Solved

ClamAV Error starting clamav virus database updater: freshclamERROR this tool requires libclamav with functionality level 69 or higher

Posted on 2013-05-14
12
2,566 Views
Last Modified: 2013-11-22
I have a Debian server that has ClamAV installed. I am getting the following error with the Cron job:

ClamAV Error starting clamav virus database updater: freshclamERROR this tool requires libclamav with functionality level 69 or higher

Any ideas? I have run aptitude update and made sure all of my packages are current.

Thanks
0
Comment
Question by:CCB-Tech
12 Comments
 
LVL 30

Expert Comment

by:Kerem ERSOY
ID: 39167171
Hi,

will you post the output of

ls -al ilbclamav* /usr/local/lib

here? It  seems that you have references to your old libraries are in the /usr/local/lib. Also try to tun ldconfig and see if you contiune to get the error.

Cheers,
K
0
 
LVL 39

Expert Comment

by:noci
ID: 39167567
Are you sure it talks about 69?

Currently their version number is 0.97.???
what version do you have?
0
 

Author Comment

by:CCB-Tech
ID: 39171995
Yes it references both 68 and 69. Okay here is the output:

:~# ls -al ilbclamav* /usr/local/lib
ls: cannot access ilbclamav*: No such file or directory
/usr/local/lib:
total 1688
drwxrwsr-x  5 root staff    4096 Jul 18  2012 .
drwxrwsr-x 10 root staff    4096 Apr 23  2010 ..
-rw-r--r--  1 root staff 1176920 May 23  2011 libgmp.a
-rwxr-xr-x  1 root staff     917 May 23  2011 libgmp.la
lrwxrwxrwx  1 root staff      16 May 23  2011 libgmp.so -> libgmp.so.10.0.2
lrwxrwxrwx  1 root staff      16 May 23  2011 libgmp.so.10 -> libgmp.so.10.0.2
-rwxr-xr-x  1 root staff  515492 May 23  2011 libgmp.so.10.0.2
drwxrwsr-x  4 root staff    4096 Jul 18  2012 perl
drwxrwsr-x  3 root staff    4096 Jul 18  2012 python2.5
drwxrwsr-x  4 root staff    4096 Jul 18  2012 python2.6

I ran that command but it didn't help. Also, after rebooting the server I found that it has a sister error before this error that I missed last time:

Starting ClamAV daemon: clamd ERROR: This tool requires libclamav with functionality level 69 or higher (current f-level: 68)

Also, I'm not entirely sure what version is on here. How would I find out for sure?

Thanks!
0
 
LVL 27

Expert Comment

by:serialband
ID: 39172188
What happens when you type freshclam?  Does it update your clamav update?

The error is just a warning that your clamav is getting old.  You should still be able to download the updated signatures.  It suggests that you'll need to delete the default debian clamav and manually install a new one from source, or you need to update the apt repository that you're loading updates from.
0
 
LVL 39

Assisted Solution

by:noci
noci earned 500 total points
ID: 39175954
clamconf  maight give better insight in what you have.
just run the program 'clamconf'
0
 

Author Comment

by:CCB-Tech
ID: 39207926
Here is the output of FreshClam:

ERROR: This tool requires libclamav with functionality level 69 or higher (current f-level: 68)

Here is the output of ClamConf:

Checking configuration files in /etc/clamav

Config file: clamd.conf
-----------------------
LogFile = "/var/log/clamav/clamav.log"
LogFileUnlock disabled
LogFileMaxSize = "4294967295"
LogTime = "yes"
LogClean disabled
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
ExtendedDetectionInfo = "yes"
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory disabled
DatabaseDirectory = "/var/lib/clamav"
OfficialDatabaseOnly disabled
LocalSocket = "/var/run/clamav/clamd.ctl"
LocalSocketGroup = "clamav"
LocalSocketMode = "666"
FixStaleSocket = "yes"
TCPSocket disabled
TCPAddr disabled
MaxConnectionQueueLength = "15"
StreamMaxLength = "26214400"
StreamMinPort = "1024"
StreamMaxPort = "2048"
MaxThreads = "12"
ReadTimeout = "180"
CommandReadTimeout = "5"
SendBufTimeout = "200"
MaxQueue = "100"
IdleTimeout = "30"
ExcludePath disabled
MaxDirectoryRecursion = "15"
FollowDirectorySymlinks disabled
FollowFileSymlinks disabled
CrossFilesystems = "yes"
SelfCheck = "3600"
VirusEvent disabled
ExitOnOOM disabled
Foreground disabled
Debug disabled
LeaveTemporaryFiles disabled
User = "clamav"
AllowSupplementaryGroups = "yes"
Bytecode = "yes"
BytecodeSecurity = "TrustSigned"
BytecodeTimeout = "60000"
BytecodeUnsigned disabled
BytecodeMode = "Auto"
DetectPUA disabled
ExcludePUA disabled
IncludePUA disabled
AlgorithmicDetection = "yes"
ScanPE = "yes"
ScanELF = "yes"
DetectBrokenExecutables disabled
ScanMail = "yes"
ScanPartialMessages disabled
PhishingSignatures = "yes"
PhishingScanURLs = "yes"
PhishingAlwaysBlockCloak disabled
PhishingAlwaysBlockSSLMismatch disabled
HeuristicScanPrecedence disabled
StructuredDataDetection disabled
StructuredMinCreditCardCount = "3"
StructuredMinSSNCount = "3"
StructuredSSNFormatNormal = "yes"
StructuredSSNFormatStripped disabled
ScanHTML = "yes"
ScanOLE2 = "yes"
OLE2BlockMacros disabled
ScanPDF = "yes"
ScanArchive = "yes"
ArchiveBlockEncrypted disabled
MaxScanSize = "104857600"
MaxFileSize = "26214400"
MaxRecursion = "16"
MaxFiles = "10000"
ClamAuth disabled
ClamukoScanOnAccess disabled
ClamukoScannerCount = "3"
ClamukoScanOnOpen disabled
ClamukoScanOnClose disabled
ClamukoScanOnExec disabled
ClamukoIncludePath disabled
ClamukoExcludePath disabled
ClamukoExcludeUID disabled
ClamukoMaxFileSize = "5242880"
DevACOnly disabled
DevACDepth disabled
DevLiblog disabled

Config file: freshclam.conf
---------------------------
LogFileMaxSize = "4294967295"
LogTime = "yes"
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
PidFile = "/var/run/clamav/freshclam.pid"
DatabaseDirectory = "/var/lib/clamav"
Foreground disabled
Debug disabled
AllowSupplementaryGroups disabled
UpdateLogFile = "/var/log/clamav/freshclam.log"
DatabaseOwner = "clamav"
Checks = "24"
DNSDatabaseInfo = "current.cvd.clamav.net"
DatabaseMirror = "db.local.clamav.net", "database.clamav.net"
MaxAttempts = "5"
ScriptedUpdates = "yes"
TestDatabases = "yes"
CompressLocalDatabase disabled
ExtraDatabase disabled
DatabaseCustomURL disabled
HTTPProxyServer disabled
HTTPProxyPort disabled
HTTPProxyUsername disabled
HTTPProxyPassword disabled
HTTPUserAgent disabled
NotifyClamd = "/etc/clamav/clamd.conf"
OnUpdateExecute disabled
OnErrorExecute disabled
OnOutdatedExecute disabled
LocalIPAddress disabled
ConnectTimeout = "30"
ReceiveTimeout = "30"
SubmitDetectionStats disabled
DetectionStatsCountry disabled
DetectionStatsHostID disabled
SafeBrowsing disabled
Bytecode = "yes"

clamav-milter.conf not found

Software settings
-----------------
Version: 0.97.7-exp
WARNING: Version mismatch: libclamav=0.97.7-exp, clamconf=0.97.8
Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2 RAR JIT

Database information
--------------------
Database directory: /var/lib/clamav
bytecode.cld: version 214, sigs: 41, built on Wed Feb 13 09:29:15 2013
daily.cld: version 17206, sigs: 1249131, built on Tue May 14 04:58:21 2013
main.cld: version 54, sigs: 1044387, built on Tue Oct 11 09:34:20 2011
Total number of signatures: 2293559

Platform information
--------------------
uname: Linux 3.4.3 #2 SMP Mon Jun 18 16:29:04 CEST 2012 x86_64
OS: linux-gnu, ARCH: x86_64, CPU: x86_64
zlib version: 1.2.3.4 (1.2.3.4), compile flags: a9
Triple: x86_64-unknown-linux-gnu
CPU: penryn, Little-endian
platform id: 0x0a2144440804040501040405

Build information
-----------------
GNU C: 4.4.5 (4.4.5)
GNU C++: 4.4.5 (4.4.5)
CPPFLAGS:
CFLAGS: -g -O2 -Wall
CXXFLAGS: -g -O2 -Wall
LDFLAGS:
Configure: 'CFLAGS=-g -O2 -Wall' 'CPPFLAGS=' 'CXXFLAGS=-g -O2 -Wall' 'LDFLAGS=' '--build=x86_64-linux-gnu' '--prefix=/usr' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--disable-clamav' '--with-dbdir=/var/lib/clamav/' '--sysconfdir=/etc/clamav' '--enable-milter' '--disable-clamuko' '--with-gnu-ld' '--enable-dns-fix' '--disable-unrar' '--libdir=/usr/lib' '--with-system-tommath' '--without-included-ltdl' 'build_alias=x86_64-linux-gnu'
sizeof(void*) = 8
Engine flevel: 68, dconf: 68

Thanks!
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 39

Assisted Solution

by:noci
noci earned 500 total points
ID: 39208114
This part tells it:

WARNING: Version mismatch: libclamav=0.97.7-exp, clamconf=0.97.8

your libclamav is still the old version...
(effectively that's what does all the clam functionality).

0.97.7 implements engine 68
0.97.8 implements engine 69

to find all libclamav libraries use:   find / -name 'libclamav.so.*'
You should only find one path.
And if there are more active then the order in the paths is incorrect.

Is it possible that libclamav is a separate package that hasn't been updated?
0
 

Author Comment

by:CCB-Tech
ID: 39223209
This is the output of that command.

mailcleaner:~# find / -name 'libclamav.so.*'
/opt/clamav/lib/libclamav.so.6
/opt/clamav/lib/libclamav.so.6.1.16
/usr/mailcleaner/install/clamav-0.97/libclamav/.libs/libclamav.so.6.1.9
/usr/mailcleaner/install/clamav-0.97/libclamav/.libs/libclamav.so.6
/usr/lib/libclamav.so.6.1.17
/usr/lib/libclamav.so.6
/usr/clamav/lib/libclamav.so.6.1.9
/usr/clamav/lib/libclamav.so.6

It is possible that it is separate, given that the server is a MailCleaner server. It is possible that in trying to update the ClamAV install on it that I mistakenly installed a second one. If this is the case any advice on how to proceed?

Thanks
0
 
LVL 39

Assisted Solution

by:noci
noci earned 500 total points
ID: 39223810
so you have a mix of 3 versions of clamav.....
library version 6.1.9, 6.1.16 (probably the version used) and 6.1.17 newest version.
My guess is that everything will work better when you remove the old versions.


/usr/clamav/lib/libclamav.so.6.1.9
/usr/clamav/lib/libclamav.so.6
/opt/clamav/lib/libclamav.so.6
/opt/clamav/lib/libclamav.so.6.1.16
/usr/mailcleaner/install/clamav-0.97/libclamav/.libs/libclamav.so.6.1.9
/usr/mailcleaner/install/clamav-0.97/libclamav/.libs/libclamav.so.6

maybe you can find out which package installed one of the above and remove the whole package, then all other files for that package are removed too.
0
 

Author Comment

by:CCB-Tech
ID: 39318977
What would be the best way to remove a particular version?

Thanks,
0
 
LVL 39

Accepted Solution

by:
noci earned 500 total points
ID: 39322437
I think the best would be to remove all neatly installed clamav packages, then remove all remaining items, and then reinstall the latest version.

That way you will keep the installation repository in shape, remove all old versions and then you can install a correct version.

Also check with your packer (rpm -ql  for rpm) which files are installed, similar files may be laying around on the filsystem too. other files like the clamscan program itself or the updater  and or daemon.

You may want to retain the config file.(/etc/....)
0
 

Author Closing Comment

by:CCB-Tech
ID: 39370944
Thanks for all the help! I'm going to try removing some of the packages when I am able.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

In my business, I use the LTS (Long Term Support) versions of Linux. My workstations do real work, and so I rarely have the patience to deal with silly problems caused by an upgraded kernel that had experimental software on it to begin with from a r…
Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now