search

extremeshok / clamav-unofficial-sigs

ClamAV Unofficial Signatures Updater maintained by eXtremeSHOK.com
https://eXtremeSHOK.com
Other
518 stars 118 forks source link

Error on install : (Can't find or parse configuration file /etc/clamav/clamd.conf) ?? #219

Closed mjb-v9-5-2 closed 5 years ago

mjb-v9-5-2 commented 5 years ago

THE PROBLEM

clamscan crashed upon execution of clamav-unofficial-sigs.sh install.

freshclam.log reported the following problems:

ERROR: NotifyClamd: Can't find or parse configuration file /etc/clamav/clamd.conf

WARNING: Local version: 0.100.2 Recommended version: 0.101.2

HOW TO REPRODUCE THE PROBLEM:

Follow install steps on clamav github page for clamav-unofficial-sigs:

(https://github.com/extremeshok/clamav-unofficial-sigs#securiteinfo-freedelayed-list-support-as-of-june-2015)

Got as far as the step that involves executing install:

$ sudo clamav-unofficial-sigs.sh --install_cron

I went away while it was running. When I came back, the install had completed, but Ubuntu reported a system error. Running the install script again with the same option elicited a report saying all was well. Software updater was running at the same time as I ran the install script.

APPORT LOG:

ERROR: apport (pid 22413) Fri Apr 5 16:37:45 2019: called for pid 22412, signal 6, core limit 0, dump mode 1 ERROR: apport (pid 22413) Fri Apr 5 16:37:45 2019: executable: /usr/bin/clamscan (command line "/usr/bin/clamscan --quiet -d /var/lib/clamav-unofficial-sigs/dbs-yara/antidebug_antivm.yar /var/lib/clamav-unofficial-sigs/configs/scan-test.txt") ERROR: apport (pid 22413) Fri Apr 5 16:37:45 2019: is_closing_session(): no DBUS_SESSION_BUS_ADDRESS in environment ERROR: apport (pid 22413) Fri Apr 5 16:37:46 2019: wrote report /var/crash/_usr_bin_clamscan.0.crash

CLAMAV VERSION:

ClamAV 0.100.2/25410/Fri Apr 5 08:58:26 2019

CLAMCONF -N:

Checking configuration files in /etc/clamav

Config file: clamd.conf

PreludeAnalyzerName = "ClamAV" LogFile = "/var/log/clamav/clamav.log" LogFileMaxSize = "4294967295" LogTime = "yes" LogRotate = "yes" ExtendedDetectionInfo = "yes" LocalSocket = "/var/run/clamav/clamd.ctl" LocalSocketGroup = "clamav" LocalSocketMode = "666" MaxConnectionQueueLength = "15" MaxThreads = "12" ReadTimeout = "180" SendBufTimeout = "200" SelfCheck = "3600" User = "clamav" BytecodeTimeout = "60000" PCREMatchLimit = "10000" ScanOnAccess disabled

Config file: freshclam.conf

LogFileMaxSize = "4294967295" LogTime = "yes" LogRotate = "yes" UpdateLogFile = "/var/log/clamav/freshclam.log" Checks = "24" DatabaseMirror = "db.local.clamav.net", "database.clamav.net" MaxAttempts = "5"

clamav-milter.conf not found

Software settings

Version: 0.100.2 Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2 LIBXML2 PCRE ICONV JSON JIT

Database information

Database directory: /var/lib/clamav [3rd Party] spamattach.hdb: 14 sigs [3rd Party] winnow_malware.hdb: 293 sigs [3rd Party] hackingteam.hsb: 435 sigs [3rd Party] EK_Blackhole.yar: 453 sigs [3rd Party] winnow_extended_malware.hdb: 245 sigs [3rd Party] bofhland_cracked_URL.ndb: 36 sigs [3rd Party] securiteinfohtml.hdb: 44529 sigs [3rd Party] porcupine.ndb: 5439 sigs [3rd Party] EK_Zerox88.yar: 55 sigs [3rd Party] winnow_bad_cw.hdb: 1 sig [3rd Party] spamimg.hdb: 192 sigs [3rd Party] winnow.attachments.hdb: 182 sigs [3rd Party] securiteinfoascii.hdb: 82121 sigs [3rd Party] javascript.ndb: 44170 sigs [3rd Party] bofhland_phishing_URL.ndb: 14 sigs [3rd Party] jurlbl.ndb: 5282 sigs [3rd Party] EK_Crimepack.yar: 49 sigs daily.cvd: version 25410, sigs: 1552552, built on Fri Apr 5 08:58:26 2019 [3rd Party] EK_BleedingLife.yar: 112 sigs bytecode.cvd: version 328, sigs: 94, built on Wed Jan 2 14:42:37 2019 [3rd Party] winnow_malware_links.ndb: 135 sigs [3rd Party] foxhole_generic.cdb: 211 sigs [3rd Party] foxhole_filename.cdb: 2326 sigs [3rd Party] EK_Eleonore.yar: 165 sigs [3rd Party] EK_Sakura.yar: 62 sigs [3rd Party] EK_Angler.yar: 283 sigs [3rd Party] rfxn.ndb: 2035 sigs [3rd Party] securiteinfoandroid.hdb: 104911 sigs [3rd Party] porcupine.hsb: 404 sigs [3rd Party] securiteinfopdf.hdb: 3409 sigs [3rd Party] EK_Fragus.yar: 210 sigs [3rd Party] EK_ZeroAcces.yar: 211 sigs [3rd Party] Sanesecurity_spam.yara: 46 sigs [3rd Party] blurl.ndb: 12292 sigs [3rd Party] EK_Phoenix.yar: 483 sigs [3rd Party] sanesecurity.ftm: 170 sigs [3rd Party] malwarepatrol.db: 0 sig [3rd Party] rogue.hdb: 5581 sigs [3rd Party] malwarehash.hsb: 771 sigs [3rd Party] junk.ndb: 57718 sigs [3rd Party] securiteinfo.hdb: 462357 sigs [3rd Party] rfxn.hdb: 12713 sigs [3rd Party] phish.ndb: 27676 sigs [3rd Party] phishtank.ndb: 9496 sigs [3rd Party] EK_Zeus.yar: 28 sigs [3rd Party] bofhland_malware_attach.hdb: 1836 sigs [3rd Party] scam.ndb: 12570 sigs [3rd Party] bofhland_malware_URL.ndb: 620 sigs main.cvd: version 58, sigs: 4566249, built on Wed Jun 7 22:38:10 2017 [3rd Party] Sanesecurity_sigtest.yara: 54 sigs Total number of signatures: 7021290

Platform information

uname: Linux 4.15.0-46-generic #49-Ubuntu SMP Wed Feb 6 09:33:07 UTC 2019 x86_64 OS: linux-gnu, ARCH: x86_64, CPU: x86_64 Full OS version: Ubuntu 18.04.2 LTS zlib version: 1.2.11 (1.2.11), compile flags: a9 Triple: x86_64-pc-linux-gnu CPU: ivybridge, Little-endian platform id: 0x0a215d5d0807030001070300

Build information

GNU C: 7.3.0 (7.3.0) GNU C++: 7.3.0 (7.3.0) CPPFLAGS: -Wdate-time -D_FORTIFY_SOURCE=2 CFLAGS: -g -O2 -fdebug-prefix-map=/build/clamav-cLkyBm/clamav-0.100.2+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 CXXFLAGS: -g -O2 -fdebug-prefix-map=/build/clamav-cLkyBm/clamav-0.100.2+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 LDFLAGS: -Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed Configure: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu' '--libexecdir=/usr/lib/x86_64-linux-gnu' '--runstatedir=/run' '--disable-maintainer-mode' '--disable-dependency-tracking' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/clamav-cLkyBm/clamav-0.100.2+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fdebug-prefix-map=/build/clamav-cLkyBm/clamav-0.100.2+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'LDFLAGS=-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -Wl,--as-needed' '--with-dbdir=/var/lib/clamav' '--sysconfdir=/etc/clamav' '--disable-clamav' '--disable-unrar' '--enable-milter' '--enable-dns-fix' '--with-libjson' '--with-system-libmspack' '--with-libcurl=/usr' '--with-gnu-ld' '-with-system-llvm=/usr/bin/llvm-config-3.9' '--with-llvm-linking=dynamic' '--with-systemdsystemunitdir=/lib/systemd/system' 'build_alias=x86_64-linux-gnu' sizeof(void*) = 8 Engine flevel: 93, dconf: 93

sudo clamav-unofficial-sigs.sh --install_cron

clamscan prompted system error after following execution

UNOFFICIAL SIG DBS:

clamav-unofficial-sigs, with paid subscriptions to Malware Patrol and SecuriteInfo

SYSTEM:

Linux 4.15.0-46-generic x86_64 x86_64

LIB VERSIONS:

ii libc-bin 2.27-3ubuntu1 amd64 GNU C Library: Binaries ii libc6:amd64 2.27-3ubuntu1 amd64 GNU C Library: Shared libraries ii libc6:i386 2.27-3ubuntu1 i386 GNU C Library: Shared libraries

ii zlib1g:amd64 1:1.2.11.dfsg-0ubuntu2 amd64 compression library - runtime ii zlib1g:i386 1:1.2.11.dfsg-0ubuntu2 i386 compression library - runtime

mjb-v9-5-2 commented 5 years ago

https://askubuntu.com/questions/589318/freshclam-error-clamd-conf-file-not-found/632911

extremeshok commented 5 years ago

@mjb-v9-5-2 thank you, added the note to INSTALL