[Bug 268069] security/clamav: 1.0.0 does no work with cld and cvd files

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 268069] clamav 1.0.0 does no work with cld and cvd files"
Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 02 Dec 2022 14:27:45 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268069

--- Comment #13 from fsbruva@yahoo.com ---
I am thinking this is some kind of latent dependency issue. I was able to
install, update and run clamav 1.0.0 in another 12.3-RELEASE amd64 jail on the
same machine. Differences are the successful jail never had clamav before, and
different ports installed. I will look through the clamav build logs to see if
I can spot differences.

(In reply to Yasuhiro Kimura from comment #9)
> Would you please provide the result of `sha256 /var/db/clamav/*` ?

daily.cvd version: 26737
main.cld version: 62
bytecode.cld version: 333

SHA256 (/var/db/clamav/bytecode.cvd) =
aa5222822ba8b87cd319d9b00ef82e93b85f8c1c134b4465cad095368a0ab8b1
SHA256 (/var/db/clamav/daily.cvd) =
fc5e16e3862d39b9b219469cc902e7e7fbb0f70f02a86ac050ac2db08cbb1557
SHA256 (/var/db/clamav/freshclam.dat) =
a6343045528f703d92f40b3d7f421d01db71c6252b1f4efb69ef51486804b82d
SHA256 (/var/db/clamav/main.cvd) =
9520cc7827ddc5267684f2c5c7044cf2df1f62606ca81402cbeae12183763a90


user@machine:/var/db/clamav # service clamav-clamd start
Starting clamav_clamd.
LibClamAV Error: Can't load /var/db/clamav/daily.cvd: Can't verify database
integrity
LibClamAV Error: cli_loaddbdir: error loading database /var/db/clamav/daily.cvd
ERROR: Can't verify database integrity
/usr/local/etc/rc.d/clamav-clamd: WARNING: failed to start clamav_clamd

I tried running freshclam 1.0.0, and got this:

user@machine:/var/db/clamav # freshclam
ClamAV update process started at Fri Dec  2 08:58:50 2022
daily database available for update (local version: 26737, remote version:
26738)
Current database is 1 version behind.
Downloading database patch # 26738...
WARNING: [LibClamAV] CVD verification failed for: daily.cvd
ERROR: mkdir_and_chdir_for_cdiff_tmp: Can't unpack daily.cvd into
/var/db/clamav/tmp.f3e98ef3c4/clamav-2e2434f3e48000b9eac28f6f03a601ac.tmp
The database server doesn't have the latest patch for the daily database
(version 26738). The server will likely have updated if you check again in a
few hours.
main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90,
builder: sigmgr)
bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63,
builder: awillia2)

Note the problem with unpacking daily.cvd. 
I have /var/db/clamav/ owned by clamav:clamav, with 755 permissions.

I removed clamav 1.0.0, and re-installed 0.105.1_5. When I tried to start
clamav 0.105.1 with these same files, I got:

user@machine:/var/db/clamav # service clamav-clamd start
Starting clamav_clamd.
LibClamAV Error: Can't load /var/db/clamav/daily.cvd: Can't verify database
integrity
LibClamAV Error: cli_loaddbdir: error loading database /var/db/clamav/daily.cvd
ERROR: Can't verify database integrity
/usr/local/etc/rc.d/clamav-clamd: WARNING: failed to start clamav_clamd

So I ran freshclam 0.105.1, and got this:

root@condor_www:/var/db/clamav # freshclam
ClamAV update process started at Fri Dec  2 09:05:31 2022
daily database available for update (local version: 26737, remote version:
26738)
Current database is 1 version behind.
Downloading database patch # 26738...
Time:    0.3s, ETA:    0.0s [========================>]    8.52KiB/8.52KiB
Testing database:
'/var/db/clamav/tmp.6c1cb80df0/clamav-e65ae6b9ff22c449bf0ae6fd199bcf07.tmp-daily.cld'
...
Database test passed.
daily.cld updated (version: 26738, sigs: 2013306, f-level: 90, builder:
raynman)
main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90,
builder: sigmgr)
bytecode.cvd database is up-to-date (version: 333, sigs: 92, f-level: 63,
builder: awillia2)

File hashes are now:
SHA256 (/var/db/clamav/bytecode.cvd) =
aa5222822ba8b87cd319d9b00ef82e93b85f8c1c134b4465cad095368a0ab8b1
SHA256 (/var/db/clamav/daily.cld) =
0aefe922fbe12376d83d8b3c0e59dcdb75c77588bd790b03879de148ecfdae6f
SHA256 (/var/db/clamav/freshclam.dat) =
a6343045528f703d92f40b3d7f421d01db71c6252b1f4efb69ef51486804b82d
SHA256 (/var/db/clamav/main.cvd) =
9520cc7827ddc5267684f2c5c7044cf2df1f62606ca81402cbeae12183763a90

And clamav 0.105.1 started successfully. Stop clamav service, deinstalled
clamav 0.105, built clamav 1.0.0 from ports, installed, and saw same error with
starting clamav-clamd service.

-- 
You are receiving this mail because:
You are the assignee for the bug.