clamav update failed - default timeout needs a bump (upstream has bumped already)

Hi,
it seems to time out on you :-/

By default that should be done automatically in background by the service:

root@b:~# systemctl status clamav-freshclam.service
● clamav-freshclam.service - ClamAV virus database updater
   Loaded: loaded (/lib/systemd/system/clamav-freshclam.service; enabled; vendor preset: enabled)
   Active: active (running) since Fri 2020-03-06 10:20:51 UTC; 3min 6s ago
     Docs: man:freshclam(1)
           man:freshclam.conf(5)
           https://www.clamav.net/documents
 Main PID: 22378 (freshclam)
    Tasks: 1 (limit: 4915)
   CGroup: /system.slice/clamav-freshclam.service
           └─22378 /usr/bin/freshclam -d --foreground=true

Mar 06 10:21:11 b freshclam[22378]: Fri Mar 6 10:21:11 2020 -> daily.cvd updated (version: 25742, sigs: 2208177, f-level: 63, builder: raynman)
Mar 06 10:21:11 b freshclam[22378]: Fri Mar 6 10:21:11 2020 -> main database available for download (remote version: 59)
Mar 06 10:21:28 b freshclam[22378]: Fri Mar 6 10:21:28 2020 -> Testing database: '/var/lib/clamav/tmp.0b342/clamav-ea8e6554afa4b49023af11272e09532f.tmp-main.cvd' ...
Mar 06 10:21:35 b freshclam[22378]: Fri Mar 6 10:21:35 2020 -> Database test passed.
Mar 06 10:21:35 b freshclam[22378]: Fri Mar 6 10:21:35 2020 -> main.cvd updated (version: 59, sigs: 4564902, f-level: 60, builder: sigmgr)
Mar 06 10:21:35 b freshclam[22378]: Fri Mar 6 10:21:35 2020 -> bytecode database available for download (remote version: 331)
Mar 06 10:21:35 b freshclam[22378]: Fri Mar 6 10:21:35 2020 -> Testing database: '/var/lib/clamav/tmp.0b342/clamav-7daed3263eb26f753d70cec595669ca0.tmp-bytecode.cvd' ...
Mar 06 10:21:36 b freshclam[22378]: Fri Mar 6 10:21:36 2020 -> Database test passed.
Mar 06 10:21:36 b freshclam[22378]: Fri Mar 6 10:21:36 2020 -> bytecode.cvd updated (version: 331, sigs: 94, f-level: 63, builder: anvilleg)
Mar 06 10:21:36 b freshclam[22378]: Fri Mar 6 10:21:36 2020 -> !NotifyClamd: Can't find or parse configuration file /etc/clamav/clamd.conf

And its full log (could be usefull to attach that to the bug) would look like:
root@b:~# journalctl -u clamav-freshclam.service
-- Logs begin at Tue 2019-12-17 08:53:23 UTC, end at Fri 2020-03-06 10:23:51 UTC. --
Mar 06 10:20:51 b systemd[1]: clamav-freshclam.service: Failed to reset devices.list: Operation not permitted
Mar 06 10:20:51 b systemd[1]: Started ClamAV virus database updater.
Mar 06 10:20:51 b freshclam[22378]: Fri Mar 6 10:20:51 2020 -> ClamAV update process started at Fri Mar 6 10:20:51 2020
Mar 06 10:20:51 b systemd[1]: clamav-freshclam.service: Failed to reset devices.list: Operation not permitted
Mar 06 10:20:51 b systemd[1]: clamav-freshclam.service: Failed to reset devices.list: Operation not permitted
Mar 06 10:20:53 b freshclam[22378]: Fri Mar 6 10:20:53 2020 -> daily database available for download (remote version: 25742)
Mar 06 10:21:04 b freshclam[22378]: Fri Mar 6 10:21:04 2020 -> Testing database: '/var/lib/clamav/tmp.0b342/clamav-d27d67a14d4730fa24f41ecf9e5e83a8.tmp-daily.cvd' ...
Mar 06 10:21:11 b freshclam[22378]: Fri Mar 6 10:21:11 2020 -> Database test passed.
Mar 06 10:21:11 b freshclam[22378]: Fri Mar 6 10:21:11 2020 -> daily.cvd updated (version...

hi christian

yes by default it should be done automatically in the background & it used to but not since the last month now.

for the manual update i do > sudo systemctl stop clamav-freshclam > sudo freshclam

i did this because clamtk reported signatures out of date & clamscan -V did not give me the latest signature version with the date as it used to.

this fix provided here solves the problem, please do have a look :

https://gitlab.com/dave_m/clamtk/issues/90

i have been with bionic ever since it was released & have had the same internet connection but never faced this issue earlier.

the same computer, the same internet connection but with debian buster installed clamav & clamtk have absolutely no issues.

for your reference here is my ubuntu bionic freshclam.conf :

https://postimg.cc/GHtX3nNZ

for your reference here is the debian buster freshclam.conf :

https://postimg.cc/RJ9QrM3p

i will bump the default 30 second timeout to 300 & report back.

hi!

did a fresh install of ubuntu 18.04.4, updated the software & did a restart.
next i installed clamav & clamtk but clamav would not update the signatures in the background by default as it should so i edited freshclam.conf & bumped the default 30 second ConnectTimeout & ReceiveTimeout to 300 as shown by you & the update was done.

just out of curiosity i did a fresh install again, did a software update, restarted & installed clamav & clamtk.

clamav would not update the signatures in the background by default as it should so i edited freshclam.conf but this time instead of bumping both ConnectTimeout & ReceiveTimeout to 300 i copied from the debian freshclam.conf & only edited the ReceiveTimeout to 0 & restarted.

after a few minutes when i checked with clamscan -V it showed me the latest signature version with date & time as it always did before > ClamAV 0.102.2/25744/Sat Mar 7 19:46:15 2020
clamav had done the update automatically in the background.

for your reference here is =

the default ubuntu bionic 18.04.4 freshclam.conf :

https://postimg.cc/GHtX3nNZ

the default debian buster 10.3 freshclam.conf :

https://postimg.cc/RJ9QrM3p

the edited ubuntu bionic 18.04.4 freshclam.conf :

https://postimg.cc/GBRzC0m6

what i understand is that the problem is only with the 30 second default RecieveTimeout in freshclam.conf but i guess you would know better.

please look into it & do the needful.

The version of clamav in focal has the required fix:

clamav-gu$ grep ReceiveTimeout shared/optparser.c
    {"ReceiveTimeout", NULL, 0, CLOPT_TYPE_NUMBER, MATCH_NUMBER, 0, NULL, 0, OPT_FRESHCLAM, "Timeout in seconds when reading from database server.", "0"},

Full patch as landed upstream is:
https://github.com/Cisco-Talos/clamav-devel/commit/2fd28e1d09f6a563564b61923e62338308e44466

thanks bryce.