clamscan not working after dist-upgrade from 14.04 to 16.04

Hi,
thank you for your report.
I tried to recreate with:

1. take Trusty container
2. install clamav
3. wait until freshclam had chance to create the initial DB
4. run clamscan -r /
  ----------- SCAN SUMMARY -----------
  Known viruses: 5051511
  Engine version: 0.99.2
  Scanned directories: 7205
  Scanned files: 25302
  Infected files: 0
  Total errors: 23005
  Data scanned: 725.82 MB
  Data read: 1766.04 MB (ratio 0.41:1)
  Time: 78.221 sec (1 m 18 s)
5. Upgrade to Xenial
6. run clamscan -r / again - working fine still
  Known viruses: 5051511
  Engine version: 0.99.2
  Scanned directories: 7885
  Scanned files: 28979
  Infected files: 0
  Total errors: 23191
  Data scanned: 1224.57 MB
  Data read: 2206.23 MB (ratio 0.56:1)
  Time: 107.607 sec (1 m 47 s)

Might the actual DB that freshclam synced have been broken - although rare that happened in the past.

For the sake of retrying you could
1. just re-run freshclam and retry
2. uninstall clamav and freshclam with --purge
3. delet all in /usr/local/share/clamav/*
4. install it again and check if the issue went away.

I expect you to still hit the issue as you almost did that already, but it would be nice to make sure that even in that case the issue persists.

Finally your freshclam.log from before the cleanup retry as well as after it might help to shed some light.

Hi Christian,

I proceed with your steps and purged, reinstalled clamav again on the broken system without success.

LibClamAV Error: cli_tgzload: Unknown type flag 's'
LibClamAV Error: Can't load /var/lib/clamav/daily.cvd: Malformed database
ERROR: Malformed database

----------- SCAN SUMMARY -----------
Known viruses: 0
Engine version: 0.99.2
Scanned directories: 0
Scanned files: 0
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 0.060 sec (0 m 0 s)

My freshclam.log did not give any helpful informations. I'm using an own clamav-mirror for our internal network. I also patched the init-script of freshclam service with param --no-dns, but the warning already exists:

Mon Nov 7 13:59:45 2016 -> --------------------------------------
Mon Nov 7 13:59:45 2016 -> freshclam daemon 0.99.2 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Mon Nov 7 13:59:45 2016 -> ClamAV update process started at Mon Nov 7 13:59:45 2016
Mon Nov 7 13:59:45 2016 -> WARNING: Can't query current.cvd.clamav.net
Mon Nov 7 13:59:45 2016 -> WARNING: Invalid DNS reply. Falling back to HTTP mode.
Mon Nov 7 13:59:46 2016 -> Downloading main.cvd [100%]
Mon Nov 7 13:59:57 2016 -> main.cvd updated (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
Mon Nov 7 13:59:57 2016 -> Downloading daily.cvd [100%]
Mon Nov 7 14:00:00 2016 -> daily.cvd updated (version: 22495, sigs: 840224, f-level: 63, builder: neo)
Mon Nov 7 14:00:00 2016 -> Downloading bytecode.cvd [100%]
Mon Nov 7 14:00:00 2016 -> bytecode.cvd updated (version: 283, sigs: 53, f-level: 63, builder: neo)
Mon Nov 7 14:00:04 2016 -> Database updated (5059067 signatures) from clamav-mirror (IP: 192.168.9.196)
Mon Nov 7 14:00:04 2016 -> Clamd successfully notified about the update.
Mon Nov 7 14:00:04 2016 -> --------------------------------------

@Jan

Thank you for your reply. I'm afraid I'm going to have to leave this bug as Incomplete, and it will not make any progress, as we have no steps to reproduce your issue.

> I'm using an own clamav-mirror for our internal network.

Could this be the cause of your problem?

If you do manage to find steps to reproduce your issue independently, then please post them here and change the bug status back to New.

What does it mean the error "LibClamAV Error: cli_tgzload: Unknown type flag 's'"

With some debugging, you can identify the problem, so you can catch this error in clamav?

In my logs from the clamav-webserver-mirror I find this clamav version information "ClamAV/0.98.7 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)"

@ Christian, tried to reproduce my bug report with a newer version of clamav

I find a simimlar system architecture "Welcome to Ubuntu 14.04.3 LTS (GNU/Linux 3.19.0-30-generic x86_64)". This system was plain installed from the Ubuntu LTS 14.04 ISO-Download without installed updates.

clamscan worked in this environment.

So i did the following steps and can reproduce the issue:

1. /etc/apt/sources.list expanded for "deb http://archive.ubuntu.com trusty-updates main restricted"
2. apt update
3. apt dist-upgrade

clamav is updates to 0.99.2 and worked.

4. do-release-upgrade

Without reboot, I testet clamscan again -> LibClamAV Error: cli_tgzload: Unknown type flag 's'

@Jan

We need steps to reproduce your issue on a fresh machine please. If the steps involve starting from one release and upgrading to another, that's fine. As long as we can see what to do from the very beginning.

[Expired for clamav (Ubuntu) because there has been no activity for 60 days.]