I've just produced an updated clamav package (v 0.101.2) and it needs testing before it can be released to the community. It is best to update app-antivirus at the same time, so:
Please post any issues to this thread.
yum update clamav app-antivirus --enablerepo=clearos-updates-testing
If you don't update app-antivirus at the same time you'll get a couple of Deprecated Parameter warnings when the service clamd starts.Please post any issues to this thread.
Share this post:
Responses (22)
-
Accepted Answer
Issues seen so far:
- Tries to add user clam to group virusgroup which does not exist. virusgroup is not needed.
- On removal tries to remove folder and files already deleted. Perhaps leave stub files in place rather than duplicate signatures. This is an attempt to save 150MB of space over the previous installation method.
- I had duplicate signatures as I had a cld file as well as a cvd signature file. This is only a warning. I could delete all cld files but this takes the signatures back to when clamav was compiled rather than current signatures for up to 2 hours until freshclam is run again. This would only affect users with cld signature files and would switch them to using cvd files instead.
- Tries to add user clam to group virusgroup which does not exist. virusgroup is not needed.
-
Accepted Answer
I am just pushing another build of clamav into the repos with minor tweaks:
- No longer adds the group virusgroup. Anyone who installed the first version can remove the group with a "groupdel virusgroup"
- Rather than delete the initial virus signatures, stub them to 0B so an uninstall does not throw a file not found warning.
- Delete any existing cld files on installation. This is no worse than for a new install and only affects people with cld files. People who already have cvd files are unaffected.
Once the build syncs to the repos, to update, do the usual:
There is no need to update app-antivirus again as this has not changed.yum update clamav --enablerepo=clearos-updates-testing
- No longer adds the group virusgroup. Anyone who installed the first version can remove the group with a "groupdel virusgroup"
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
I am running it on my production box and a test box. On my production box I don't use the proxy so I can only check out the file scanning side and it correctly picks up the Eicar test file. On my test box I set up the proxy in transparent mode and again, it correctly picks up the Eicar test file when downloaded with http.
Any testing you can do will help, thanks. -
Accepted Answer
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
Is this a Community system? Can you go to the command line and try restarting LDAP with a:
What is the output of the status command? Also, if it fails, the result of:service slapd restart
service slapd status -l
If there is nothing useful, can you try starting LDAP in debug mode:journalctl -xe
slapd -h "ldap://127.0.0.1/" -u ldap -f "/etc/openldap/slapd.conf" -d 256
-
Accepted Answer
I did something else before I saw your post. I removed Windows Networking (Samba). I also removed app-users
Removed:
Removing:
app-certificate-manager noarch 1:2.5.1-1.v7 @clearos-verified 117 k
app-flexshare-core noarch 1:2.4.14-1.v7 @clearos-verified 147 k
app-ldap-core noarch 1:2.3.22-1.v7 @clearos-verified 206 k
app-openldap-core noarch 1:2.5.5-1.v7 @clearos-verified 298 k
app-openldap-directory-core noarch 1:2.5.1-1.v7 @clearos-verified 185 k
app-samba noarch 1:3.5.3-1.v7 @clearos-verified 204 k
app-samba-common-core noarch 1:2.5.1-1.v7 @clearos-verified 113 k
app-samba-core noarch 1:3.5.3-1.v7 @clearos-verified 134 k
app-samba-extension-core noarch 1:2.5.0-1.v7 @clearos-verified 27 k
libarchive x86_64 3.1.2-10.el7_2 @clearos-centos 728 k
libldb x86_64 1.3.4-1.el7 @clearos-centos 367 k
libsmbclient x86_64 4.8.3-4.4.v7 @clearos-verified 156 k
libtalloc x86_64 2.1.13-1.el7 @clearos-centos 60 k
libtdb x86_64 1.3.15-1.el7 @clearos-centos 93 k
libtevent x86_64 0.9.36-1.el7 @clearos-centos 65 k
libtool-ltdl x86_64 2.4.2-22.el7_3 @clearos-centos 66 k
libwbclient x86_64 4.8.3-4.4.v7 @clearos-verified 71 k
nss-pam-ldapd x86_64 0.8.13-16.el7_6.1 @clearos-centos-updates 407 k
openldap-clients x86_64 2.4.44-20.v7 @clearos-verified 571 k
openldap-servers x86_64 2.4.44-20.v7 @clearos-verified 5.1 M
pytalloc x86_64 2.1.13-1.el7 @clearos-centos 28 k
samba x86_64 4.8.3-4.4.v7 @clearos-verified 1.9 M
samba-client x86_64 4.8.3-4.4.v7 @clearos-verified 2.0 M
samba-client-libs x86_64 4.8.3-4.4.v7 @clearos-verified 19 M
samba-common noarch 4.8.3-4.4.v7 @clearos-verified 129 k
samba-common-libs x86_64 4.8.3-4.4.v7 @clearos-verified 270 k
samba-common-tools x86_64 4.8.3-4.4.v7 @clearos-verified 1.1 M
samba-libs x86_64 4.8.3-4.4.v7 @clearos-verified 725 k
samba-winbind x86_64 4.8.3-4.4.v7 @clearos-verified 1.6 M
samba-winbind-clients x86_64 4.8.3-4.4.v7 @clearos-verified 148 k
samba-winbind-modules x86_64 4.8.3-4.4.v7 @clearos-verified 79 k
tdb-tools x86_64 1.3.15-1.el7 @clearos-centos 59 k
Removed and reinstalled the package below:
Removing:
app-accounts noarch 1:2.5.0-1.v7 @anaconda/7.5.0.228724 91 k
app-accounts-core noarch 1:2.5.0-1.v7 @anaconda/7.5.0.228724 730 k
Removing for dependencies:
app-groups noarch 1:2.3.24-1.v7 @anaconda/7.5.0.228724 42 k
app-groups-core noarch 1:2.3.24-1.v7 @anaconda/7.5.0.228724 230 k
app-user-profile noarch 1:2.5.1-1.v7 @clearos 24 k
app-user-profile-core noarch 1:2.5.1-1.v7 @clearos 35 k
app-users noarch 1:2.5.0-1.v7 @anaconda/7.5.0.228724 48 k
app-users-core noarch 1:2.5.0-1.v7 @anaconda/7.5.0.228724 372 k
..but still "Account Manager Status Account system is offline.".
Now checking your post! -
Accepted Answer
[root@vm ~]# service slapd status -l
Redirecting to /bin/systemctl status -l slapd.service
● slapd.service - OpenLDAP Server Daemon
Loaded: loaded (/usr/lib/systemd/system/slapd.service; enabled; vendor preset: disabled)
Active: active (running) since Tue 2019-07-09 14:24:56 CEST; 10s ago
Docs: man:slapd
man:slapd-config
man:slapd-hdb
man:slapd-mdb
file:///usr/share/doc/openldap-servers/guide.html
Process: 5966 ExecStart=/usr/sbin/slapd -u ldap -h ${SLAPD_URLS} $SLAPD_OPTIONS (code=exited, status=0/SUCCESS)
Process: 5931 ExecStartPre=/usr/libexec/openldap/prestart.sh (code=exited, status=0/SUCCESS)
Main PID: 5968 (slapd)
CGroup: /system.slice/slapd.service
└─5968 /usr/sbin/slapd -u ldap -h ldap://127.0.0.1/
[eaf087] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
Jul 09 14:24:50 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
Jul 09 14:24:50 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
Jul 09 14:24:50 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
Jul 09 14:24:50 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
Jul 09 14:24:51 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
Jul 09 14:24:51 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
Jul 09 14:24:51 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
Jul 09 14:24:51 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
Jul 09 14:24:52 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
Jul 09 14:24:52 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
Jul 09 14:24:52 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
Jul 09 14:24:52 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
Jul 09 14:24:53 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
Jul 09 14:24:53 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
Jul 09 14:24:53 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
Jul 09 14:24:53 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
Jul 09 14:24:54 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
Jul 09 14:24:54 vm.lionux.lan nslcd[5159]: [eaf087] <passwd="ldap.ldap"> no available LDAP server found: Can't contact LDAP server: Transport endpoint is not
Jul 09 14:24:54 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
Jul 09 14:24:54 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
Jul 09 14:24:55 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
Jul 09 14:24:55 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> no available LDAP server found, sleeping 1 seconds
Jul 09 14:24:56 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> failed to bind to LDAP server ldap://127.0.0.1/: Can't contact LDAP server: Transpor
Jul 09 14:24:56 vm.lionux.lan nslcd[5159]: [06c83e] <passwd="ldap.ldap"> no available LDAP server found: Can't contact LDAP server: Transport endpoint is not
Jul 09 14:24:56 vm.lionux.lan slapd[5966]: @(#) $OpenLDAP: slapd 2.4.44 (Dec 4 2018 13:31:39) $
mockbuild@build64-1.clearsdn.local:/builddir/build/BUILD/openldap-2.4.44/openldap-2.4.44/servers/slapd
I think the above error is the problem! -
Accepted Answer
Did the lastest command you advised: "slapd -h "ldap://127.0.0.1/" -u ldap -f "/etc/openldap/slapd.conf" -d 256"
[root@vm ~]# slapd -h "ldap://127.0.0.1/" -u ldap -f "/etc/openldap/slapd.conf" -d 256
5d248a7f @(#) $OpenLDAP: slapd 2.4.44 (Dec 4 2018 13:31:39) $
mockbuild@build64-1.clearsdn.local:/builddir/build/BUILD/openldap-2.4.44/openldap-2.4.44/servers/slapd
5d248a7f daemon: bind(7) failed errno=98 (Address already in use)
5d248a7f slapd stopped.
5d248a7f connections_destroy: nothing to destroy.
It seems the address is in use (port?).. -
Accepted Answer
@Marcel,
I think your system is well and truly broken. It looks like you've used "yum remove" and removed a number of critical dependencies. You've removed a lot of openldap stuff and a few other bits and pieces. I'd suggest a reinstallation at this point. You could try reinstalling all that you removed, but the damage may be greater.
If you ever do a "yum remove" you have to carefully check the dependencies before you hit "y". -
Accepted Answer
-
Accepted Answer
Yes, I know. I'm not careful with VM's
But I removed with the "yum history undo ID" so that probably only where packages installed when I installed Windows Networking.
Output of "netstat -npl | grep :389"
[root@vm ~]# netstat -npl | grep :389
tcp 0 0 127.0.0.1:389 0.0.0.0:* LISTEN 3343/slapd
-
Accepted Answer
That output was predictable. You could see from your earlier output that slapd was running so there is no point in starting it interactively as well. I suspect you current problem is because a lot of the underlying system has been removed. As you have not given the re-installation bit, I don't know which bits have been re-added and which may be missing. -
Accepted Answer
-
Accepted Answer
-
Accepted Answer
It was released a couple of weeks ago to the Community, iirc.
If you are still having problems, please can you try increasing the TimeoutStartSec to something like 300 in /usr/lib/systemd/system/clamd.service then run "systemctl daemon-reload" and try starting ClamAV ("service clamd start").
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »