ClamAV failed to start on ZCS v8.6

ClamAV failed to start on ZCS v8.6

Problem :

On ZCS v8.6 ClamAV version is 0.98.4, which is outdated. Getting below error if we update the ClamAV signature :

ClamAV update process started at Thu Jun 15 11:01:39 2017 
WARNING: Your ClamAV installation is OUTDATED! 
WARNING: Local version: 0.98.4 Recommended version: 0.99.2 
Connecting via virsecpxypvip1.pol.local 
main.cld is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr) 
Connecting via virsecpxypvip1.pol.local 
Downloading daily-23474.cdiff [100%] 
Downloading daily-23475.cdiff [100%] 
WARNING: [LibClamAV] cli_ac_addsig: Signature for Win.Worm.Fadok-6328944-0 is too short 
WARNING: [LibClamAV] cli_parse_add(): Problem adding signature (3). 
WARNING: [LibClamAV] Problem parsing database at line 2793 
WARNING: [LibClamAV] Can't load daily.ldb: Malformed database 
WARNING: [LibClamAV] cli_tgzload: Can't load daily.ldb 
WARNING: [LibClamAV] Can't load /opt/zimbra/data/clamav/db/clamav-8cfb222650066bd835080a13eeb042c4.tmp/clamav-4ec11241582c64833542766c43b04f17.cld: Malformed database 
ERROR: Failed to load new database: Malformed database 
WARNING: Database load exited with status 55 
ERROR: Failed to load new database

Solution :

We need to update ClamAV binary with the help of following steps:

yum -y install gcc glibc zlib-devel gmp-devel bzip2-devel openssl-devel
mkdir /tmp/update
cd /tmp/update
tar -xvf clamav-0.99.2.tar.gz
./configure --prefix=/opt/zimbra/clamav-0.99.2 --with-user=zimbra --with-group=zimbra
make check
make install

chown -R zimbra:zimbra /opt/zimbra/clamav-0.99.2/
cd /opt/zimbra/clamav-0.99.2/etc/
cp /opt/zimbra/conf/clamd.conf .
cp /opt/zimbra/conf/freshclam.conf .
chown zimbra:zimbra *.conf

service zimbra stop
cd /opt/zimbra
unlink clamav
ln -s /opt/zimbra/clamav-0.99.2 /opt/zimbra/clamav
chmod a+r /opt/zimbra/clamav/etc/freshclam.conf

su - zimbra
mkdir /tmp/clamdb
mv /opt/zimbra/data/clamav/db/* /tmp/clamdb
zmcontrol start

/opt/zimbra/clamav/bin/freshclam --config-file=/opt/zimbra/conf/freshclam.conf
zmantivirusctl stop
zmantivirusctl start

Submitted by: Prabhat Kumar

Jump to: navigation, search