Clamav-freshclam error

[nObRaIn]

I just downloaded clamav but i get an error trying to update with freshclam.

ERROR: Can't create temporary directory /usr/local/share/clamav-xxxx
Hint: The database directory must be writable for UID 1001 or GID 50

Searching the forum I found reference on a similar issue from some months ago, but without much info.

[Lee]

There are command line switches for both freshclam and clamscan that allow you to specify the location of the database.  I used these to point to a directory on my usb stick that uses a FAT file system, so the permissions issue just goes away.  If you don't have a FAT ( or other permission-less ) file system handy, you'll have to fiddle around with permisions until you get it to work.  I took the lazy way.

[nObRaIn]

This is the exact same thing I am trying to do but no mater what directory I choose I get the error about /usr/local/share/...

I do have persistent /home and /opt that I did try to use, but i would ideally like to use the usb stick fror saving the database.

edit: My bad. I did try it again and I just noticed I was doing --datadir /mnt/... instead of --datadir=/mnt/... Also, the command should point to an existing directory as it was giving me a different error this time "Can't change dir to /mnt/..."

Thanks for the tips though. That made me think twice of what I was doing.

edit2: is there a way I can make this change permanent? I did try changing the setting in freshclam.conf but it didn't help.

[Jason W]

I changed the ownership of /usr/local/share/clamav to clamav:staff in the extension.  So freshclam does not need to be run either as root or with a different database location.

Clamav has also released a new update, which I will get to soon.

[Lee]

Thanks Jason. That should simplify things a bit..

[Jason W]

I hope it overall makes sense.

It may not be the upstream orthodox way of doing it, but the security gain of not running apps as root should offset the security risk, if any, of changing the group ownership of /usr/local/share/clamav.

Hacking into the group clamav is surely not any harder than hacking into the group staff once one is in the system anyway, as far as security is concerned.

[nObRaIn]

Thanks for the update. From what i understand this will not allow persistent updates (not without changing the datadir anyway) but it makes freshclam usable right out of the box now?

What I would like to know is how exactly the updating mechanism works when specifying a different datadir. Is the default /usr/local/share/clamav included when scanning or updating? and are the updates incremental in this case?

[Jason W]

Making it persistent should work with the standard backup routine, backing up /usr/local/share/clamav/ after doing a freshclam.

I have not used the datadir option, and am not on TC now to try it.

[nObRaIn]

I did try that but i still get a couple of errors.

LibClamAV Error: cli_untgz: Wrote 0 instead of 512 (/usr/local/share/clamav/clamav-xxx...ndb)
ERROR: chdir_tmp: Can't unpack main.cvd into /usr/local/share/clamav/clamav-xxx.../clamav-xxx
WARNING: Incremental update failed, trying to download main.cvd

After downloading main.cvd for the first time I don't get these errors and the following updates seem incremental(?). I'm not sure if I understand it correctly but it looks like the main.cvd included with clamav gets ignored(?)

[nObRaIn]

I have an update. I did try loading everything from the begining on a newer system this time and the update seems to be working now. I thought it could be the limited ram of the older system I was working on (128mb total, 70mb free with tc loaded) that was not allowing main.cvd to unpack.

So I finaly begin to understand how it works now. What I was trying to achieve initialy (keep daily.cvd and main.cvd in the original directory and save newer updates in a different "external" directory) doesn't look like an option. I think I like it this way even more now.

Thank you all for the help,
Will.