Forums

Resolved
0 votes
I've just produced an updated clamav package (v 0.101.2) and it needs testing before it can be released to the community. It is best to update app-antivirus at the same time, so:
yum update clamav app-antivirus --enablerepo=clearos-updates-testing
If you don't update app-antivirus at the same time you'll get a couple of Deprecated Parameter warnings when the service clamd starts.

Please post any issues to this thread.
Thursday, June 27 2019, 06:33 PM
Share this post:
Responses (22)
  • Accepted Answer

    Friday, June 28 2019, 07:43 AM - #Permalink
    Resolved
    0 votes
    Issues seen so far:

    • Tries to add user clam to group virusgroup which does not exist. virusgroup is not needed.
    • On removal tries to remove folder and files already deleted. Perhaps leave stub files in place rather than duplicate signatures. This is an attempt to save 150MB of space over the previous installation method.
    • I had duplicate signatures as I had a cld file as well as a cvd signature file. This is only a warning. I could delete all cld files but this takes the signatures back to when clamav was compiled rather than current signatures for up to 2 hours until freshclam is run again. This would only affect users with cld signature files and would switch them to using cvd files instead.
    The reply is currently minimized Show
  • Accepted Answer

    Saturday, June 29 2019, 08:59 AM - #Permalink
    Resolved
    0 votes
    I am just pushing another build of clamav into the repos with minor tweaks:

    • No longer adds the group virusgroup. Anyone who installed the first version can remove the group with a "groupdel virusgroup"
    • Rather than delete the initial virus signatures, stub them to 0B so an uninstall does not throw a file not found warning.
    • Delete any existing cld files on installation. This is no worse than for a new install and only affects people with cld files. People who already have cvd files are unaffected.


    Once the build syncs to the repos, to update, do the usual:
    yum update clamav --enablerepo=clearos-updates-testing
    There is no need to update app-antivirus again as this has not changed.
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, July 04 2019, 06:17 PM - #Permalink
    Resolved
    0 votes
    Nick,

    I love to test it, but currently i do not have a test server any more.
    The best I can try is a dummy setup in VM
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, July 04 2019, 06:55 PM - #Permalink
    Resolved
    0 votes
    I will take a look this weekend and install this update on a ClearOS Community VM what is always running and not in my Virtualbox VM what is most of the time offline.
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, July 04 2019, 07:34 PM - #Permalink
    Resolved
    0 votes
    I am running it on my production box and a test box. On my production box I don't use the proxy so I can only check out the file scanning side and it correctly picks up the Eicar test file. On my test box I set up the proxy in transparent mode and again, it correctly picks up the Eicar test file when downloaded with http.

    Any testing you can do will help, thanks.
    The reply is currently minimized Show
  • Accepted Answer

    Saturday, July 06 2019, 02:26 PM - #Permalink
    Resolved
    0 votes
    Installing at the moment a VM for testing purpose. My existing VM's on my unRAID server have to less memory to test Clamav.
    The reply is currently minimized Show
  • Accepted Answer

    Saturday, July 06 2019, 02:34 PM - #Permalink
    Resolved
    0 votes
    Regarding the Community Meeting I knew there was some testing manner to test virus scanners. I didn't knew that this was called a EICAR test file. This is also a reason to attend the meeting there is always some interesting stuff and learning new things!
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, July 07 2019, 05:47 PM - #Permalink
    Resolved
    0 votes
    Tried to install ClearOS in a VM with the samba app but from time to time I have problems installing Samba also this time. For some reason it is not initializing..
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, July 07 2019, 08:19 PM - #Permalink
    Resolved
    0 votes
    I seem to remember samba does not initialise if it does not have a LAN interface in gateway mode which may have to be connected as well. I am not sure what the restrictions are in Standalone mode.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 09 2019, 11:44 AM - #Permalink
    Resolved
    0 votes
    The system is in standalone (no firewall). When I go to Windows Networking (Samba) the system displays "Account system is offline.". Also when I go to "Accounts --> Users or Groups" the same message is displayed. Server --> File --> Flexshares is the same..
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 09 2019, 12:10 PM - #Permalink
    Resolved
    0 votes
    Is this a Community system? Can you go to the command line and try restarting LDAP with a:
    service slapd restart
    service slapd status -l
    What is the output of the status command? Also, if it fails, the result of:
    journalctl -xe
    If there is nothing useful, can you try starting LDAP in debug mode:
    slapd -h "ldap://127.0.0.1/" -u ldap -f "/etc/openldap/slapd.conf" -d 256
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 09 2019, 12:23 PM - #Permalink
    Resolved
    0 votes
    I did something else before I saw your post. I removed Windows Networking (Samba). I also removed app-users

    Removed:


    Removing:
    app-certificate-manager noarch 1:2.5.1-1.v7 @clearos-verified 117 k
    app-flexshare-core noarch 1:2.4.14-1.v7 @clearos-verified 147 k
    app-ldap-core noarch 1:2.3.22-1.v7 @clearos-verified 206 k
    app-openldap-core noarch 1:2.5.5-1.v7 @clearos-verified 298 k
    app-openldap-directory-core noarch 1:2.5.1-1.v7 @clearos-verified 185 k
    app-samba noarch 1:3.5.3-1.v7 @clearos-verified 204 k
    app-samba-common-core noarch 1:2.5.1-1.v7 @clearos-verified 113 k
    app-samba-core noarch 1:3.5.3-1.v7 @clearos-verified 134 k
    app-samba-extension-core noarch 1:2.5.0-1.v7 @clearos-verified 27 k
    libarchive x86_64 3.1.2-10.el7_2 @clearos-centos 728 k
    libldb x86_64 1.3.4-1.el7 @clearos-centos 367 k
    libsmbclient x86_64 4.8.3-4.4.v7 @clearos-verified 156 k
    libtalloc x86_64 2.1.13-1.el7 @clearos-centos 60 k
    libtdb x86_64 1.3.15-1.el7 @clearos-centos 93 k
    libtevent x86_64 0.9.36-1.el7 @clearos-centos 65 k
    libtool-ltdl x86_64 2.4.2-22.el7_3 @clearos-centos 66 k
    libwbclient x86_64 4.8.3-4.4.v7 @clearos-verified 71 k
    nss-pam-ldapd x86_64 0.8.13-16.el7_6.1 @clearos-centos-updates 407 k
    openldap-clients x86_64 2.4.44-20.v7 @clearos-verified 571 k
    openldap-servers x86_64 2.4.44-20.v7 @clearos-verified 5.1 M
    pytalloc x86_64 2.1.13-1.el7 @clearos-centos 28 k
    samba x86_64 4.8.3-4.4.v7 @clearos-verified 1.9 M
    samba-client x86_64 4.8.3-4.4.v7 @clearos-verified 2.0 M
    samba-client-libs x86_64 4.8.3-4.4.v7 @clearos-verified 19 M
    samba-common noarch 4.8.3-4.4.v7 @clearos-verified 129 k
    samba-common-libs x86_64 4.8.3-4.4.v7 @clearos-verified 270 k
    samba-common-tools x86_64 4.8.3-4.4.v7 @clearos-verified 1.1 M
    samba-libs x86_64 4.8.3-4.4.v7 @clearos-verified 725 k
    samba-winbind x86_64 4.8.3-4.4.v7 @clearos-verified 1.6 M
    samba-winbind-clients x86_64 4.8.3-4.4.v7 @clearos-verified 148 k
    samba-winbind-modules x86_64 4.8.3-4.4.v7 @clearos-verified 79 k
    tdb-tools x86_64 1.3.15-1.el7 @clearos-centos 59 k


    Removed and reinstalled the package below:


    Removing:
    app-accounts noarch 1:2.5.0-1.v7 @anaconda/7.5.0.228724 91 k
    app-accounts-core noarch 1:2.5.0-1.v7 @anaconda/7.5.0.228724 730 k
    Removing for dependencies:
    app-groups noarch 1:2.3.24-1.v7 @anaconda/7.5.0.228724 42 k
    app-groups-core noarch 1:2.3.24-1.v7 @anaconda/7.5.0.228724 230 k
    app-user-profile noarch 1:2.5.1-1.v7 @clearos 24 k
    app-user-profile-core noarch 1:2.5.1-1.v7 @clearos 35 k
    app-users noarch 1:2.5.0-1.v7 @anaconda/7.5.0.228724 48 k
    app-users-core noarch 1:2.5.0-1.v7 @anaconda/7.5.0.228724 372 k


    ..but still "Account Manager Status Account system is offline.".

    Now checking your post!
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 09 2019, 12:28 PM - #Permalink
    Resolved
    0 votes
    [root@vm ~]# service slapd status -l
    Redirecting to /bin/systemctl status -l slapd.service
    ● slapd.service - OpenLDAP Server Daemon
    Loaded: loaded (/usr/lib/systemd/system/slapd.service; enabled; vendor preset: disabled)
    Active: active (running) since Tue 2019-07-09 14:24:56 CEST; 10s ago
    Docs: man:slapd
    man:slapd-config
    man:slapd-hdb
    man:slapd-mdb
    file:///usr/share/doc/openldap-servers/guide.html
    Process: 5966 ExecStart=/usr/sbin/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS (code=exited, status=0/SUCCESS)
    Process: 5931 ExecStartPre=/usr/libexec/openldap/prestart.sh (code=exited, status=0/SUCCESS)
    Main PID: 5968 (slapd)
    CGroup: /system.slice/slapd.service
    └─5968 /usr/sbin/slapd -u ldap -h ldap://127.0.0.1/


    [eaf087] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
    Jul 09 14:24:50 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
    Jul 09 14:24:50 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
    Jul 09 14:24:50 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
    Jul 09 14:24:50 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
    Jul 09 14:24:51 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
    Jul 09 14:24:51 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
    Jul 09 14:24:51 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
    Jul 09 14:24:51 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
    Jul 09 14:24:52 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
    Jul 09 14:24:52 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
    Jul 09 14:24:52 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
    Jul 09 14:24:52 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
    Jul 09 14:24:53 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
    Jul 09 14:24:53 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
    Jul 09 14:24:53 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
    Jul 09 14:24:53 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
    Jul 09 14:24:54 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
    Jul 09 14:24:54 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> no available LDAP server found: Can't contact LDAP server: Transport endpoint is not
    Jul 09 14:24:54 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
    Jul 09 14:24:54 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
    Jul 09 14:24:55 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
    Jul 09 14:24:55 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
    Jul 09 14:24:56 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
    Jul 09 14:24:56 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> no available LDAP server found: Can't contact LDAP server: Transport endpoint is not
    Jul 09 14:24:56 vm.lionux.lan slapd[5966]: @(#) $OpenLDAP: slapd 2.4.44 (Dec 4 2018 13:31:39) $
    mockbuild@build64-1.clearsdn.local:/builddir/build/BUILD/openldap-2.4.44/openldap-2.4.44/servers/slapd


    I think the above error is the problem!
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 09 2019, 12:39 PM - #Permalink
    Resolved
    0 votes
    Did the lastest command you advised: "slapd -h "ldap://127.0.0.1/" -u ldap -f "/etc/openldap/slapd.conf" -d 256"

    [root@vm ~]# slapd -h "ldap://127.0.0.1/" -u ldap -f "/etc/openldap/slapd.conf" -d 256
    5d248a7f @(#) $OpenLDAP: slapd 2.4.44 (Dec 4 2018 13:31:39) $
    mockbuild@build64-1.clearsdn.local:/builddir/build/BUILD/openldap-2.4.44/openldap-2.4.44/servers/slapd
    5d248a7f daemon: bind(7) failed errno=98 (Address already in use)
    5d248a7f slapd stopped.
    5d248a7f connections_destroy: nothing to destroy.


    It seems the address is in use (port?)..
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 09 2019, 12:53 PM - #Permalink
    Resolved
    0 votes
    Btw this is indeed a community system!
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 09 2019, 01:23 PM - #Permalink
    Resolved
    0 votes
    @Marcel,
    I think your system is well and truly broken. It looks like you've used "yum remove" and removed a number of critical dependencies. You've removed a lot of openldap stuff and a few other bits and pieces. I'd suggest a reinstallation at this point. You could try reinstalling all that you removed, but the damage may be greater.

    If you ever do a "yum remove" you have to carefully check the dependencies before you hit "y".
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 09 2019, 01:26 PM - #Permalink
    Resolved
    0 votes
    If the address is in use:
    netstat -npl | grep :389
    to see what is using it, but from your previous command LDAP is already running.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 09 2019, 02:11 PM - #Permalink
    Resolved
    0 votes
    Yes, I know. I'm not careful with VM's ;)

    But I removed with the "yum history undo ID" so that probably only where packages installed when I installed Windows Networking.

    Output of "netstat -npl | grep :389"

    [root@vm ~]# netstat -npl | grep :389
    tcp 0 0 127.0.0.1:389 0.0.0.0:* LISTEN 3343/slapd
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 09 2019, 02:37 PM - #Permalink
    Resolved
    0 votes
    That output was predictable. You could see from your earlier output that slapd was running so there is no point in starting it interactively as well. I suspect you current problem is because a lot of the underlying system has been removed. As you have not given the re-installation bit, I don't know which bits have been re-added and which may be missing.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 09 2019, 06:07 PM - #Permalink
    Resolved
    0 votes
    True.

    To be honest it's not worth the hassle to diagnostic and solve this issue. I just do a re-install! :)

    ..but the samba issues occur from time to time for me it was a clean install and for some reason samba doesn't want to initialize..
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 23 2019, 12:56 AM - #Permalink
    Resolved
    0 votes
    Would be interested when this is out of testing, tired of rebooting my clearos router PC and having to reinstall gateway antivirus.
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, July 23 2019, 07:12 AM - #Permalink
    Resolved
    0 votes
    It was released a couple of weeks ago to the Community, iirc.

    If you are still having problems, please can you try increasing the TimeoutStartSec to something like 300 in /usr/lib/systemd/system/clamd.service then run "systemctl daemon-reload" and try starting ClamAV ("service clamd start").
    The reply is currently minimized Show
Your Reply