SCIENTIFIC-LINUX-USERS Archives

June 2012

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: For the RPMForge guys
From:
Phil Perry <[log in to unmask]>
Reply To:
Phil Perry <[log in to unmask]>
Date:
Thu, 28 Jun 2012 13:34:36 +0100
Content-Type:
text/plain
Parts/Attachments:
text/plain (101 lines) 
On 28/06/12 05:52, jdow wrote:
> On 2012/06/27 13:58, S.Tindall wrote:
>> On Wed, 2012-06-27 at 13:12 -0700, jdow wrote:
>>> On 2012/06/27 12:43, S.Tindall wrote:
>>>> On Wed, 2012-06-27 at 12:31 -0700, jdow wrote:
>>>>> Latest clamav update main.cvd is an empty file. It apparently
>>>>> should not be
>>>>> empty. For two days now I've gotten this message:
>>>>>
>>>>> ERROR: Corrupted database file /var/clamav/main.cld: Broken or not
>>>>> a CVD file
>>>>>
>>>>> {^_^}
>>>>
>>>> Run freshclam and then restart clamd.
>>>>
>>>> Steve
>>
>>> rerunning freshclam gives:
>>> ClamAV update process started at Wed Jun 27 13:11:13 2012
>>> main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60,
>>> builder: sven)
>>> daily.cld is up to date (version: 15092, sigs: 222617, f-level: 63,
>>> builder:
>>> ccordes)
>>> bytecode.cld is up to date (version: 185, sigs: 39, f-level: 63,
>>> builder: neo)
>>> WARNING: [LibClamAV] cli_cvdverify: Can't read CVD header
>>> ERROR: Corrupted database file /var/clamav/main.cld: Broken or not a
>>> CVD file
>>> Corrupted database file renamed to /var/clamav/main.cld.broken
>>> Trying again in 5 secs...
>>
>>
>>> ClamAV update process started at Wed Jun 27 13:11:19 2012
>>> main.cvd is up to date (version: 54, sigs: 1044387, f-level: 60,
>>> builder: sven)
>>> daily.cld is up to date (version: 15092, sigs: 222617, f-level: 63,
>>> builder:
>>> ccordes)
>>> bytecode.cld is up to date (version: 185, sigs: 39, f-level: 63,
>>> builder: neo)
>>>
>>>
>>> It's broken, Jim! (Sorry Star Trek)
>>>
>>> {^_^}
>>
>> You "fixed" it with freshclam. As per the final section, main.cvd,
>> daily.cld and bytecode.cld are now up to date.
>>
>> If /var/clamav/*broken bothers you, then delete it/them.
>>
>> # rm /var/clamav/*broken
>>
>> # ls /var/clamav/
>> bytecode.cld daily.cld main.cvd mirrors.dat
>>
>>
>> At least on my EL6 systems, those satisfy clamd.
>>
>> # service clamd restart
>> Stopping Clam AntiVirus Daemon: [ OK ]
>> Starting Clam AntiVirus Daemon: [ OK ]
>>
>>
>> Steve
>>
>
> Then main.cld is a surplus file now? I didn't know that!
>
> {^_^}
>

There seems to be two formats for the database files, .cld and .cvd.

It doesn't seem to matter which you have, so just delete one or the 
other. IIRC having both causes some log file noise.

On my system I have:

$ ls /var/clamav/
bytecode.cld  daily.cld  main.cld  mirrors.dat

and after each update to clamav from rpmforge I manually remove the 
*.cvd files in stalled from clamav-db:

rm /var/clamav/*.cvd

and restart the clamd service.

I guess the real questions here are why there are two formats, which is 
preferable and why, and can we get the packaged version to deliver only 
the preferred format.

To date it's not bothered me enough to go looking for the answers to 
those questions so long as my workaround above seems to work :-)

Anyway, this discussion would all be better placed on the rpmforge 
mailing lists rather than here as it's not an SL issue.

ATOM RSS1 RSS2