Wednesday, April 28, 2010

How to upgrade Clam Anti-virus(Clamav) on Centos

SkyHi @ Wednesday, April 28, 2010
My email server is using Postfix as the MTA and Clamav as the anti-virus software running on Centos 5.4. Today I check the version of Clamav installed on it and it is already out-dated so I need to upgrade to the latest stable version. The installed version of clamav is ClamAV 0.94 whereas the latest stable version is ClamAV 0.95.2.
Upgrading clamav installed on Centos is easy. You just first backup the current configuration of clamav (/etc/clamd.conf and /etc/freshclam.conf).
Basically if you install clamav for the first time, you need to edit and modify the config file of clamav (clamd.conf and freshclam.conf) to meet your need. You do not wanna lose these files because it takes time to edit them.
Here are the upgrade processes:
[root@mx-1 ~]# yum upgrade clamav
Loading "installonlyn" plugin
Setting up Upgrade Process
Setting up repositories
rpmforge                  100% |=========================| 1.1 kB    00:00
base                      100% |=========================| 1.1 kB    00:00
updates                   100% |=========================|  951 B    00:00
addons                    100% |=========================|  951 B    00:00
extras                    100% |=========================| 1.1 kB    00:00
Reading repository metadata in from local files
primary.xml.gz            100% |=========================| 3.5 MB    00:39
################################################## 9558/9558
primary.xml.gz            100% |=========================| 878 kB    00:02
################################################## 2508/2508
primary.xml.gz            100% |=========================| 306 kB    00:01
################################################## 465/465
primary.xml.gz            100% |=========================| 100 kB    00:01
################################################## 312/312
Resolving Dependencies
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for clamav to pack into transaction set.
clamav-0.95.2-4.el5.rf.i3 100% |=========================|  25 kB    00:00
---> Package clamav.i386 0:0.95.2-4.el5.rf set to be updated
--> Running transaction check
--> Processing Dependency: libclamav.so.5 for package: clamd
--> Processing Dependency: libclamav.so.5(CLAMAV_PRIVATE) for package: clamd
--> Processing Dependency: clamav = 0.94-1.el5.rf for package: clamd
--> Processing Dependency: libclamav.so.5(CLAMAV_PUBLIC) for package: clamd
--> Restarting Dependency Resolution with new changes.
--> Populating transaction set with selected packages. Please wait.
---> Downloading header for clamd to pack into transaction set.
clamd-0.95.2-4.el5.rf.i38 100% |=========================| 6.7 kB    00:00
---> Package clamd.i386 0:0.95.2-4.el5.rf set to be updated
--> Running transaction check
 
Dependencies Resolved
 
=============================================================================
 Package                 Arch       Version          Repository        Size
=============================================================================
Updating:
 clamav                  i386       0.95.2-4.el5.rf  rpmforge          2.7 M
Updating for dependencies:
 clamd                   i386       0.95.2-4.el5.rf  rpmforge          213 k
 
Transaction Summary
=============================================================================
Install      0 Package(s)
Update       2 Package(s)
Remove       0 Package(s)
 
Total download size: 2.9 M
Is this ok [y/N]:
Downloading Packages:
(1/2): clamd-0.95.2-4.el5 100% |=========================| 213 kB    00:03
(2/2): clamav-0.95.2-4.el 100% |=========================| 2.7 MB    00:15
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Updating  : clamav                       [1/4]warning: /etc/freshclam.conf created as /etc/freshclam.conf.rpmnew
  Updating  : clamav                       ######################### [1/4]
  Updating  : clamd                        ######################### [2/4]
  Cleanup   : clamd                        ######################### [3/4]
  Cleanup   : clamav                       ######################### [4/4]
 
Updated: clamav.i386 0:0.95.2-4.el5.rf
Dependency Updated: clamd.i386 0:0.95.2-4.el5.rf
Complete!
Now restore the backup files to /etc folder and then restart the clamav service.
[root@mx-1 ~]# /etc/init.d/clamd restart
Check the clamav version:
[root@mx-1 ~]# clamd -V
ClamAV 0.95.2/9727/Sat Aug 22 21:04:10 2009
Do not forget to update clam antivirus database using freshclam.
Since I live in Indonesia, I use db.id.clamav.net as DatabaseMirror in the freshclam.conf file but got errors when running the freshclam update like below:
Can not connect to port 80 of host db.id.clamav.net (IP: 222.124.18.201)
ERROR: getpatch: Can not download daily-9725.cdiff from db.local.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd
Trying host db.id.clamav.net (222.124.18.201)...
nonblock_connect: connect timing out (30 secs)
Can not connect to port 80 of host db.id.clamav.net (IP: 222.124.18.201)
ERROR: Can not download daily.cvd from db.id.clamav.net
Giving up on db.id.clamav.net...
Update failed. Your network may be down or none of the mirrors listed in /etc/freshclam.conf is working. Check http://www.clamav.net/support/mirror-problem for possible reasons.
We have to try another mirror sites. Run ‘freshclam –list-mirrors’ to see available mirror sites.
[root@mx-1 ~]# freshclam --list-mirrors
Mirror #1
IP: 222.124.18.201
Successes: 1113
Failures: 0
Last access: Wed Aug 19 04:04:58 2009
Ignore: No
-------------------------------------
Mirror #2
IP: 193.1.193.64
Successes: 1116
Failures: 2
Last access: Wed Aug 19 04:04:58 2009
Ignore: No
-------------------------------------
Mirror #3
IP: 192.121.13.5
Successes: 12
Failures: 0
Last access: Sat Aug 22 04:12:07 2009
Ignore: No
There are three available mirrors. The first one was failed (db.id.clamav.net), the second one is located at Ireland and the third one is located at Sweden.
I choose the third one, the Sweden. The domain country code of Sweden is ‘se’ so the db clamav domain must be ‘db.se.clamav.net’. Set the DatabaseMirror in freshclam.conf to be db.se.clamav.net and then run freshclam update again.
[root@mx-1 ~]# /usr/bin/freshclam --datadir="/var/clamav" --log="/var/log/clamav/freshclam.log" --daemon-notify="/etc/clamd.conf"
ClamAV update process started at Sun Aug 23 07:01:18 2009
main.cld is up to date (version: 51, sigs: 545035, f-level: 42, builder: sven)
Trying host db.se.clamav.net (194.47.250.218)...
Downloading daily-9725.cdiff [100%]
Downloading daily-9726.cdiff [100%]
Downloading daily-9727.cdiff [100%]
daily.cld updated (version: 9727, sigs: 66742, f-level: 43, builder: mcichosz)
Database updated (611777 signatures) from db.se.clamav.net (IP: 194.47.250.218)
Clamd successfully notified about the update.
Now your clamav has been upgraded and the clam antivirus database also has been updated successfully. Restart the clamd service again.
[root@mx-1 ~]# /etc/init.d/clamd restart

Incoming search terms for this post: