Mailing List ecs-isp@2rosenthals.com Message #1128
From: "Massimo S." <ecs-isp@2rosenthals.com>
Subject: Re: [eCS-ISP] (clamav) freshclam and cron/2
Date: Sun, 29 Dec 2024 11:49:56 +0100
To: eCS ISP Mailing List <ecs-isp@2rosenthals.com>



Il 28/12/2024 03:11, Steven Levine ha scritto:
In <list-11590842@2rosenthals.com>, on 12/27/24
    at 11:30 PM, "Massimo S." <ecs-isp@2rosenthals.com> said:

Hi Massimo,

now it installed also the certificates, but nothing changed, freshclam
still complain:

Fri Dec 27 23:26:25 2024 -> downloadFile: Download source:
https://database.clamav.net/daily.cvd Fri Dec 27 23:26:25 2024 ->
downloadFile: Download destination:
X:/usr/local/clamav/share/clamav/tmp.dfebd40db2/clamav-abaef3085449f10f20ed2baa912a0d29.tmp
Fri Dec 27 23:26:25 2024 -> ERROR: Download failed (77) Fri Dec 27
23:26:25 2024 -> ERROR:  Message: Problem  with the SSL CA cert (path?
access rights?)
Fri Dec 27 23:26:25 2024 -> ERROR: Can't download daily.cvd from
https://database.clamav.net/daily.cvd Fri Dec 27 23:26:25 2024 -> Giving
up on https://database.clamav.net... Fri Dec 27 23:26:25 2024 -> ERROR:
Update failed for database: daily Fri Dec 27 23:26:25 2024 -> ERROR:
Database update process failed: Connection failed Fri Dec 27 23:26:25
2024 -> ERROR: Update failed.

Hmmm.  When this failure occurred the first time, did you think to check
if the daily.cvd file was accessible before blaming freshclam.

Testing here, I get

[d:\tmp]wgetx https://database.clamav.net/daily.cvd
* wget --no-check-certificate -N ` https://database.clamav.net/daily.cvd`
wget --no-check-certificate -N ` https://database.clamav.net/daily.cvd`
--2024-12-27 18:10:53--  https://database.clamav.net/daily.cvd Resolving
database.clamav.net (database.clamav.net)... 104.16.218.84, 104.16.219.84
Connecting to database.clamav.net
(database.clamav.net)|104.16.218.84|:443... connected. HTTP request sent,
awaiting response... 403 Forbidden
2024-12-27 18:10:54 ERROR 403: Forbidden.

This in and of itself may not be a useful test since freshclam does not
appear to download daily.cvd but rather downloads the files needed to
update your local copy of daily.cvd.  I'll do some more testing tomorrow,
if time permits.

Running freshclam here worked perfectly and I neglected to log the
requested URLs.

Steven

Hi,

i believe that freshclam porting has some issue with paths
since sometimes it download correctly all the small files that
will update daily.cdv in a tmp subdir, but after it fails

and i don't understand messages like this one:

Sat Dec 28 21:35:23 2024 -> ~[LibClamAV] cli_rmdirs: Can't locate X:/usr/local/clamav/share/clamav/tmp.e77cb458f0: No such file or directory


about this one instead:

Fri Dec 27 23:26:25 2024 -> WARNING: Download failed (77) Fri Dec 27 23:26:25 2024 -> WARNING:  Message: Problem with the SSL CA cert (path? access rights?)

i've finally fixed it with:

set CURL_CA_BUNDLE=X:\etc\pki\ca-trust\extracted\pem\tls-ca-bundle.pem

as from clamav docs:

https://docs.clamav.net/faq/faq-freshclam.html#:~:text=First%20you%20may%20try%20installing%20the%20ca-certificates%20package.,path%20of%20the%20CA%20bundle%20on%20your%20system.

let's see in the next days what happens with updates

massmo





Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster