Mailing List ecs-isp@2rosenthals.com Archived Message #579

From: "Paul Smedley" <ecs-isp@2rosenthals.com> Full Headers
Undecoded message
Subject: Re: [eCS-ISP] ClamAV
Date: Sun, 15 Oct 2023 17:45:24 +1030
To: eCS ISP Mailing List <ecs-isp@2rosenthals.com>

Hi Steven,

On 15/10/23 12:21, Steven Levine wrote:
In <list-8112330@2rosenthals.com>, on 10/14/23
    at 05:24 PM, "Paul Smedley" <ecs-isp@2rosenthals.com> said:

Hi Paul,

I get to update libc later.  On a positive note, I learned something new
After the libc update, I find that ClamAV had put me on timeout for too
many failures yesterday so I switched back to working on clamscan.

IIRC - it creates a text file somewhere locally for this - remove the text file and you're un-banned :)


For some reason, at first is claimed

clamscan --debug --verbose --database=/Internet/clamav/lib --recursive=yes
/tmp/ LibClamAV debug: searching for unrar, user-searchpath: /clamav/lib
LibClamAV debug: searching for unrar: libclamunrar_iface.dll.9.0.5 not
found LibClamAV debug: searching for unrar: libclamunrar_iface.dll.9 not
found LibClamAV debug: searching for unrar: libclamunrar_iface.dll not
found LibClamAV debug: searching for unrar: libclamunrar_iface.a not found
LibClamAV debug: Cannot dlopen libclamunrar_iface: dlopen rc=2
extra=LIBCLAMUNRAR_IFACE.A - unrar support unavailable LibClamAV debug:
Initialized 0.103.6 engine
LibClamAV debug: Initializing phishcheck module
LibClamAV debug: Phishcheck: Compiling regex: ^
*(http|https|ftp:(//)?)?[0-9]{1,3}(\.[0-9]{1,3}){3}[/?:]? *$ LibClamAV
debug: Phishcheck module initialized
LibClamAV debug: Bytecode initialized in interpreter mode
LibClamAV debug: Loading databases from /Internet/clamav/lib
LibClamAV Error: cli_loaddbdir(): No supported database files found in
/Internet/clamav/lib ERROR: Can't open file or directory
LibClamAV debug: Cleaning up phishcheck
LibClamAV debug: Freeing phishcheck struct
LibClamAV debug: Phishcheck cleaned up

However, after some .cvd and .exe file shuffling, this went away.  What I
did that actually fixed it is probably going to remain a mystery.
Yep,  I've never seen that before :P
Does it make sense to update the sources to 0.103.10, which seems to be
the latest 0.103 LTS?  The logs show mostly unrar fixes, which don't
really apply to us. However, as I read

   https://docs.clamav.net/faq/faq-eol.html#version-support-matrix

it is possible that 0.103.6 could get locked out of access to .cvd updates
if the versions turns out to be problematic.  Given that 0.103.6 is
already pretty old, this is probably not going to happen until 0.103 goes
out of support.

your wish is my command - https://github.com/psmedley/clamav-os2 & https://smedley.id.au/tmp/clamav-0.103.10-os2-20231015-debug.zip

Cheers,

Paul


Subscribe: Feed, Digest, Index.
Unsubscribe
Mail to ListMaster