-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 El 2008-05-17 a las 11:20 +0200, Camaleón escribió:
El 17/05/08, Carlos E. R. escribió:
Eso me recuerda una duda: ¿y la base de datos? Porque a mi me está diciendo que la base de datos es antigua, luego debe de actualizarse por otro camino.
Eso debería hacerlo automáticamente el daemon clamd (/etc/clamd.conf):
*** # Perform a database check. # Default: 1800 (30 min) # SelfCheck 600 ***
Pues por lo visto, no lo hace; me sorprendió ver el aviso de que la base de datos tenía una antiguedad mayor de una semana. Lo gracioso es que ese mensaje no ha quedado registrado en el log :-? May 15 00:18:34 nimrodel clamd[28739]: SelfCheck: Database status OK. May 15 00:52:52 nimrodel clamd[28739]: SelfCheck: Database status OK. May 15 01:35:31 nimrodel clamd[28739]: SelfCheck: Database status OK. Ese es el autochequeo cada media hora. De hecho, no veo en el log la fecha de la base de datos cargada: /var/log/mail.debug-20080515.gz:May 13 13:46:30 nimrodel clamd[4839]: SelfCheck: Database status OK. 13:49:37 nimrodel clamd[28738]: clamd daemon 0.93 (OS: linux-gnu, ARCH: i386, CPU: i686) 13:49:37 nimrodel clamd[28738]: Running as user vscan (UID 65, GID 101) 13:49:37 nimrodel clamd[28738]: Log file size limited to 1048576 bytes. 13:49:37 nimrodel clamd[28738]: Reading databases from /var/lib/clamav 13:49:37 nimrodel clamd[28738]: Not loading PUA signatures. 13:49:42 nimrodel clamd[28738]: Loaded 248718 signatures. 13:49:42 nimrodel clamd[28738]: TCP: Bound to address 127.0.0.1 on port 3310 13:49:42 nimrodel clamd[28738]: TCP: Setting connection queue length to 15 13:49:42 nimrodel clamd[28738]: LOCAL: Removing stale socket file /var/run/clamav/clamd 13:49:42 nimrodel clamd[28738]: LOCAL: Unix socket file /var/run/clamav/clamd 13:49:42 nimrodel clamd[28738]: LOCAL: Setting connection queue length to 15 13:49:42 nimrodel clamd[28739]: Listening daemon: PID: 28739 13:49:42 nimrodel clamd[28739]: Limits: Global size limit set to 104857600 bytes. 13:49:42 nimrodel clamd[28739]: Limits: File size limit set to 26214400 bytes. 13:49:42 nimrodel clamd[28739]: Limits: Recursion level limit set to 16. 13:49:42 nimrodel clamd[28739]: Limits: Files limit set to 10000. 13:49:42 nimrodel clamd[28739]: Archive support enabled. 13:49:42 nimrodel clamd[28739]: Algorithmic detection enabled. 13:49:42 nimrodel clamd[28739]: Portable Executable support enabled. 13:49:42 nimrodel clamd[28739]: ELF support enabled. 13:49:42 nimrodel clamd[28739]: Mail files support enabled. 13:49:42 nimrodel clamd[28739]: OLE2 support enabled. 13:49:42 nimrodel clamd[28739]: PDF support enabled. 13:49:42 nimrodel clamd[28739]: HTML support enabled. 13:49:42 nimrodel clamd[28739]: Self checking every 1800 seconds. 14:20:49 nimrodel clamd[28739]: No stats for Database check - forcing reload 14:20:49 nimrodel clamd[28739]: Reading databases from /var/lib/clamav 14:20:56 nimrodel clamd[28739]: Database correctly reloaded (248718 signatures) 14:52:45 nimrodel clamd[28739]: SelfCheck: Database status OK.
Si ejecutas el comando "freshclam" también se actualizan.
Ese si: nimrodel:~ # rcfreshclam status Checking for Clam AntiVirus database update daemon running Fíjate que cuando lo arranqué ayer falla al tratar de descargar la base incremental porque es antigua: May 17 02:43:24 nimrodel freshclam[9428]: freshclam daemon 0.93 (OS: linux-gnu, ARCH: i386, CPU: i686) 02:43:24 nimrodel : ClamAV update process started at Sat May 17 02:43:24 2008 02:43:24 nimrodel : main.cvd is up to date (version: 46, sigs: 231834, f-level: 26, builder: sven) 02:43:25 nimrodel : getfile: daily-6689.cdiff not found on remote server (IP: 195.70.36.141) 02:43:25 nimrodel : getpatch: Can't download daily-6689.cdiff from database.clamav.net 02:43:25 nimrodel : getfile: daily-6689.cdiff not found on remote server (IP: 195.184.96.15) 02:43:25 nimrodel : getpatch: Can't download daily-6689.cdiff from database.clamav.net 02:43:25 nimrodel : connect_error: getsockopt(SO_ERROR): fd=4 error=113: No route to host 02:43:25 nimrodel : Can't connect to port 80 of host database.clamav.net (IP: 194.116.142.73) 02:43:25 nimrodel : Trying host database.clamav.net (195.184.96.15)... 02:43:25 nimrodel : getfile: daily-6689.cdiff not found on remote server (IP: 195.184.96.15) 02:43:25 nimrodel : getpatch: Can't download daily-6689.cdiff from database.clamav.net 02:43:25 nimrodel : Incremental update failed, trying to download daily.cvd 02:43:42 nimrodel : Downloading daily.cvd [100%] 02:43:42 nimrodel : daily.cvd updated (version: 7140, sigs: 57107, f-level: 26, builder: ccordes) 02:43:42 nimrodel : Database updated (288941 signatures) from database.clamav.net (IP: 193.19.98.136) 02:43:42 nimrodel : Clamd successfully notified about the update. 02:43:42 nimrodel : -------------------------------------- 11:14:11 nimrodel : Received signal: wake up 11:14:11 nimrodel : ClamAV update process started at Sat May 17 11:14:11 2008 11:14:12 nimrodel : main.cvd is up to date (version: 46, sigs: 231834, f-level: 26, builder: sven) 11:14:13 nimrodel : Downloading daily-7141.cdiff [100%] 11:14:13 nimrodel : daily.cld updated (version: 7141, sigs: 57107, f-level: 26, builder: ccordes) Ahora, es curioso que lo hagan con un daemon. ¿No usaría menos recursos una tarea en cron? O será por si falla :-? - -- Saludos Carlos E.R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFILqiftTMYHG2NR9URAm8DAJwJoXTF/HxXGOr4xIRgCsAlQ59F1QCfeJAj CKr5I2AnBwUEousEzcsBphM= =1hJe -----END PGP SIGNATURE-----