 29 13:36:56 2022 -> WARNING:  Message: Couldn't resolve
>> host name
>> Thu Dec 29 13:36:56 2022 -> WARNING: Failed to get daily database
>> version information from server: https://database.clamav.net
>> Thu Dec 29 13:36:56 2022 -> ERROR: check_for_new_database_version:
>> Failed to find daily database using server https://database.clamav.net.
>> Thu Dec 29 13:36:56 2022 -> Trying again in 5 secs...
>> Thu Dec 29 13:37:01 2022 -> Trying to retrieve CVD header from
>> https://database.clamav.net/daily.cvd
>> Thu Dec 29 13:37:01 2022 -> OK
>> Thu Dec 29 13:37:01 2022 -> daily database available for download
>> (remote version: 26765)
>> Thu Dec 29 13:37:12 2022 -> Testing database:
>> '/var/lib/clamav/tmp.3cb7e09743/clamav-85bea499e24cfdaa871411c2b4b92e38.tmp-daily.cvd' ...
>> Thu Dec 29 13:37:20 2022 -> Database test passed.
>> Thu Dec 29 13:37:20 2022 -> daily.cvd updated (version: 26765, sigs:
>> 2014567, f-level: 90, builder: raynman)
>> Thu Dec 29 13:37:20 2022 -> Trying to retrieve CVD header from
>> https://database.clamav.net/main.cvd
>> Thu Dec 29 13:37:20 2022 -> OK
>> Thu Dec 29 13:37:20 2022 -> main database available for download
>> (remote version: 62)
>> Thu Dec 29 13:37:47 2022 -> Testing database:
>> '/var/lib/clamav/tmp.3cb7e09743/clamav-3d85cd963c0af4f35466d5a069aff5e5.tmp-main.cvd' ...
>> Thu Dec 29 13:37:54 2022 -> Database test passed.
>> Thu Dec 29 13:37:54 2022 -> main.cvd updated (version: 62, sigs:
>> 6647427, f-level: 90, builder: sigmgr)
>> Thu Dec 29 13:37:54 2022 -> Trying to retrieve CVD header from
>> https://database.clamav.net/bytecode.cvd
>> Thu Dec 29 13:37:54 2022 -> OK
>> Thu Dec 29 13:37:54 2022 -> bytecode database available for download
>> (remote version: 333)
>> Thu Dec 29 13:37:54 2022 -> Testing database:
>> '/var/lib/clamav/tmp.3cb7e09743/clamav-e15dec8534c6c98f62a54cdab9ce00fb.tmp-bytecode.cvd' ...
>> Thu Dec 29 13:37:54 2022 -> Database test passed.
>> Thu Dec 29 13:37:54 2022 -> bytecode.cvd updated (version: 333, sigs:
>> 92, f-level: 63, builder: awillia2)
>
> When I run the same command later in the day, all is fine.
> What can I do to solve the issue?
>
> Regards,Marc
>
> _______________________________________________
>
> Manage your clamav-users mailing list subscription / unsubscribe:
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/Cisco-Talos/clamav-documentation
>
> https://docs.clamav.net/#mailing-lists-and-chat

--
Alexander Lochmann PGP key: 0xBC3EF6FD

[ Apologies, my previous reply failed to reach the list. ]

On Thu, 29 Dec 2022, newcomer01 wrote:

> Yes, the "Error-Log" comes only when freshclam will be started from reboot
> via cron job
>
> Did I understand you well?
>
> @reboot host -t txt current.cvd.clamav.net /etc/clamav/clamav_opts sigs_update 0

Hmm. I have never used cron events such as @reboot
and I don't have a file /etc/clamav/clamav_opts
I was expecting a script /etc/cron.daily/freshclam but I must
have written mine myself (though anacron would use such a file).

Are you using Ubuntu clamav .deb packages or ones from ClamAV ?

Reading about @system cron events, I would not use it to
update the clamav database. Instead I would rely on anacron
noticing that we missed running freshclam at the proper time,
so start it now if appropriate.
That or stick with the clamv-freshclam daemon/service.

> Von / From: Andrew C Aitchison <mailto:andrew@aitchison.me.uk>
> An / To: Newcomer01 <mailto:newcomer01@posteo.de>
> Gesendet / Sent: Donnerstag, Dezember 29, 2022 um 18:15 (at 06:15 PM) +0100
> Betreff / Subject: Re: [clamav-users] Problem with freshclam
>> On Thu, 29 Dec 2022, newcomer01 via clamav-users wrote:
>>
>>> Hi @ all,
>>>
>>> i have this problem with freshclam since long time and I can't fix it
>>> (Ubuntu
>>> 22.04.1)
>>> When i run freshclam? with a cron job (@rebot) this log come's up:
>> This is at reboot ?
>>
>> I think the problem is that the cron job is starting freshclam
>> before your network - specifically your DNS - is ready.
>> When you run the command on a system that has been up for some time
>> the DNS is ready so the problem does not occur.
>>
>> Two *possible* solutions:
>>
>> 1. Change your cron job to include the line
>> host -t txt current.cvd.clamav.net
>> before it runs "freshclam".
>> This may trigger the system to start the DNS service so that it is
>> ready when freshclam wants it.
>>
>> 2. Switch to using the systemd service "clamav-freshclam".
>> First disable your freshclam cron job, perhaps by
>> moving /etc/cron.d/clamav-freshclam elsewhere (if it exists).
>> Then something like
>> sudo systemctl enable clamav-freshclam
>> sudo systemctl status clamav-freshclam.service
>>
>> ----
>>
>> If I am right this isn't really an issue with freshclam
>> but with the way that all the pieces of the system have been put together.
>>
>> I note that the Ubuntu 22.10 clamav packages are designed to work with
>> systemd in preference to cron and I don't remember it having changed
>> since at least Ubuntu 20.04.
>>
>>
>>>> Thu Dec 29 13:36:51 2022 -> --------------------------------------
>>>> Thu Dec 29 13:36:51 2022 -> ClamAV update process started at Thu Dec 29
>>>> 13:36:51 2022
>>>> Thu Dec 29 13:36:51 2022 -> WARNING: Can't query current.cvd.clamav.net
>>>> Thu Dec 29 13:36:51 2022 -> WARNING: Invalid DNS reply. Falling back to
>>>> HTTP mode.
>>>> Thu Dec 29 13:36:51 2022 -> Trying to retrieve CVD header from
>>>> https://database.clamav.net/daily.cvd
>>>> Thu Dec 29 13:36:51 2022 -> WARNING: remote_cvdhead: Download failed (6)
>>>> Thu Dec 29 13:36:51 2022 -> WARNING:? Message: Couldn't resolve host name
>>>> Thu Dec 29 13:36:51 2022 -> WARNING: Failed to get daily database version
>>>> information from server: https://database.clamav.net
>>>> Thu Dec 29 13:36:51 2022 -> ERROR: check_for_new_database_version: Failed
>>>> to find daily database using server https://database.clamav.net.
>>>> Thu Dec 29 13:36:51 2022 -> Trying again in 5 secs...
>>>> Thu Dec 29 13:36:56 2022 -> Trying to retrieve CVD header from
>>>> https://database.clamav.net/daily.cvd
>>>> Thu Dec 29 13:36:56 2022 -> WARNING: remote_cvdhead: Download failed (6)
>>>> Thu Dec 29 13:36:56 2022 -> WARNING:? Message: Couldn't resolve host name
>>>> Thu Dec 29 13:36:56 2022 -> WARNING: Failed to get daily database version
>>>> information from server: https://database.clamav.net
>>>> Thu Dec 29 13:36:56 2022 -> ERROR: check_for_new_database_version: Failed
>>>> to find daily database using server https://database.clamav.net.
>>>> Thu Dec 29 13:36:56 2022 -> Trying again in 5 secs...
>>>> Thu Dec 29 13:37:01 2022 -> Trying to retrieve CVD header from
>>>> https://database.clamav.net/daily.cvd
>>>> Thu Dec 29 13:37:01 2022 -> OK
>>>> Thu Dec 29 13:37:01 2022 -> daily database available for download (remote
>>>> version: 26765)
>>>> Thu Dec 29 13:37:12 2022 -> Testing database:
>>>> '/var/lib/clamav/tmp.3cb7e09743/clamav-85bea499e24cfdaa871411c2b4b92e38.tmp-daily.cvd'
>>>> ...
>>>> Thu Dec 29 13:37:20 2022 -> Database test passed.
>>>> Thu Dec 29 13:37:20 2022 -> daily.cvd updated (version: 26765, sigs:
>>>> 2014567, f-level: 90, builder: raynman)
>>>> Thu Dec 29 13:37:20 2022 -> Trying to retrieve CVD header from
>>>> https://database.clamav.net/main.cvd
>>>> Thu Dec 29 13:37:20 2022 -> OK
>>>> Thu Dec 29 13:37:20 2022 -> main database available for download (remote
>>>> version: 62)
>>>> Thu Dec 29 13:37:47 2022 -> Testing database:
>>>> '/var/lib/clamav/tmp.3cb7e09743/clamav-3d85cd963c0af4f35466d5a069aff5e5.tmp-main.cvd'
>>>> ...
>>>> Thu Dec 29 13:37:54 2022 -> Database test passed.
>>>> Thu Dec 29 13:37:54 2022 -> main.cvd updated (version: 62, sigs: 6647427,
>>>> f-level: 90, builder: sigmgr)
>>>> Thu Dec 29 13:37:54 2022 -> Trying to retrieve CVD header from
>>>> https://database.clamav.net/bytecode.cvd
>>>> Thu Dec 29 13:37:54 2022 -> OK
>>>> Thu Dec 29 13:37:54 2022 -> bytecode database available for download
>>>> (remote version: 333)
>>>> Thu Dec 29 13:37:54 2022 -> Testing database:
>>>> '/var/lib/clamav/tmp.3cb7e09743/clamav-e15dec8534c6c98f62a54cdab9ce00fb.tmp-bytecode.cvd'
>>>> ...
>>>> Thu Dec 29 13:37:54 2022 -> Database test passed.
>>>> Thu Dec 29 13:37:54 2022 -> bytecode.cvd updated (version: 333, sigs: 92,
>>>> f-level: 63, builder: awillia2)
>>> When I run the same command later in the day, all is fine.
>>> What can I do to solve the issue?
>>>
>>> Regards,Marc

--
Andrew C. Aitchison Kendal, UK
andrew@aitchison.me.uk
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat