clamav icon indicating copy to clipboard operation
clamav copied to clipboard

Published 20 hours ago verified publisher icon Cisco-Talos

freshclam broken

Open Azaretdodo opened this issue 3 years ago • 7 comments

Describe the bug

sudo chown dorianrosse:root /var/log/freshclam.log
sudo chmod 751 /var/log/freshclam.log
sudo freshclam
ERROR: Can't open /var/log/freshclam.log in append mode (check permissions!).
ERROR: Problem with internal logger (UpdateLogFile = /var/log/freshclam.log).
ERROR: initialize: libfreshclam init failed.
ERROR: Initialization error!
freshclam
Sat Mar 19 14:39:42 2022 -> Current working dir is /var/lib/clamav/
Sat Mar 19 14:39:42 2022 -> Loaded freshclam.dat:
Sat Mar 19 14:39:42 2022 ->   version:    1
Sat Mar 19 14:39:42 2022 ->   uuid:       dfb07cc8-31f8-4a74-8e96-a57730ccb88a
Sat Mar 19 14:39:42 2022 -> ClamAV update process started at Sat Mar 19 14:39:42 2022
Sat Mar 19 14:39:42 2022 -> Current working dir is /var/lib/clamav/
Sat Mar 19 14:39:42 2022 -> Querying current.cvd.clamav.net
Sat Mar 19 14:39:42 2022 -> TTL: 220
Sat Mar 19 14:39:42 2022 -> fc_dns_query_update_info: Software version from DNS: 0.103.5
ERROR: Sat Mar 19 14:39:42 2022 -> Can't create temporary directory /var/lib/clamav/tmp.f9148858a6
Sat Mar 19 14:39:42 2022 -> Hint: The database directory must be writable for UID 1000 or GID 1000
ERROR: Sat Mar 19 14:39:42 2022 -> Update failed.
sudo chown clamav:adm /var/lib/clamav
 sudo chown 731 /var/lib/clamav
freshclam
Sun Mar 20 11:17:51 2022 -> Current working dir is /var/lib/clamav/
Sun Mar 20 11:17:51 2022 -> Loaded freshclam.dat:
Sun Mar 20 11:17:51 2022 ->   version:    1
Sun Mar 20 11:17:51 2022 ->   uuid:       dfb07cc8-31f8-4a74-8e96-a57730ccb88a
Sun Mar 20 11:17:51 2022 -> ClamAV update process started at Sun Mar 20 11:17:51 2022
Sun Mar 20 11:17:51 2022 -> Current working dir is /var/lib/clamav/
Sun Mar 20 11:17:51 2022 -> Querying current.cvd.clamav.net
Sun Mar 20 11:17:51 2022 -> TTL: 728
Sun Mar 20 11:17:51 2022 -> fc_dns_query_update_info: Software version from DNS: 0.103.5
ERROR: Sun Mar 20 11:17:51 2022 -> Can't create temporary directory /var/lib/clamav/tmp.f0a837f849
Sun Mar 20 11:17:51 2022 -> Hint: The database directory must be writable for UID 1000 or GID 1000
ERROR: Sun Mar 20 11:17:51 2022 -> Update failed.
sudo freshclam
ERROR: Can't open /var/log/freshclam.log in append mode (check permissions!).
ERROR: Problem with internal logger (UpdateLogFile = /var/log/freshclam.log).
ERROR: initialize: libfreshclam init failed.
ERROR: Initialization error!
sudo chown 731 /var/log/freshclam.log
sudo chown clamav:adm /var/log/freshclam.log
 sudo freshclam
Sun Mar 20 11:19:17 2022 -> Current working dir is /var/lib/clamav/
Sun Mar 20 11:19:17 2022 -> Loaded freshclam.dat:
Sun Mar 20 11:19:17 2022 ->   version:    1
Sun Mar 20 11:19:17 2022 ->   uuid:       dfb07cc8-31f8-4a74-8e96-a57730ccb88a
Sun Mar 20 11:19:17 2022 -> ClamAV update process started at Sun Mar 20 11:19:17 2022
Sun Mar 20 11:19:17 2022 -> Current working dir is /var/lib/clamav/
Sun Mar 20 11:19:17 2022 -> Querying current.cvd.clamav.net
Sun Mar 20 11:19:17 2022 -> TTL: 643
Sun Mar 20 11:19:17 2022 -> fc_dns_query_update_info: Software version from DNS: 0.103.5
ERROR: Sun Mar 20 11:19:17 2022 -> Can't create temporary directory /var/lib/clamav/tmp.93504dde28
Sun Mar 20 11:19:17 2022 -> Hint: The database directory must be writable for UID 129 or GID 137
ERROR: Sun Mar 20 11:19:17 2022 -> Update failed.
freshclam
ERROR: Can't open /var/log/freshclam.log in append mode (check permissions!).
ERROR: Problem with internal logger (UpdateLogFile = /var/log/freshclam.log).
ERROR: initialize: libfreshclam init failed.
ERROR: Initialization error!

freshclam is broken but clamscan use the last version :

----------- SCAN SUMMARY -----------
Known viruses: 8608351
Engine version: 0.105.0-rc
Scanned directories: 81064
Scanned files: 578155
Infected files: 63
Total errors: 27817
Not removed: 62
Data scanned: 27184.97 MB
Data read: 31558.27 MB (ratio 0.86:1)
Time: 7671.843 sec (127 m 51 s)
Start Date: 2022:03:19 14:42:44
End Date:   2022:03:19 16:50:36

How to reproduce the problem

sudo freshclam

Replace this text with the output from the ClamAV command: sudo clamconf -n Checking configuration files in /usr/local/etc

Config file: clamd.conf

LogFile = "/var/log/clamav.log" LogTime = "yes" PidFile = "/var/amavis/clamd.pid" DatabaseDirectory = "/var/clamav" LocalSocket = "/var/amavis/clamd" Foreground = "yes" *** AllowSupplementaryGroups is DEPRECATED ***

Config file: freshclam.conf

LogTime = "yes" LogSyslog = "yes" LogVerbose = "yes" LogRotate = "yes" DatabaseDirectory = "/var/lib/clamav" Debug = "yes" UpdateLogFile = "/var/log/freshclam.log" DatabaseMirror = "db.FR.clamav.net", "database.clamav.net" MaxAttempts = "5"

clamav-milter.conf not found

Software settings

Version: 0.105.0-rc Optional features supported: MEMPOOL AUTOIT_EA06 BZIP2 LIBXML2 PCRE2 ICONV JSON RAR

Database information

Database directory: /var/lib/clamav WARNING: freshclam.conf and clamd.conf point to different database directories main.cvd: version 62, sigs: 6647427, built on Thu Sep 16 14:32:42 2021 daily.cld: version 26486, sigs: 1976332, built on Sat Mar 19 09:21:07 2022 bytecode.cvd: version 333, sigs: 92, built on Mon Mar 8 16:21:51 2021 Total number of signatures: 8623851

Platform information

uname: Linux 5.13.0-35-generic #40~20.04.1-Ubuntu SMP Mon Mar 7 09:18:32 UTC 2022 x86_64 OS: Linux, ARCH: x86_64, CPU: x86_64 Full OS version: Ubuntu 20.04.4 LTS zlib version: 1.2.11 (1.2.11), compile flags: a9 platform id: 0x0a2196960800000000090400

Build information

GNU C: 9.4.0 (9.4.0) sizeof(void*) = 8 Engine flevel: 150, dconf: 150

Attachments

If applicable, add screenshots to help explain your problem.

If the issue is reproducible only when scanning a specific file, attach it to the ticket.

Azaretdodo avatar Mar 19 '22 13:03 Azaretdodo

Hey @Azaretdodo,

Did you try removing freshclam.log ?

Which user are you running with? Did you create a group for clamav?

Could you cat /var/log/freshclam.log? Does is exists?

mko-x avatar Mar 23 '22 20:03 mko-x

Hello,

I don't understand why but before freshclam.log was missing,

I am running freshclam with the user dorianrosse and sudo freshclam with the user root,

I will cat freshclam.log this weekend because the week I am not where there is the computer,

Have a nice week,

Thanks you in advance for your help,

Regards.

Dorian Rosse.

From: mko-x @.> Sent: Wednesday, March 23, 2022 9:04:54 PM To: Cisco-Talos/clamav @.> Cc: Azaretdodo @.>; Mention @.> Subject: Re: [Cisco-Talos/clamav] freshclam broken (Issue #511)

Hey @Azaretdodohttps://github.com/Azaretdodo,

Did you try removing freshclam.log ?

Which user are you running with? Did you create a group for clamav?

Could you cat /var/log/freshclam.log? Does is exists?

— Reply to this email directly, view it on GitHubhttps://github.com/Cisco-Talos/clamav/issues/511#issuecomment-1076769339, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHJN3IMIRCRHFT5PPJG74RLVBN2ONANCNFSM5REBETRA. You are receiving this because you were mentioned.Message ID: @.***>

Azaretdodo avatar Mar 23 '22 20:03 Azaretdodo

hello,

the answer of your line of command asked :

'''cat /var/log/freshclam.log Sat Mar 19 14:39:42 2022 -> -------------------------------------- Sat Mar 19 14:39:42 2022 -> Current working dir is /var/lib/clamav/ Sat Mar 19 14:39:42 2022 -> Loaded freshclam.dat: Sat Mar 19 14:39:42 2022 -> version: 1 Sat Mar 19 14:39:42 2022 -> uuid: dfb07cc8-31f8-4a74-8e96-a57730ccb88a Sat Mar 19 14:39:42 2022 -> ClamAV update process started at Sat Mar 19 14:39:42 2022 Sat Mar 19 14:39:42 2022 -> Current working dir is /var/lib/clamav/ Sat Mar 19 14:39:42 2022 -> Querying current.cvd.clamav.net Sat Mar 19 14:39:42 2022 -> TTL: 220 Sat Mar 19 14:39:42 2022 -> fc_dns_query_update_info: Software version from DNS: 0.103.5 Sat Mar 19 14:39:42 2022 -> ERROR: Can't create temporary directory /var/lib/clamav/tmp.f9148858a6 Sat Mar 19 14:39:42 2022 -> Hint: The database directory must be writable for UID 1000 or GID 1000 Sat Mar 19 14:39:42 2022 -> ERROR: Update failed. Sat Mar 19 14:42:02 2022 -> -------------------------------------- Sat Mar 19 14:42:02 2022 -> Current working dir is /var/lib/clamav/ Sat Mar 19 14:42:02 2022 -> Loaded freshclam.dat: Sat Mar 19 14:42:02 2022 -> version: 1 Sat Mar 19 14:42:02 2022 -> uuid: dfb07cc8-31f8-4a74-8e96-a57730ccb88a Sat Mar 19 14:42:02 2022 -> ClamAV update process started at Sat Mar 19 14:42:02 2022 Sat Mar 19 14:42:02 2022 -> Current working dir is /var/lib/clamav/ Sat Mar 19 14:42:02 2022 -> Querying current.cvd.clamav.net Sat Mar 19 14:42:02 2022 -> TTL: 80 Sat Mar 19 14:42:02 2022 -> fc_dns_query_update_info: Software version from DNS: 0.103.5 Sat Mar 19 14:42:02 2022 -> ERROR: Can't create temporary directory /var/lib/clamav/tmp.265200271a Sat Mar 19 14:42:02 2022 -> Hint: The database directory must be writable for UID 1000 or GID 1000 Sat Mar 19 14:42:02 2022 -> ERROR: Update failed. Sat Mar 19 17:05:13 2022 -> -------------------------------------- Sat Mar 19 17:05:13 2022 -> Current working dir is /var/lib/clamav/ Sat Mar 19 17:05:13 2022 -> Loaded freshclam.dat: Sat Mar 19 17:05:13 2022 -> version: 1 Sat Mar 19 17:05:13 2022 -> uuid: dfb07cc8-31f8-4a74-8e96-a57730ccb88a Sat Mar 19 17:05:13 2022 -> ClamAV update process started at Sat Mar 19 17:05:13 2022 Sat Mar 19 17:05:13 2022 -> Current working dir is /var/lib/clamav/ Sat Mar 19 17:05:13 2022 -> Querying current.cvd.clamav.net Sat Mar 19 17:05:13 2022 -> TTL: 1472 Sat Mar 19 17:05:13 2022 -> fc_dns_query_update_info: Software version from DNS: 0.103.5 Sat Mar 19 17:05:13 2022 -> ERROR: Can't create temporary directory /var/lib/clamav/tmp.d504509025 Sat Mar 19 17:05:13 2022 -> Hint: The database directory must be writable for UID 1000 or GID 1000 Sat Mar 19 17:05:13 2022 -> ERROR: Update failed. Sat Mar 19 19:47:08 2022 -> -------------------------------------- Sat Mar 19 19:47:08 2022 -> Current working dir is /var/lib/clamav/ Sat Mar 19 19:47:08 2022 -> Loaded freshclam.dat: Sat Mar 19 19:47:08 2022 -> version: 1 Sat Mar 19 19:47:08 2022 -> uuid: dfb07cc8-31f8-4a74-8e96-a57730ccb88a Sat Mar 19 19:47:08 2022 -> ClamAV update process started at Sat Mar 19 19:47:08 2022 Sat Mar 19 19:47:08 2022 -> Current working dir is /var/lib/clamav/ Sat Mar 19 19:47:08 2022 -> Querying current.cvd.clamav.net Sat Mar 19 19:47:08 2022 -> TTL: 867 Sat Mar 19 19:47:08 2022 -> fc_dns_query_update_info: Software version from DNS: 0.103.5 Sat Mar 19 19:47:08 2022 -> ERROR: Can't create temporary directory /var/lib/clamav/tmp.d3393645a4 Sat Mar 19 19:47:08 2022 -> Hint: The database directory must be writable for UID 1000 or GID 1000 Sat Mar 19 19:47:08 2022 -> ERROR: Update failed. Sun Mar 20 11:16:16 2022 -> -------------------------------------- Sun Mar 20 11:16:16 2022 -> Current working dir is /var/lib/clamav/ Sun Mar 20 11:16:16 2022 -> Loaded freshclam.dat: Sun Mar 20 11:16:16 2022 -> version: 1 Sun Mar 20 11:16:16 2022 -> uuid: dfb07cc8-31f8-4a74-8e96-a57730ccb88a Sun Mar 20 11:16:16 2022 -> ClamAV update process started at Sun Mar 20 11:16:16 2022 Sun Mar 20 11:16:16 2022 -> Current working dir is /var/lib/clamav/ Sun Mar 20 11:16:16 2022 -> Querying current.cvd.clamav.net Sun Mar 20 11:16:16 2022 -> TTL: 824 Sun Mar 20 11:16:16 2022 -> fc_dns_query_update_info: Software version from DNS: 0.103.5 Sun Mar 20 11:16:16 2022 -> ERROR: Can't create temporary directory /var/lib/clamav/tmp.8d1127aae6 Sun Mar 20 11:16:16 2022 -> Hint: The database directory must be writable for UID 1000 or GID 1000 Sun Mar 20 11:16:16 2022 -> ERROR: Update failed. Sun Mar 20 11:17:10 2022 -> -------------------------------------- Sun Mar 20 11:17:10 2022 -> Current working dir is /var/lib/clamav/ Sun Mar 20 11:17:10 2022 -> Loaded freshclam.dat: Sun Mar 20 11:17:10 2022 -> version: 1 Sun Mar 20 11:17:10 2022 -> uuid: dfb07cc8-31f8-4a74-8e96-a57730ccb88a Sun Mar 20 11:17:10 2022 -> ClamAV update process started at Sun Mar 20 11:17:10 2022 Sun Mar 20 11:17:10 2022 -> Current working dir is /var/lib/clamav/ Sun Mar 20 11:17:10 2022 -> Querying current.cvd.clamav.net Sun Mar 20 11:17:10 2022 -> TTL: 770 Sun Mar 20 11:17:10 2022 -> fc_dns_query_update_info: Software version from DNS: 0.103.5 Sun Mar 20 11:17:10 2022 -> ERROR: Can't create temporary directory /var/lib/clamav/tmp.8c6612efa2 Sun Mar 20 11:17:10 2022 -> Hint: The database directory must be writable for UID 1000 or GID 1000 Sun Mar 20 11:17:10 2022 -> ERROR: Update failed. Sun Mar 20 11:17:51 2022 -> -------------------------------------- Sun Mar 20 11:17:51 2022 -> Current working dir is /var/lib/clamav/ Sun Mar 20 11:17:51 2022 -> Loaded freshclam.dat: Sun Mar 20 11:17:51 2022 -> version: 1 Sun Mar 20 11:17:51 2022 -> uuid: dfb07cc8-31f8-4a74-8e96-a57730ccb88a Sun Mar 20 11:17:51 2022 -> ClamAV update process started at Sun Mar 20 11:17:51 2022 Sun Mar 20 11:17:51 2022 -> Current working dir is /var/lib/clamav/ Sun Mar 20 11:17:51 2022 -> Querying current.cvd.clamav.net Sun Mar 20 11:17:51 2022 -> TTL: 728 Sun Mar 20 11:17:51 2022 -> fc_dns_query_update_info: Software version from DNS: 0.103.5 Sun Mar 20 11:17:51 2022 -> ERROR: Can't create temporary directory /var/lib/clamav/tmp.f0a837f849 Sun Mar 20 11:17:51 2022 -> Hint: The database directory must be writable for UID 1000 or GID 1000 Sun Mar 20 11:17:51 2022 -> ERROR: Update failed. Sun Mar 20 11:19:17 2022 -> -------------------------------------- Sun Mar 20 11:19:17 2022 -> Current working dir is /var/lib/clamav/ Sun Mar 20 11:19:17 2022 -> Loaded freshclam.dat: Sun Mar 20 11:19:17 2022 -> version: 1 Sun Mar 20 11:19:17 2022 -> uuid: dfb07cc8-31f8-4a74-8e96-a57730ccb88a Sun Mar 20 11:19:17 2022 -> ClamAV update process started at Sun Mar 20 11:19:17 2022 Sun Mar 20 11:19:17 2022 -> Current working dir is /var/lib/clamav/ Sun Mar 20 11:19:17 2022 -> Querying current.cvd.clamav.net Sun Mar 20 11:19:17 2022 -> TTL: 643 Sun Mar 20 11:19:17 2022 -> fc_dns_query_update_info: Software version from DNS: 0.103.5 Sun Mar 20 11:19:17 2022 -> ERROR: Can't create temporary directory /var/lib/clamav/tmp.93504dde28 Sun Mar 20 11:19:17 2022 -> Hint: The database directory must be writable for UID 129 or GID 137 Sun Mar 20 11:19:17 2022 -> ERROR: Update failed. Sun Mar 20 11:24:28 2022 -> -------------------------------------- Sun Mar 20 11:24:28 2022 -> Current working dir is /var/lib/clamav/ Sun Mar 20 11:24:28 2022 -> Loaded freshclam.dat: Sun Mar 20 11:24:28 2022 -> version: 1 Sun Mar 20 11:24:28 2022 -> uuid: dfb07cc8-31f8-4a74-8e96-a57730ccb88a Sun Mar 20 11:24:28 2022 -> ClamAV update process started at Sun Mar 20 11:24:28 2022 Sun Mar 20 11:24:28 2022 -> Current working dir is /var/lib/clamav/ Sun Mar 20 11:24:28 2022 -> Querying current.cvd.clamav.net Sun Mar 20 11:24:28 2022 -> TTL: 331 Sun Mar 20 11:24:28 2022 -> fc_dns_query_update_info: Software version from DNS: 0.103.5 Sun Mar 20 11:24:28 2022 -> ERROR: Can't create temporary directory /var/lib/clamav/tmp.01e45f09b1 Sun Mar 20 11:24:28 2022 -> Hint: The database direct'''

thank you in advance to help myself repair freshclam,

Regards.

Dorian ROSSE.

De : mko-x @.> Envoyé : mercredi 23 mars 2022 21:04 À : Cisco-Talos/clamav @.> Cc : Azaretdodo @.>; Mention @.> Objet : Re: [Cisco-Talos/clamav] freshclam broken (Issue #511)

Hey @Azaretdodohttps://github.com/Azaretdodo,

Did you try removing freshclam.log ?

Which user are you running with? Did you create a group for clamav?

Could you cat /var/log/freshclam.log? Does is exists?

— Reply to this email directly, view it on GitHubhttps://github.com/Cisco-Talos/clamav/issues/511#issuecomment-1076769339, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHJN3IMIRCRHFT5PPJG74RLVBN2ONANCNFSM5REBETRA. You are receiving this because you were mentioned.Message ID: @.***>

Azaretdodo avatar Mar 25 '22 09:03 Azaretdodo

Look likes there have problem with directory or files owner, please make sure that owner of that directory or files is same as DatabaseOwner in freshclam.conf, if not set DatabaseOwner then default is clamav so you need to change owner of directory /var/lib/clamav to clamav (userid in system)

net1 avatar Mar 25 '22 09:03 net1

Hey @mko-x and @net1,

I see the same symptom on a system using tmpfs for /var/log and freshclam autoupdate service. The freshclam log path is /var/log/clamav/freshclam.log Every time I reboot the system, freshclam service fails to start after reboot because it cannot handle the creation of the missing /var/log/clamav directory and creating new empty freshclam.log file in it.

Freshclam should be able to handle these corner cases on startup:

  • if the log file exists but there is ownership issue, perhaps it is better to continue with the update after the warning that it cannot append the log
  • if the log file and path to it does not exist, it should create new folder and new file in it

wizwuz avatar Aug 20 '22 19:08 wizwuz

@wizwuz it might be that tmpfs (/var/log) is not mounted after reboot. Make sure that you put that mount path in /etc/fstab

net1 avatar Aug 21 '22 00:08 net1

@wizwuz it might be that tmpfs (/var/log) is not mounted after reboot. Make sure that you put that mount path in /etc/fstab

The file system is mounted and all other system log files are correctly re-created and present. Freshclam service permanently fails after several retries and cannot be restarted or manually started. Workaround is to manually create the /var/log/clamav folder and the freshclam.log file in it, after which freshclam process can start without problem.

wizwuz avatar Aug 21 '22 09:08 wizwuz

Thank you,

I went to change owner for : '''sudo chown clamav:clamav /var/lib/clamav''',

this repair the problem,

now you can close the ticket i will launch a scan with clamscan for search threat,

Regards.

Azaretdodo.

De : net1 @.> Envoyé : vendredi 25 mars 2022 10:59 À : Cisco-Talos/clamav @.> Cc : Azaretdodo @.>; Mention @.> Objet : Re: [Cisco-Talos/clamav] freshclam broken (Issue #511)

Look likes there have problem with directory or files owner, please make sure that owner of that directory or files is same as DatabaseOwner in freshclam.conf, if not set DatabaseOwner then default is clamav so you need to change owner of directory /var/lib/clamav to clamav (userid in system)

— Reply to this email directly, view it on GitHubhttps://github.com/Cisco-Talos/clamav/issues/511#issuecomment-1078848401, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AHJN3IJ2LJN7NIP7RHA4I3TVBWE6RANCNFSM5REBETRA. You are receiving this because you were mentioned.Message ID: @.***>

Azaretdodo avatar Oct 11 '22 08:10 Azaretdodo

I just started moving some directories to tmpfs including /var/log on Ubuntu 22.04.3 and hit the issue:

led 06 19:10:09 HP-Z840 systemd[1]: Started ClamAV virus database updater.
led 06 19:10:09 HP-Z840 freshclam[11199]: ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.lo>
led 06 19:10:09 HP-Z840 freshclam[11199]: ERROR: initialize: libfreshclam init failed.
led 06 19:10:09 HP-Z840 freshclam[11199]: ERROR: Initialization error!
led 06 19:10:09 HP-Z840 freshclam[11199]: ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check permissions>
led 06 19:10:09 HP-Z840 systemd[1]: clamav-freshclam.service: Main process exited, code=exited, status=2/INVALIDARGUMENT
led 06 19:10:09 HP-Z840 systemd[1]: clamav-freshclam.service: Failed with result 'exit-code'.

even after system service manually after the login the service is not able to create the file:

drwxr-x---  2 root   lp       60 2024-01-06 19:08 cups
drwx--x--x  2 root   gdm      40 2024-01-06 19:08 gdm3
drwx------  2 root   root     40 2024-01-06 19:08 private
drwxr-xr-x  2 root   root     60 2024-01-06 19:08 unattended-upgrades
-rw-r-----  1 root   adm    1,5K 2024-01-06 19:08 apport.log
-rw-r-----  1 syslog adm    2,9K 2024-01-06 19:10 auth.log
-rw-------  1 root   root    16K 2024-01-06 19:08 boot.log
-rw-rw----  1 root   utmp      0 2024-01-06 19:08 btmp
-rw-r-----  1 root   adm    161K 2024-01-06 19:08 dmesg
-rw-r--r--  1 root   root   2,1K 2024-01-06 19:08 gpu-manager.log
-rw-r--r--  1 root   root   2,1K 2024-01-06 19:08 gpu-manager-switch.log
-rw-r-----  1 syslog adm    206K 2024-01-06 19:10 kern.log
-rw-rw-r--  1 root   utmp      0 2024-01-06 19:08 lastlog
-rw-r-----  1 syslog adm    505K 2024-01-06 19:10 syslog
-rw-r--r--  1 root   root   2,1K 2024-01-06 19:08 ubuntu-advantage.log
-rw-rw-r--  1 root   utmp   1,2K 2024-01-06 19:08 wtmp

my fstab entry is following: tmpfs /var/log tmpfs size=4G,defaults,noatime 0 0

permissions on /var/log: drwxrwxr-x 6 root syslog 360 2024-01-06 19:08 log

archenroot avatar Jan 06 '24 18:01 archenroot

Ok, I fixed manually the issue by following sequence:

 zangetsu  HP-Z840  ~  sudo mkdir /var/log/clamav
 zangetsu  HP-Z840  ~  sudo touch /var/log/clamav/freshclam.log
 zangetsu  HP-Z840  ~  sudo chown -R clamav:clamav /var/log/clamav/

archenroot avatar Jan 06 '24 18:01 archenroot

So I created a script in /usr/local/bin:

 ls -la /usr/local/bin |grep clamav
total 56M
drwxr-xr-x  2 root root 4,0K 2024-01-06 19:47 .
drwxr-xr-x 13 root root 4,0K 2024-01-05 15:34 ..
-rwxr-xr-x  1 root root  113 2024-01-06 19:47 clamav-fix-log-on-tmpfs

dont forget to chmod +x path-to-script

cat /usr/local/bin/clamav-fix-log-on-tmpfs

#!/bin/bash
sudo mkdir /var/log/clamav
sudo touch /var/log/clamav/freshclam.log
sudo chown -R clamav:clamav /var/log/clamav/

and customized the service control script sudo nano /etc/systemd/system/multi-user.target.wants/clamav-freshclam.service:

[Unit]
Description=ClamAV virus database updater
Documentation=man:freshclam(1) man:freshclam.conf(5) https://docs.clamav.net/
# If user wants it run from cron, don't start the daemon.
ConditionPathExists=!/etc/cron.d/clamav-freshclam
Wants=network-online.target
After=network-online.target

[Service]
ExecStartPre=/usr/local/bin/clamav-fix-log-on-tmpfs
ExecStart=/usr/bin/freshclam -d --foreground=true
StandardOutput=syslog

[Install]
WantedBy=multi-user.target

Now the service starts, I tested without reboot, will test as well after reboot and report.

archenroot avatar Jan 06 '24 18:01 archenroot