ClamAV - Updating Version: Difference between revisions

No edit summary
No edit summary
Line 51: Line 51:


cd /opt/zimbra/clamav-0.90.1/etc/
cd /opt/zimbra/clamav-0.90.1/etc/
diff clamd.conf ../../clamav-0.90.2/etc/clamd.conf
diff clamd.conf ../../clamav-0.90.2/etc/clamd.conf
diff freshclam.conf ../../clamav-0.90.2/etc/freshclam.conf
diff freshclam.conf ../../clamav-0.90.2/etc/freshclam.conf
Above is just to be sure of what we are changing.
Above is just to be sure of what we are changing.


cd /opt/zimbra/clamav-0.90.2/etc/
cd /opt/zimbra/clamav-0.90.2/etc/
mv clamd.conf  clamd.conf.org
mv clamd.conf  clamd.conf.org
mv freshclam.conf  freshclam.conf.org
mv freshclam.conf  freshclam.conf.org
cd cd /opt/zimbra/clamav-0.90.1/etc/
cd cd /opt/zimbra/clamav-0.90.1/etc/
cp clamd.conf  /opt/zimbra/clamav-0.90.2/etc/
cp clamd.conf  /opt/zimbra/clamav-0.90.2/etc/
cp freshclam.conf /opt/zimbra/clamav-0.90.2/etc/
cp freshclam.conf /opt/zimbra/clamav-0.90.2/etc/


END CODE
END CODE
Line 90: Line 99:


Next we need to update the virus database.
Next we need to update the virus database.
Run: /opt/zimbra/clamav/bin/freshclam
Run: /opt/zimbra/clamav/bin/freshclam


Need to start things back up.
Need to start things back up.
Run 'zmcontrol start'
Run 'zmcontrol start'
Run 'zmcontrol status' to make sure antivirus is running. If it is, you're good to go.
Run 'zmcontrol status' to make sure antivirus is running. If it is, you're good to go.


You should check /opt/zimbra/log/clamd.log for errors, as well as freshclam in the same directory. Also /var/log/zimbra.log. To test out ClamAV I would suggest http://www.webmail.us/testvirus to send different variations of the EICAR test virus to one of your email addresses. Depending on if you have "Send notice ot recipient" check in Global Settings of the Admin Web UI, the user should receive around 20 email notifications of the emails being quarantined. Don't worry about the two that got through. Apparently ClamAV doesn't check for the techniques. There are although no virii included in those two emails, so it doesn't worry me.
You should check /opt/zimbra/log/clamd.log for errors, as well as freshclam in the same directory. Also /var/log/zimbra.log. To test out ClamAV I would suggest http://www.webmail.us/testvirus to send different variations of the EICAR test virus to one of your email addresses. Depending on if you have "Send notice ot recipient" check in Global Settings of the Admin Web UI, the user should receive around 20 email notifications of the emails being quarantined. Don't worry about the two that got through. Apparently ClamAV doesn't check for the techniques. There are although no virii included in those two emails, so it doesn't worry me.
You can delete the previous install of clamav once you make sure everything is working. Delete the /opt/zimbra/clamav-0.90.1 directory and everythnig it contains. Again may want to wait a weelk or two to make sure you have the other version working well first.
You can delete the previous install of clamav once you make sure everything is working. Delete the /opt/zimbra/clamav-0.90.1 directory and everythnig it contains. Again may want to wait a weelk or two to make sure you have the other version working well first.

Revision as of 19:08, 6 May 2007

Thanks to "Unilogic" AKA: Ben for most of this writeup. Parts have been updated to reflect lastest revision.

If you have no idea how to upgrade or are a little shakey in doing the upgrade yourself, I recommend that you wait for the Zimbra official release.

Note: This was done on Fedora Core 4 minimal install. Also, all the following can be done either as root or as the zimbra user. If you do it all as 'root', make sure you change ownership for the resulting clamav-0.90.2 folder in /opt/zimbra to zimbra:zimbra. This HOWTO also assumes that you are upgrading from 0.90.1 to 0.90.2 Please substitute the versions above for what you are upgrading from and to.


When ClamAV releases a new version and gets out of date, it will complain in its log files as such.

If upgrading from anything below 0.90.x, please refer to: *Updating CLAMAV from version lower than 0.90.0

To update, follow the following: First go grab the latest ClamAV source from http://www.clamav.net/download (Current Stable Version is 0.90.2 ) Extract it to where ever you please. All this can either be done as root or as the zimbra user. If you do it all as root make sure you change ownership for the resulting clamav folder in /opt/zimbra to zimbra:zimbra.

Assuming that the new clamav version is in the directory: /home/snelson ( substitute your username for 'snelson' ) tar -xvf clamav-0.90.2.tar.gz cd clamav-0.90.2

Next run configure inside of the clamav extract as following:

START CODE

./configure --prefix=/opt/zimbra/clamav-0.90.2 --with-user=zimbra --with-group=zimbra

END CODE

This assumes zimbra is user and group id 'zimbra', change it accordingly to your system to match your zimbra user.

Note: I had to install gmp-devel and bzip2-devel so the configure could find all its header files. Your mileage may very. If you get an error about GNU MP missing install gmp-devel. "yum install gmp-devel", and "yum install bzip2-devel" in Fedora and Red Hat.


If your 'configure' goes well, and make sure it does as you don't really want ClamAV installed without some of its available testing ability being compiled.

Run: 'make'

Assuming there are no errors,

Run: 'make check', and then 'make install'. Again assuming no errors, you now have the new version installed into /opt/zimbra/clamav-0.90.2

Copy your old clamd.conf and freshclam.conf from the privious version to the new version directory:

Now we need to edit clam and freshclam's conf files.

START CODE

cd /opt/zimbra/clamav-0.90.1/etc/

diff clamd.conf ../../clamav-0.90.2/etc/clamd.conf

diff freshclam.conf ../../clamav-0.90.2/etc/freshclam.conf

Above is just to be sure of what we are changing.

cd /opt/zimbra/clamav-0.90.2/etc/

mv clamd.conf clamd.conf.org

mv freshclam.conf freshclam.conf.org

cd cd /opt/zimbra/clamav-0.90.1/etc/

cp clamd.conf /opt/zimbra/clamav-0.90.2/etc/

cp freshclam.conf /opt/zimbra/clamav-0.90.2/etc/


END CODE

Run: 'zmcontrol stop' everything.

Now need to delete the symbolic link and re-link it to the new install:

START CODE

cd /opt/zimbra

ls -la 'grep' clamav ( should see 'clamav -> /opt/zimbra/clamav-0.90.1' )

if so:

rm -rf clamav

ln -s /opt/zimbra/clamav-0.90.2 /opt/zimbra/clamav

END CODE

Now you should make sure zimbra owns all of clamav. Code:

chown -R zimbra:zimbra /opt/zimbra/clamav-0.90.2

Create directory /opt/zimbra/clamav/db

Next we need to update the virus database.

Run: /opt/zimbra/clamav/bin/freshclam

Need to start things back up. Run 'zmcontrol start'

Run 'zmcontrol status' to make sure antivirus is running. If it is, you're good to go.

You should check /opt/zimbra/log/clamd.log for errors, as well as freshclam in the same directory. Also /var/log/zimbra.log. To test out ClamAV I would suggest http://www.webmail.us/testvirus to send different variations of the EICAR test virus to one of your email addresses. Depending on if you have "Send notice ot recipient" check in Global Settings of the Admin Web UI, the user should receive around 20 email notifications of the emails being quarantined. Don't worry about the two that got through. Apparently ClamAV doesn't check for the techniques. There are although no virii included in those two emails, so it doesn't worry me. You can delete the previous install of clamav once you make sure everything is working. Delete the /opt/zimbra/clamav-0.90.1 directory and everythnig it contains. Again may want to wait a weelk or two to make sure you have the other version working well first.

Jump to: navigation, search