cannot update freshclam [Solved]

[phnxttt]

hi I am trying to update virus definitions with freshclam (clamav) but it gives me a message :

ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions!).
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
what can I do?
ps I am a new sabayouser

andrea

[Fitzcarraldo]

Try adding your user account and the root user's account to the clamav group. Open a Konsole/Terminal window and enter the following commands:

Code: Select all

$ su
Password:  <---- Enter the root user's password here, not yours.
# usermod -a -G clamav root
# usermod -a -G clamav phnxttt
# exit
$ 

Then reboot and try again.

[philisse]

Hello,

To fix this

# rm /var/log/clamav/freshclam.log
# freshclam

That's work
That's all Folk's !

[phnxttt]

Even if i do like first reply message explain it doesn't work,same message.
and for the second reply I have an empy folder and path var-log-clamav.

any ideas?

[Fitzcarraldo]

Post the output of the command ls -la /var/log

[phnxttt]

drwxr-xr-x 13 root root 4096 16 apr 11.38 .
drwxr-xr-x 15 root root 4096 15 apr 00.22 ..
-rw------- 1 root root 14924 11 apr 10.55 anaconda.log
-rw------- 1 root root 41285 11 apr 10.55 anaconda.program.log
-rw------- 1 root root 412459 11 apr 10.55 anaconda.storage.log
drwxr-xr-x 2 haldaemon dhcp 4096 14 apr 00.04 clamav
drwxr-xr-x 2 root root 4096 12 apr 02.20 ConsoleKit
drwxr-xr-x 2 root root 4096 11 apr 10.51 cups
-rw-r----- 1 root root 31319 16 apr 11.38 dmesg
drwxr-xr-x 2 root root 4096 12 apr 01.12 entropy
-rw------- 1 root root 24048 13 apr 23.45 faillog
drwxr-xr-x 2 root root 4096 16 apr 11.38 gdm
drwxr-xr-x 2 root root 4096 11 apr 10.55 installer
-rw-r--r-- 1 root root 292584 13 apr 23.45 lastlog
-rw------- 1 root root 1382874 16 apr 11.45 messages
drwxr-x--- 2 mysql mysql 4096 12 apr 02.23 mysql
drwxr-xr-x 2 root root 4096 11 apr 10.51 news
-rw-r--r-- 1 root root 2002 16 apr 11.38 pm-powersave.log
-rw-r--r-- 1 root root 6595 14 apr 23.55 pm-suspend.log
drwxr-xr-x 2 root root 4096 16 giu 2009 portage
-rw-r--r-- 1 root root 75557 16 apr 11.38 rc.log
-rw------- 1 root root 122814 15 apr 00.30 rkhunter.log
-rw------- 1 root root 5596 15 apr 00.22 rkhunter.log.old
drwxr-xr-x 2 root root 4096 12 apr 01.12 samba
drwxrwx--- 2 root portage 4096 11 apr 10.51 sandbox
-rw-rw-r-- 1 root utmp 324096 16 apr 11.47 wtmp
-rw-r--r-- 1 root root 23128 16 apr 11.38 Xorg.0.log
-rw-r--r-- 1 root root 22542 15 apr 21.27 Xorg.0.log.old

[Fitzcarraldo]

Here's mine:

Code: Select all

$ ls -la /var/log
total 9880
drwxr-xr-x 15 root     root       4096 Apr 16 13:54 .
drwxr-xr-x 14 root     root       4096 Sep 19  2009 ..
drwxr-xr-x  2 clamav   clamav     4096 Apr 11 08:50 clamav
drwxr-xr-x  2 root     root       4096 Feb 12 00:21 ConsoleKit
drwxr-xr-x  2 root     root       4096 Mar 14 11:57 cups
-rw-r-----  1 root     root      31322 Apr 16 13:54 dmesg
-rw-rw----  1 portage  portage   93291 Apr 16 14:10 emerge-fetch.log
-rw-rw----  1 portage  portage 4468904 Apr 16 14:09 emerge.log
-rw-------  1 root     root      32096 Apr 10 22:58 faillog
drwxr-xr-x  2 festival audio      4096 Jan 13 20:43 festival
-rw-r--r--  1 root     root     725389 Feb 17 12:57 genkernel.log
-rwxr-xr-x  1 root     root        336 Mar 30  2010 grub2-installer.log
-rw-------  1 root     root       1019 Dec 29 11:01 hibernate.log
-rw-r--r--  1 root     root       3478 Mar 30  2010 installer.log
-rw-r--r--  1 root     root       1084 Mar 30  2010 installer.stderr.log
-rw-r--r--  1 root     root     320069 Apr 16 13:55 kdm.log
-rw-r--r--  1 root     root      40398 Feb 13 05:10 kdm.log-20110213.gz
-rw-r--r--  1 root     root     292876 Apr 16 13:55 lastlog
-rw-------  1 root     root    1299763 Apr 16 14:10 messages
-rw-------  1 root     root     599599 Mar 14 16:10 messages-20110314.gz
-rw-------  1 root     root     165418 Mar 27 10:30 messages-20110327.gz
-rw-------  1 root     root     283607 Apr  4 05:50 messages-20110404.gz
-rw-------  1 root     root     464520 Apr 11 08:50 messages-20110411.gz
drwxr-x---  2 mysql    mysql      4096 Feb 12 07:45 mysql
drwxr-xr-x  2 mysql    mysql      4096 Mar 30  2010 mysql-500
drwxr-xr-x  2 root     root       4096 Mar 30  2010 news
drwxr-xr-x  2 root     root       4096 Mar 30  2010 panda
-rw-r--r--  1 root     root       2392 Apr 16 13:55 pm-powersave.log
-rw-r--r--  1 root     root       6635 Apr 14 17:38 pm-suspend.log
drwxr-xr-x  3 root     root       4096 Mar 30  2010 portage
-rw-r--r--  1 root     root       1580 Dec  3  2005 python-updater.log
-rw-r--r--  1 root     root          0 Feb 14 06:20 rc.log
-rw-r--r--  1 root     root       4892 Jan 24 09:55 rc.log-20110124.gz
-rw-r--r--  1 root     root       3699 Jan 31 16:04 rc.log-20110131.gz
-rw-r--r--  1 root     root       3823 Feb  7 04:26 rc.log-20110207.gz
-rw-r--r--  1 root     root       3144 Feb 11 18:59 rc.log-20110214.gz
drwxr-xr-x  3 root     root       4096 Jan 31 17:13 samba
drwxr-xr-x  2 root     root     196608 Apr 14 08:13 samba3
drwxrwx---  2 root     portage    4096 Feb 11 21:41 sandbox
drwxr-xr-x  2 tor      tor        4096 Mar 30  2010 tor
-rw-rw-r--  1 root     utmp     674688 Apr 16 14:10 wtmp
-rw-rw-r--  1 root     utmp      28736 Apr  1 15:52 wtmp-20110401.gz
-rw-r--r--  1 root     root       1967 Jul 31  2010 xdm.log
-rw-r--r--  1 root     root      89635 Apr 16 13:56 Xorg.0.log
-rw-r--r--  1 root     root     149343 Apr 15 19:20 Xorg.0.log.old

Notice: drwxr-xr-x 2 clamav clamav 4096 Apr 11 08:50 clamav

You have: drwxr-xr-x 2 haldaemon dhcp 4096 14 apr 00.04 clamav

I have a user clamav:

Code: Select all

# awk -F: '{ print "username: " $1 "\t\tuid:" $3 }' /etc/passwd | grep clamav
username: clamav                uid:102

Do you have a user clamav? If not, you need to add one.

I have a group clamav:

Code: Select all

# awk -F: '{ print $1 }' /etc/group | grep clamav
clamav

Do you have a group clamav? If not, you need to add one.

Then do:

Code: Select all

chown clamav:clamav /var/log/clamav

What do you have inside the /var/log/clamav/ directory? Here are the contents of mine:

Code: Select all

# ls -la
total 40
drwxr-xr-x  2 clamav clamav 4096 Apr 11 08:50 .
drwxr-xr-x 15 root   root   4096 Apr 16 13:54 ..
-rw-r-----  1 clamav root      0 Apr 11 08:50 clamd.log
-rw-r-----  1 clamav root     20 Mar  7 04:40 clamd.log-20110314.gz
-rw-r-----  1 clamav root     20 Mar 14 16:10 clamd.log-20110327.gz
-rw-r-----  1 clamav root     20 Mar 27 10:30 clamd.log-20110404.gz
-rw-r-----  1 clamav root     20 Apr  4 05:50 clamd.log-20110411.gz
-rw-r-----  1 clamav clamav    0 Apr 11 08:50 freshclam.log
-rw-r-----  1 clamav clamav   20 Mar  7 04:40 freshclam.log-20110314.gz
-rw-r-----  1 clamav clamav   20 Mar 14 16:10 freshclam.log-20110327.gz
-rw-r-----  1 clamav clamav   20 Mar 27 10:30 freshclam.log-20110404.gz
-rw-r-----  1 clamav clamav   20 Apr  4 05:50 freshclam.log-20110411.gz
-rw-r--r--  1 root   root      0 Feb 27 00:27 .keep_app-antivirus_clamav-0

[phnxttt]

ERROR: Can't open/parse the config file /usr/local/etc/freshclam.conf
(that is an empy folder)

do I need to unistall and re-install?

[Fitzcarraldo]

You could try, I suppose. How on Earth you ended up with haldaemon as the owner and dhcp as the group for the directory /var/log/clamav/ is anybody's guess. Very strange. You might want to delete all those clamav directories before re-installing.

[phnxttt]

ok.,now it works.i manually changed owner of var-lib-clamav folder,added user clamav .the last strange message is that clamd is not working but now freshclam does the update and clamscan does the check.thank you everybody for the help.andrea