search

widdix / aws-s3-virusscan

Antivirus for Amazon S3
https://bucketav.com/
Apache License 2.0
525 stars 127 forks source link

f_update_clamav_db failing because of daily.cvd version #71

Closed loadaverage closed 3 years ago

loadaverage commented 3 years ago

Today s3-virusscan workers stopped working, SQS messages were not consumed by workers, future investigation showed that execution of freshclam was failed and because of this, workers couldn't start:

dhclient[2259]: XMT: Solicit on eth0, interval 75660ms.
cloud-init: Error occurred during build: Command f_update_clamav_db failed
cloud-init: ++ /opt/aws/bin/cfn-signal -e 1 --stack s3-virusscan --resource ScanAutoScalingGroup --region eu-west-1

execution from the instance:

[root@ip-XX-XX-XX-XX bin]# freshclam
ClamAV update process started at Wed Jan  6 20:13:32 2021
daily database available for download (remote version: 26041)
Time:    1.6s, ETA:    0.0s [========================>]  107.46MiB/107.46MiB
ERROR: The daily.cvd database downloaded from https://database.clamav.net is more than one version older than the version advertised in the DNS TXT record.
Trying again in 5 secs...
daily database available for download (remote version: 26041)
Time:    1.6s, ETA:    0.0s [========================>]  107.46MiB/107.46MiB
ERROR: The daily.cvd database downloaded from https://database.clamav.net is more than one version older than the version advertised in the DNS TXT record.
Trying again in 5 secs...
daily database available for download (remote version: 26041)
Time:    2.1s, ETA:    0.0s [========================>]  107.46MiB/107.46MiB
ERROR: The daily.cvd database downloaded from https://database.clamav.net is more than one version older than the version advertised in the DNS TXT record.
Giving up on https://database.clamav.net...
ERROR: Update failed for database: daily
WARNING: fc_update_databases: fc_update_database failed: Downloaded database had lower version than advertised (12)
ERROR: Database update process failed: Downloaded database had lower version than advertised (12)
ERROR: Update failed.

As a quickfix, I've updated f_update_clamav_db to freshclam --no-dns:

f_update_clamav_db:
  command: freshclam --no-dns

I understand that current issue is not related to s3-virusscan directly, but it would be good to handle such issues (e.g. with trap).

michaelwittig commented 3 years ago

This looks like a temporary issue with ClamAV update servers?

michaelwittig commented 3 years ago

closed due to inactivity