Clamav linux обновление баз
С 2022 года проект ограничил подключения из России к своим серверам для обновления антивирусных баз ClamAV. Рассказываем как обновить ClamAV из России.
После того, как ClamAV закрыл доступ, при попытке соединения с https://database.clamav.net поступает HTTP-ошибка 403 – доступ запрещён.
Fri Apr 14 10:18:43 2023 -> ^Can't download main.cvd from https://database.clamav.net/main.cvd Fri Apr 14 10:18:43 2023 -> ^FreshClam received error code 403 from the ClamAV Content Delivery Network (CDN). Fri Apr 14 10:18:43 2023 -> !Database update process failed: Forbidden; Blocked by CDN Fri Apr 14 10:18:43 2023 -> !Update failed.
С российских IP запрещён доступ не только к обновлениям, но ко всему домену clamav.net
Как обновить ClamAV в этом случае?
Вариант 1
root@unlix:~# systemctl stop clamav-freshclam
Скачайте через Tor или VPN файлы:
http://database.clamav.net/main.cvd
http://database.clamav.net/daily.cvd
http://database.clamav.net/bytecode.cvd
Поместите их в директорию /var/lib/clamav/
Перезапустите сервис ClamAV (хотя не обязательно)
root@unlix:~# systemctl start clamav-freshclam
Вариант 2
Обновление баз ClamAV, российское зеркало TENDENCE
К сожалению, известное российское зеркало ClamAV теперь требует купить подписку на обновления. После оплаты Вы получите ссылки на обновления. Тогда можно будет проделать следующие шаги.
Либо скачать последние обновления антивирусных баз можно с российского зеркала (ClamAV mirror) и положить их в /var/lib/clamav/:
https://tendence.ru/clamav/main.cvd
https://tendence.ru/clamav/daily.cvd
https://tendence.ru/clamav/bytecode.cvd
Либо для автоматического обновления следует добавить в конфигурационный файл /etc/clamav/freshclam.conf строки:
PrivateMirror https://tendence.ru/clamav ScriptedUpdates no
Вариант 3
Рабочее зеркало обновления на UNLIX.ru через bash скрипт.
Создайте (либо скачайте ) скрипт:
root@unlix:~# vim ./update_clamav.sh
Поместите в него следующее содержимое и сохраните:
#!/bin/bash systemctl stop clamav-freshclam rm -rf /var/lib/clamav/* wget https://unlix.ru/clamav/main.cvd -O /var/lib/clamav/main.cvd wget https://unlix.ru/clamav/daily.cvd -O /var/lib/clamav/daily.cvd wget https://unlix.ru/clamav/bytecode.cvd -O /var/lib/clamav/bytecode.cvd
Добавьте задание в cron для еженедельного обновления:
Добавьте туда строчку и сохраните:
0 0 * * 0 root /root/update_clamav.sh
Теперь Ваш ClamAV будет обновляться даже с российских IP совершенно бесплатно.
Убедительная просьба не устанавливать частоту обновления чаще, чем раз в неделю.
Если Вы хотите поблагодарить команду UNLIX и поддержать проект и раздачу обновлений ClamAV, то можете перевести немножко рублей (в меру своей благодарности) на оплату за хостинга:
How to update ClamAV definitions database?
How can I update Clam Antivirus via the terminal? I already have installed clamav , but I want to know how can I update the virus database.
AFAIK, there is no need to use this command in Ubuntu, the clam virus database is automatically updated. If you execute it you’ll get an error such as ERROR: /var/log/clamav/freshclam.log is locked by another process
To force the daily update to happen on-demand, you can stop the service & update & then restart it: $ service clamav-freshclam stop and then: $ sudo freshclam and again, $ service clamav-freshclam start
5 Answers 5
To update the ClamAV database do sudo freshclam .
NAME freshclam - update virus databases SYNOPSIS freshclam [options] DESCRIPTION freshclam is a virus database update tool for ClamAV. For offline update, you can also directly download virus definition from database: main, daily and then put them into /var/lib/clamav (remove old files).
ERROR: Can’t open /var/log/clamav/freshclam.log in append mode (check permissions!). ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
@AaronFranke, this has solved the problem. askubuntu.com/a/909276/118354 For me, it was due to GUI of ClamAv was open. sudo lsof /var/log/clamav/freshclam.log said that. I killed the process using sudo pkill -15 -x freshclam . Problem solved.
Run sudo apt-get install clamav .
Once ClamAv is installed you can set up a script for right click virus scanning in Nautilus.
To update the virus database, open a terminal and enter the following command:
To automate this update you can set up a cron job. I’ll show how to update the virus database every day at 8:57 AM. First, open the terminal and su to root.
Now you need to modify the crontab for the root user.
This opens the root crontab file in the nano text editor. Add the following line
to the crontab and then hit Ctrl + X to exit. Answer yes when prompted to save the file.
Presently, the clamav-freshclam service takes care of updating the definitions (as of 15.04 for sure, possibly as early as 12.04). For Nautilus integration, install clamtk-nautilus (and restart nautilus)
@michael I agree, see user846226’s answer. It seems that there is a process /usr/bin/freshclam -d —foreground=true is running that updates once an hour. Running freshclam even returns an error because the freshclam’s logfile is locked.
@zonksoft Indeed with the latest versions of ClamAV and Freshclam under Debian/Ubuntu the process automatically updates the database periodically. No need to do anything manual anymore.
The right way to go is to edit freshclam.conf and add the number of dayly Checks you want
vim /etc/clamav/freshclam.conf Checks 24 ##Notify clamd to reload it self NotifyClamd /etc/clamav/clamd.conf @AlexisWilke It should be noted that it doesn’t — that line is commented out in the config file, but can be enabled if you wish
@AlexisWilke I guess that’s what I get for assuming the package on Ubuntu would be the same as Manjaro. (Did a fresh install yesterday on Manjaro 17.1.) I agree, 24/day is a little over the top
How to update clamtk (all steps) / clamav (steps 1-3)
NOTE: Read each line before you willy nilly start typing things in Terminal to understand what you are doing to the system.
- Remove potentially bad AV installations:
sudo apt-get remove clamav clamtk freshclam sudo apt-get autoremove sudo apt-get install clamav -y # *(Terminal Version)* sudo apt-get install clamtk -y # *(GUI version)* sudo freshclam # *(takes ~30 minutes to download definitions)* - toggle «manual» update option and click apply and «back»
- toggle «automatic» update option and click apply and «back». You should now see updated definition count
- toggle desired directory you want scanned. For system scan, I toggled the entire system (not just /root or /usr ).
- Click scan and a progress box will appear.
Final Note: typing the phrase clamav —help gives some hints. -y is the same thing as saying yes to installing all dependencies for package. If -y causes issues then exclude and manually press y key when prompted.
This is what I had to do to get clam working, perhaps a glitch for both clamtk and clamav (problem with both). Hope this helps someone else!