ClamAV - Updating clamd for releases earlier than ZCS 8.0.6
ClamAV - Updating clamd for releases earlier than ZCS 8.0.6
For those using ZCS 8.0.6 and prior, come 22 October 2016 anti-virus definitions will no longer update AND your ClamAV instance will stop working entirely.
Preventative methods
- Update ZCS to a newer version.
- Update just the ClamAV component.
Past EOL ?
Turn off ClamAV from your Admin Console
Go to Server > Services 'as/av' tab > uncheck av.
Via CLI
Run the next commands as zimbra user (The minus sign is important, or you'll leave nothing but av running.):
zmprov ms `zmhostname` -zimbraServiceEnabled antivirus. zmamavisdctl reload
(This may leave you more vulnerable of course.)
Manual ClamAV component upgrade:
Zimbra includes ClamAV 0.98.4 as of ZCS 8.0.7+. The clamav-0.98.4 directory from an installed ZCS 8.0.7 or later installation can be copied directly to an earlier ZCS 8.0/7.2.x server. To upgrade ClamAV, perform the following steps:
Downloads
- Redhat 6.x: clamav-0.98.4.tar.gz md5 sha256
- CentOS 6.x: clamav-0.98.4.tar.gz md5 sha256
- SLES 11 64-bit: clamav-0.98.4.tar.gz md5 sha256
- Ubuntu 10.04 64-bit: clamav-0.98.4.tar.gz md5 sha256
- Ubuntu 12.06 64-bit: clamav-0.98.4.tar.gz md5 sha256
Other methods to obtain
- Install a new server with a later release of ZCS or use the above links. The Free Open-Source release of ZCS is available at http://www.zimbra.com/downloads/os-downloads.html. This document was tested with 8.5.1 (8.0.9 for Ubuntu 10), but any release starting with 8.0.7 or later will work.
- After the installation is complete, tar up clamav-0.95.1 on the new server:
cd /opt/zimbra tar cf /tmp/clamav-0.98.4.tar clamav-0.98.4
Update Instructions
- Download the file from one of the previous links.
- Untar the file.
tar xzvf clamav-0.98.4.tar.gz
- Stop ZCS services.
zmcontrol stop
- Change the symbolic link (run as root)
rm clamav ln -s clamav-0.98.4 clamav ls -l clamav
The output line will look similar to:
lrwxrwxrwx 1 root root 25 Apr 9 15:39 clamav -> /opt/zimbra/clamav-0.98.4
- Start services.
zmcontrol start
- If there are errors regarding libssl.so.1.0.0, create a symbolic link to the file. Run the following as root:
cd /opt/zimbra/clamav/lib ln -s ../../openssl-1.0.1e/lib/libssl.so.1.0.0 libssl.so.1.0.0 ln -s ../../openssl-1.0.1e/lib/libcrypto.so.1.0.0 libcrypto.so.1.0.0 su - zimbra zmantivirusctl restart
Confirm
You can confirm that the new version of ClamAV is running by checking /opt/zimbra/log/clamd.log. The most recent startup in the log should look similar to:
Sat Oct 22 18:42:31 2016 -> +++ Started at Sat Oct 22 18:42:31 2016 Sat Oct 22 18:42:31 2016 -> clamd daemon 0.98.4 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Test send-receive of mail.
With ClamAV 0.98 in place, updates should continue uninterrupted after October 22, 2016, and your system will remain protected.
This procedure was tested using ZCS 8.5.1 (and ZCS 8.0.9 for Ubuntu 10).