4

I'm running a CentOS freash out of Azure, with ClamAV installed on it, by running the following commands:

  yum install -y epel-release
  yum install -y clamav

When installed, I'm running the following command to update the various databases: freshclam

I get the following output (Last part of the output):

Time: 0.1s, ETA: 0.0s [=============================>] 657.84KiB/657.84KiB
Downloading database patch # 25864...
Time: 0.2s, ETA: 0.0s [=============================>] 992.77KiB/992.77KiB
Downloading database patch # 25865...
Time: 0.1s, ETA: 0.0s [=============================>] 903.99KiB/903.99KiB
Testing database: '/var/lib/clamav/tmp.628c5/clamav-a8e48a60b669aa6a0211c18d734f61be.tmp-daily.cld'     ...
ERROR: Database load killed by signal 9
ERROR: Database test FAILED.
ERROR: Unexpected error when attempting to update database: daily
WARNING: fc_update_databases: fc_update_database failed: Test failed (8)
ERROR: Database update process failed: Test failed (8)
ERROR: Update failed.

I find it weird that no other has had the same issue using the distro, as I have not any super specific steps, just followed steps from the page. Hope someone is able to help me...

emilrn
  • 103
  • 2
  • 9

2 Answers2

0

I have the simmilar OS in my environment, I got everything to work by running the below commands:

    yum install -y -q  epel-release
    yum install -y -q clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd

    setsebool -P antivirus_can_scan_system 1

    sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf
    sed -i -e "s/^Example/#Example/" /etc/freshclam.conf

    sed -i 's/^#LocalSocket \/run\/clamd.scan\/clamd.soc/LocalSocket \/run\/clamd.scan\/clamd.soc/' /etc/clamd.d/scan.conf

    freshclam

    systemctl enable clamav-freshclam.service
    systemctl start clamav-freshclam.service
    systemctl enable clamd@scan
    systemctl start clamd@scan

Note: If freshclam still won't update the database, it might be that your host does not have enough ram (try with at least 1,5GB of ram)

emilrn
  • 103
  • 2
  • 9
0

From QNAP:

..."ERROR: Database load killed by signal 9" or "ERROR: Failed to load new database", this is caused by the specification of the memory in the NAS, which is not big enough to extract the growing size of the Antivirus definition nowadays.

I'm not sure how NAS applies to different Linux distros and installations, but this isssue comes from having insufficient RAM available.

This GitHub thread also describes the same basic problem:

Suggestion: add a note to the release notes, something along the lines of:

"For users who want to use clamav antivirus, and update the virus definitions data with the freshclam command, and most of you will, for antivirus updates to work without error/fail, you'll require a minimum system RAM of between 512MB (Ubuntu 16.04) and 2GB (CentOS 8), depending on linux distribution and which other services you have enabled. Lesson, ClamAV uses a lot of RAM."

I've used systemctl stop on most of the services installed after the server was setup, like Apache, MySQL, Postfix, etc.

You can get a list of services with:

systemctl list-units --type=service --state=active

Then, assuming nginx, httpd, named, mariadb, postfix, dovecot something like:

systemctl stop nginx httpd named mariadb postfix dovecot

freshclam; wait

systemctl stop nginx httpd named mariadb postfix dovecot

Try it and see if it works. These days tho, ClamAV may require a lot of RAM, and this may still not be enough.

Jesse
  • 333
  • 4
  • 14