| | 
| From: | "Massimo S." <ecs-isp@2rosenthals.com> | 
 |  
| Subject: | Re: [eCS-ISP] (clamav) freshclam and cron/2 |  
| Date: | Sun, 29 Dec 2024 11:49:56 +0100 |  
| To: | eCS ISP Mailing List <ecs-isp@2rosenthals.com> |  | 
|---|
 
 
 Il 28/12/2024 03:11, Steven Levine ha scritto:
 
 In <list-11590842@2rosenthals.com>, on 12/27/24at 11:30 PM, "Massimo S." <ecs-isp@2rosenthals.com> said:
 
 Hi Massimo,
 
 
 now it installed also the certificates, but nothing changed, freshclamstill complain:
 
 
 Fri Dec 27 23:26:25 2024 -> downloadFile: Download source:https://database.clamav.net/daily.cvd Fri Dec 27 23:26:25 2024 ->
 downloadFile: Download destination:
 X:/usr/local/clamav/share/clamav/tmp.dfebd40db2/clamav-abaef3085449f10f20ed2baa912a0d29.tmp
 Fri Dec 27 23:26:25 2024 -> ERROR: Download failed (77) Fri Dec 27
 23:26:25 2024 -> ERROR:  Message: Problem  with the SSL CA cert (path?
 access rights?)
 Fri Dec 27 23:26:25 2024 -> ERROR: Can't download daily.cvd from
 https://database.clamav.net/daily.cvd Fri Dec 27 23:26:25 2024 -> Giving
 up on https://database.clamav.net... Fri Dec 27 23:26:25 2024 -> ERROR:
 Update failed for database: daily Fri Dec 27 23:26:25 2024 -> ERROR:
 Database update process failed: Connection failed Fri Dec 27 23:26:25
 2024 -> ERROR: Update failed.
 
 Hmmm.  When this failure occurred the first time, did you think to check
 if the daily.cvd file was accessible before blaming freshclam.
 
 Testing here, I get
 
 [d:\tmp]wgetx https://database.clamav.net/daily.cvd
 * wget --no-check-certificate -N ` https://database.clamav.net/daily.cvd`
 wget --no-check-certificate -N ` https://database.clamav.net/daily.cvd`
 --2024-12-27 18:10:53--  https://database.clamav.net/daily.cvd Resolving
 database.clamav.net (database.clamav.net)... 104.16.218.84, 104.16.219.84
 Connecting to database.clamav.net
 (database.clamav.net)|104.16.218.84|:443... connected. HTTP request sent,
 awaiting response... 403 Forbidden
 2024-12-27 18:10:54 ERROR 403: Forbidden.
 
 This in and of itself may not be a useful test since freshclam does not
 appear to download daily.cvd but rather downloads the files needed to
 update your local copy of daily.cvd.  I'll do some more testing tomorrow,
 if time permits.
 
 Running freshclam here worked perfectly and I neglected to log the
 requested URLs.
 
 Steven
 
 Hi,
 
 i believe that freshclam porting has some issue with paths
 since sometimes it download correctly all the small files that
 will update daily.cdv in a tmp subdir, but after it fails
 
 and i don't understand messages like this one:
 
 Sat Dec 28 21:35:23 2024 -> ~[LibClamAV] cli_rmdirs: Can't locate X:/usr/local/clamav/share/clamav/tmp.e77cb458f0: No such file or directory
 
 
 about this one instead:
 
 Fri Dec 27 23:26:25 2024 -> WARNING: Download failed (77) Fri Dec 27 23:26:25 2024 -> WARNING:  Message: Problem with the SSL CA cert (path? access rights?)
 
 i've finally fixed it with:
 
 set CURL_CA_BUNDLE=X:\etc\pki\ca-trust\extracted\pem\tls-ca-bundle.pem
 
 as from clamav docs:
 
 https://docs.clamav.net/faq/faq-freshclam.html#:~:text=First%20you%20may%20try%20installing%20the%20ca-certificates%20package.,path%20of%20the%20CA%20bundle%20on%20your%20system.
 
 let's see in the next days what happens with updates
 
 massmo
 
 
 
 
 
 
 |