Difference between revisions of "ClamAV - Updating Version"

Line 5: Line 5:
 
Note: This was done on Fedora Core 4 minimal install. Also, all the following can be done either as root or as the zimbra user.  
 
Note: This was done on Fedora Core 4 minimal install. Also, all the following can be done either as root or as the zimbra user.  
 
If you do it all as 'root', make sure you change ownership for the resulting clamav-0.90.2 folder in /opt/zimbra to zimbra:zimbra.
 
If you do it all as 'root', make sure you change ownership for the resulting clamav-0.90.2 folder in /opt/zimbra to zimbra:zimbra.
 +
This HOWTO also assumes that you are upgrading from 0.90.1 to 0.90.2
 +
Please substitute the versions above for what you are upgrading from and to.
  
 
When ClamAV releases new version and gets out of date, it will complain in its log files as such.
 
When ClamAV releases new version and gets out of date, it will complain in its log files as such.
Line 11: Line 13:
  
 
To update, follow the following:
 
To update, follow the following:
First go grab the latest ClamAV source from http://www.clamav.net/download (Current Stable Version is 0. 90.2 )
+
First go grab the latest ClamAV source from http://www.clamav.net/download (Current Stable Version is 0.90.2 )
 
Extract it to where ever you please. All this can either be done as root or as the zimbra user.  
 
Extract it to where ever you please. All this can either be done as root or as the zimbra user.  
 
If you do it all as root make sure you change ownership for the resulting clamav folder in /opt/zimbra to zimbra:zimbra.
 
If you do it all as root make sure you change ownership for the resulting clamav folder in /opt/zimbra to zimbra:zimbra.
Line 28: Line 30:
  
  
If your configure goes well, and make sure it does as you don't really want ClamAV installed without some of its available testing ability being compiled.
+
If your 'configure' goes well, and make sure it does as you don't really want ClamAV installed without some of its available testing ability being compiled.
  
 
Run: make
 
Run: make
Line 35: Line 37:
 
Again assuming no errors, you now have the new version installed into /opt/zimbra/clamav-0.90.2
 
Again assuming no errors, you now have the new version installed into /opt/zimbra/clamav-0.90.2
  
Run:  zmcontrol stop everything.
+
Now we need to edit clam and freshclam's conf files. I'm not entirely sure if this is actually necessary, but we didn't configure the default paths and options for a few things at build time so I think it is.
  
Delete the symbolic link /opt/zimbra/clamav
+
Create directory /opt/zimbra/clamav/db
  
Re-link it to the new install:
+
Copy your old clamd.conf and freshclam.conf  from the privious version to the new version directory:
  
 
START CODE
 
START CODE
  
ln -s /opt/zimbra/clamav-0.87.1 /opt/zimbra/clamav
+
cd /opt/zimbra/clamav-0.90.2/etc/
 +
mv clamd.conf  clamd.conf.org
 +
mv freshclam.conf  freshclam.conf.org
 +
cd cd /opt/zimbra/clamav-0.90.1/etc/
 +
cp clamd.conf  /opt/zimbra/clamav-0.90.2/etc/
 +
cp freshclam.conf /opt/zimbra/clamav-0.90.2/etc/
  
 
END CODE
 
END CODE
  
Now we need to edit clam and freshclam's conf files. I'm not entirely sure if this is actually necessary, but we didn't configure the default paths and options for a few things at build time so I think it is.
+
Run:  zmcontrol stop everything.
  
Create directory /opt/zimbra/clamav/db
+
Delete the symbolic link /opt/zimbra/clamav
  
In /opt/zimbra/clamav/etc/clamd.conf edit these settings:
+
Re-link it to the new install:
  
 
START CODE
 
START CODE
  
Code:
+
ls -la 'grep' clamav ( should see 'clamav -> /opt/zimbra/clamav-0.90.2'  )
 
+
if so:
##
+
rm -rf clamav
## Example config file for the Clam AV daemon
+
ln -s /opt/zimbra/clamav-0.90.2 /opt/zimbra/clamav
## Please read the clamd.conf(5) manual before editing this file.
 
##
 
 
 
# Comment or remove the line below.
 
#Example
 
 
 
# Uncomment this option to enable logging.
 
# LogFile must be writable for the user running daemon.
 
# A full path is required.
 
# Default: disabled
 
LogFile /opt/zimbra/log/clamd.log
 
 
 
# This option allows you to save a process identifier of the listening
 
# daemon (main thread).
 
# Default: disabled
 
PidFile /opt/zimbra/log/clamd.pid
 
 
 
# Path to the database directory.
 
# Default: hardcoded (depends on installation options)
 
DatabaseDirectory /opt/zimbra/clamav/db
 
 
 
# TCP port address.
 
# Default: disabled
 
TCPSocket 3310
 
 
 
# TCP address.
 
# By default we bind to INADDR_ANY, probably not wise.
 
# Enable the following to provide some degree of protection
 
# from the outside world.
 
# Default: disabled
 
TCPAddr 127.0.0.1
 
 
 
# Run as a selected user (clamd must be started by root).
 
# Default: disabled
 
User zimbra
 
  
 
END CODE
 
END CODE
 
Note: These are just the settings I changed and are not continous, but are in order from top to bottom referencing the order of the actual clamd.conf file. There are many other parts to the file, but no other settings were changed.
 
 
In /opt/zimbra/clamav/etc/freshclam.conf edit these settings:
 
Code:
 
 
##
 
## Example config file for freshclam
 
## Please read the freshclam.conf(5) manual before editing this file.
 
## This file may be optionally merged with clamd.conf.
 
##
 
 
 
# Comment or remove the line below.
 
#Example
 
 
# Path to the database directory.
 
# WARNING: It must match clamd.conf's directive!
 
# Default: hardcoded (depends on installation options)
 
DatabaseDirectory /opt/zimbra/clamav/db
 
 
# Path to the log file (make sure it has proper permissions)
 
# Default: disabled
 
UpdateLogFile /opt/zimbra/log/freshclam.log
 
 
# This option allows you to save the process identifier of the daemon
 
# Default: disabled
 
PidFile /opt/zimbra/log/freshclam.pid
 
 
# By default when started freshclam drops privileges and switches to the
 
# "clamav" user. This directive allows you to change the database owner.
 
# Default: clamav (may depend on installation options)
 
DatabaseOwner zimbra
 
 
Note: Again this is just a few of the settings in the freshclam.conf file. They are the ones I changed. The rest are left at default.
 
  
 
Now you should make sure zimbra owns all of clamav.
 
Now you should make sure zimbra owns all of clamav.
 
Code:
 
Code:
  
chown -R zimbra:zimbra /opt/zimbra/clamav-0.87.1
+
chown -R zimbra:zimbra /opt/zimbra/clamav-0.90.2
  
 
Next we need to update the virus database.
 
Next we need to update the virus database.
 
Run: /opt/zimbra/clamav/bin/freshclam
 
Run: /opt/zimbra/clamav/bin/freshclam
  
Need to start amavis back up.
+
Need to start things back up.
Either run: zmamavisdctl start, or zmcontrol start depending on how you stop before.
+
Run zmcontrol start
Run zmcontrol status to make sure antivirus is running. If it is your good to go.
+
Run zmcontrol status to make sure antivirus is running. If it is, you're good to go.
 
 
You should check /opt/zimbra/log/clamd.log for errors, as well as freshclam in the same directory. Also /var/log/zimbra.log. To test out ClamAV I would suggest http://www.webmail.us/testvirus to send different variations of the EICAR test virus to one of your email addresses. Depending on if you have "Send notice ot recipient" check in Global Settings of the Admin Web UI, the user should receive around 20 email notifications of the emails being quarantined. Don't worry about the two that got through. Apparently ClamAV doesn't check for the techniques. There are although no virii included in those two emails, so it doesn't worry me. If anyone has any problems let me know.
 
 
 
-Ben
 
 
 
Edit: You can delete the previous install of clamav once you make sure everything is working. Delete the /opt/zimbra/clamav-0.85.1 directory and everythnig it contains. Again make sure you have the other version working well first.
 
  
-Ben
+
You should check /opt/zimbra/log/clamd.log for errors, as well as freshclam in the same directory. Also /var/log/zimbra.log. To test out ClamAV I would suggest http://www.webmail.us/testvirus to send different variations of the EICAR test virus to one of your email addresses. Depending on if you have "Send notice ot recipient" check in Global Settings of the Admin Web UI, the user should receive around 20 email notifications of the emails being quarantined. Don't worry about the two that got through. Apparently ClamAV doesn't check for the techniques. There are although no virii included in those two emails, so it doesn't worry me.
 +
You can delete the previous install of clamav once you make sure everything is working. Delete the /opt/zimbra/clamav-0.90.1 directory and everythnig it contains. Again may want to wait a weelk or two to make sure you have the other version working well first.

Revision as of 17:25, 6 May 2007

Thanks to "Unilogic" AKA: Ben for most of this writeup. Parts have been updated to reflect lastest revision.

If you have no idea how to upgrade or are a little shakey in doing the upgrade yourself, I recommend that you wait for the Zimbra official release.

Note: This was done on Fedora Core 4 minimal install. Also, all the following can be done either as root or as the zimbra user. If you do it all as 'root', make sure you change ownership for the resulting clamav-0.90.2 folder in /opt/zimbra to zimbra:zimbra. This HOWTO also assumes that you are upgrading from 0.90.1 to 0.90.2 Please substitute the versions above for what you are upgrading from and to.

When ClamAV releases new version and gets out of date, it will complain in its log files as such.

If upgrading from anything below 0.90.x, please refer to: *Updating CLAMAV from version lower than 0.90.0

To update, follow the following: First go grab the latest ClamAV source from http://www.clamav.net/download (Current Stable Version is 0.90.2 ) Extract it to where ever you please. All this can either be done as root or as the zimbra user. If you do it all as root make sure you change ownership for the resulting clamav folder in /opt/zimbra to zimbra:zimbra.

Next run configure inside of the clamav extract as following:

START CODE

./configure --prefix=/opt/zimbra/clamav-0.90.2 --with-user=zimbra --with-group=zimbra

END CODE

This assumes zimbra is user and group id 'zimbra', change it accordingly to your system to match your zimbra user.

Note: I had to install gmp-devel and bzip2-devel so the configure could find all its header files. Your mileage may very. If you get an error about GNU MP missing install gmp-devel. "yum install gmp-devel", and "yum install bzip2-devel" in Fedora and Red Hat.


If your 'configure' goes well, and make sure it does as you don't really want ClamAV installed without some of its available testing ability being compiled.

Run: make Assume no errors, Run: make check, and then make install. Again assuming no errors, you now have the new version installed into /opt/zimbra/clamav-0.90.2

Now we need to edit clam and freshclam's conf files. I'm not entirely sure if this is actually necessary, but we didn't configure the default paths and options for a few things at build time so I think it is.

Create directory /opt/zimbra/clamav/db

Copy your old clamd.conf and freshclam.conf from the privious version to the new version directory:

START CODE

cd /opt/zimbra/clamav-0.90.2/etc/ mv clamd.conf clamd.conf.org mv freshclam.conf freshclam.conf.org cd cd /opt/zimbra/clamav-0.90.1/etc/ cp clamd.conf /opt/zimbra/clamav-0.90.2/etc/ cp freshclam.conf /opt/zimbra/clamav-0.90.2/etc/

END CODE

Run: zmcontrol stop everything.

Delete the symbolic link /opt/zimbra/clamav

Re-link it to the new install:

START CODE

ls -la 'grep' clamav ( should see 'clamav -> /opt/zimbra/clamav-0.90.2' ) if so: rm -rf clamav ln -s /opt/zimbra/clamav-0.90.2 /opt/zimbra/clamav

END CODE

Now you should make sure zimbra owns all of clamav. Code:

chown -R zimbra:zimbra /opt/zimbra/clamav-0.90.2

Next we need to update the virus database. Run: /opt/zimbra/clamav/bin/freshclam

Need to start things back up. Run zmcontrol start Run zmcontrol status to make sure antivirus is running. If it is, you're good to go.

You should check /opt/zimbra/log/clamd.log for errors, as well as freshclam in the same directory. Also /var/log/zimbra.log. To test out ClamAV I would suggest http://www.webmail.us/testvirus to send different variations of the EICAR test virus to one of your email addresses. Depending on if you have "Send notice ot recipient" check in Global Settings of the Admin Web UI, the user should receive around 20 email notifications of the emails being quarantined. Don't worry about the two that got through. Apparently ClamAV doesn't check for the techniques. There are although no virii included in those two emails, so it doesn't worry me. You can delete the previous install of clamav once you make sure everything is working. Delete the /opt/zimbra/clamav-0.90.1 directory and everythnig it contains. Again may want to wait a weelk or two to make sure you have the other version working well first.

Jump to: navigation, search