ClamAv Update on OpenBSD Box
Updated my ClamAv today from version 0.95.2 to 0.95.3
and luckily read the warning about needing to patch it
on the download page at:
Clam AntiVirus
There’s a link there to download the diff. I downloaded
everything, then ran gpg against the file and signature
file to verify:
gpg –verify clamav-0.95.3.tar.gz.sig clamav-0.95.3.tar.gz
gpg: Signature made Wed Oct 28 10:59:38 2009 CDT using DSA key ID 985A444B
gpg: Good signature from “Tomasz Kojm ”
gpg: aka “Tomasz Kojm ”
gpg: aka “Tomasz Kojm ”
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 0DCA 5A08 407D 5288 279D B434 5482 2DC8 985A 444B
After that, cd /usr/ports/mystuff/ and do:
sudo tar xzvf /path/to/clamav-0.95.3.tar.gz
Next, I needed to uninstall the old version, but first I
had to stop the daemon running:
ps auxw grep clamd
sudo kill PID#
Then:
cd clamav-0.95.2
sudo ./configure
sudo make uninstall
There’s a warning in the docs about old librairies
and file versions on your system:
Caveats:
1) Make sure that you haven’t got old libraries (libclamav.so)
lying around your filesystem. You can verify it using:
$ ldd `which freshclam`
/usr/local/bin/freshclam:
Start End Type Open Ref GrpRef Name
1c000000 3c011000 exe 1 0 0 /usr/local/bin/freshclam
0470f000 24744000 rlib 0 1 0 /usr/local/lib/libclamav.so.6.5
022d7000 222db000 rlib 0 2 0 /usr/local/lib/libbz2.so.10.4
07d8b000 27d93000 rlib 0 2 0 /usr/lib/libz.so.4.1
0cd94000 2cd9d000 rlib 0 1 0 /usr/lib/libpthread.so.11.0
0c104000 2c13a000 rlib 0 1 0 /usr/lib/libc.so.48.0
05e7e000 05e7e000 rtld 0 1 0 /usr/libexec/ld.so
With my previous version of Clamav I had the file
/usr/local/lib/libclamav.so.6.4 but the uninstall
removed it okay.
More warnings:
2) Also make sure there is only one version of ClamAv
on your system.
3) whereis freshclam
4) whereis clamscan
In case anything went wrong I saved my old configuration
files in /usr/local/etc renaming them. Then:
cd /usr/ports/mystuff/clamav-0.95.3/
cp /path/to/patch-0.95.3-bug1737.diff .
sudo patch -p1
After everything built and installed successfully, all that
was left to do was go back into /usr/local/etc and configure
clamd.conf and freshclam.conf, then restart the daemon:
sudo /usr/local/sbin/clamd
I want to stress like always that it pays to read
documentation. Where you want your TemporaryDirectory,
where you want your LocalSocket and DatabaseDirectory
and so on. Same goes for your freshclam settings.
READ THE DOCS!
If you’re going to go through all the above to have
Clamav on your system, then you’re probably going
to want to start it when your system boots. I’ve got
the following in /etc/rc.local:
if [ -x /bin/mkdir ]; then
/bin/mkdir /tmp/clamd && chown clamav:clamav /tmp/clamd
fi
if [ -x /usr/local/sbin/clamd ]; then
/usr/local/sbin/clamd
fi
I do the above mkdir along with the ownership thing
since my sytem cleans out /tmp on reboot. It’s set in
/etc/rc.conf.local:
clear_tmp_enable=”YES” # clear /tmp on reboot
Cheers!
and luckily read the warning about needing to patch it
on the download page at:
Clam AntiVirus
There’s a link there to download the diff. I downloaded
everything, then ran gpg against the file and signature
file to verify:
gpg –verify clamav-0.95.3.tar.gz.sig clamav-0.95.3.tar.gz
gpg: Signature made Wed Oct 28 10:59:38 2009 CDT using DSA key ID 985A444B
gpg: Good signature from “Tomasz Kojm ”
gpg: aka “Tomasz Kojm ”
gpg: aka “Tomasz Kojm ”
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 0DCA 5A08 407D 5288 279D B434 5482 2DC8 985A 444B
After that, cd /usr/ports/mystuff/ and do:
sudo tar xzvf /path/to/clamav-0.95.3.tar.gz
Next, I needed to uninstall the old version, but first I
had to stop the daemon running:
ps auxw grep clamd
sudo kill PID#
Then:
cd clamav-0.95.2
sudo ./configure
sudo make uninstall
There’s a warning in the docs about old librairies
and file versions on your system:
Caveats:
1) Make sure that you haven’t got old libraries (libclamav.so)
lying around your filesystem. You can verify it using:
$ ldd `which freshclam`
/usr/local/bin/freshclam:
Start End Type Open Ref GrpRef Name
1c000000 3c011000 exe 1 0 0 /usr/local/bin/freshclam
0470f000 24744000 rlib 0 1 0 /usr/local/lib/libclamav.so.6.5
022d7000 222db000 rlib 0 2 0 /usr/local/lib/libbz2.so.10.4
07d8b000 27d93000 rlib 0 2 0 /usr/lib/libz.so.4.1
0cd94000 2cd9d000 rlib 0 1 0 /usr/lib/libpthread.so.11.0
0c104000 2c13a000 rlib 0 1 0 /usr/lib/libc.so.48.0
05e7e000 05e7e000 rtld 0 1 0 /usr/libexec/ld.so
With my previous version of Clamav I had the file
/usr/local/lib/libclamav.so.6.4 but the uninstall
removed it okay.
More warnings:
2) Also make sure there is only one version of ClamAv
on your system.
3) whereis freshclam
4) whereis clamscan
In case anything went wrong I saved my old configuration
files in /usr/local/etc renaming them. Then:
cd /usr/ports/mystuff/clamav-0.95.3/
cp /path/to/patch-0.95.3-bug1737.diff .
sudo patch -p1
After everything built and installed successfully, all that
was left to do was go back into /usr/local/etc and configure
clamd.conf and freshclam.conf, then restart the daemon:
sudo /usr/local/sbin/clamd
I want to stress like always that it pays to read
documentation. Where you want your TemporaryDirectory,
where you want your LocalSocket and DatabaseDirectory
and so on. Same goes for your freshclam settings.
READ THE DOCS!
If you’re going to go through all the above to have
Clamav on your system, then you’re probably going
to want to start it when your system boots. I’ve got
the following in /etc/rc.local:
if [ -x /bin/mkdir ]; then
/bin/mkdir /tmp/clamd && chown clamav:clamav /tmp/clamd
fi
if [ -x /usr/local/sbin/clamd ]; then
/usr/local/sbin/clamd
fi
I do the above mkdir along with the ownership thing
since my sytem cleans out /tmp on reboot. It’s set in
/etc/rc.conf.local:
clear_tmp_enable=”YES” # clear /tmp on reboot
Cheers!
Labels: clamav update, openbsd, patching, security
posted by Dennyboy at 10/31/2009 10:44:00 PM
0 Comments:
Post a Comment
<< Home