efa-project.org

As there is already version 0.100.1, upgrading to 0.100.0 is still recommended. It contains many code submissions from the ClamAV community.
https://github.com/Cisco-Talos/clamav-d ... 1/NEWS.md
My upgrade steps.

Check for updates Make backup

As I dont like cronjobs during the upgrade ( stop the mailflow) and stop clam upgrade Remove old database
Get new dbs To get rid of yara related errors. ( you can always enable it again)
/etc/clamav-unofficial-sigs/master.conf And delete or move to backup dir from /var/lib/clamav/ Check clamd.conf and freshclam.conf for custom and depricated settings
warning: /etc/clamd.conf created as /etc/clamd.conf.rpmnew
warning: /etc/freshclam.conf created as /etc/freshclam.conf.rpmnew
reboot to check it all ( new kernel?)

check the logs

Clamav 100.1-1 available. Installed Packages
clamav.x86_64 0.100.0-1.el6 @epel
Available Packages
clamav.i686 0.100.1-1.el6 epel
clamav.x86_64 0.100.1-1.el6 epel

after update: run and check clamav

Hello,

I tried to install the updates without success, what I did:
- disable mail income, create backup
- comment the line - Reboot
- Installing Webmin update
- Reboot
=> While booting I saw some ClamAV-related erros, also I got some error notifications "service <postfix/httpd/mysql/clamd> down and restarted..." (the notification for clamd came 3 times). So I did the following: - Reboot
- Everything seemed fine, boot errors regarding clamav were still there but I "realized" they have been there before the updates without making problems
- I enabled mail income + wrote some test mails
=> the first came properly through, the second (and also another incoming mail) one appeared in in MailWatch but didn't come to my Outlook. After a moment the message appeared again in the MailWatch-list, that went on every few seconds so after a few minutes I had great list in MailWatch including those two emails appearing again and again (but without releasing them to the mailboxes in the mailserver)
=> So I shut down EFA again and restored the backup/snapshot, so now it is running again (but old versions of course).

I saved the corrupt state and now I am trying to find out what the problem was, to execute the update again (and this time properly).
I viewed some logs but I didn't get a hint what the reason might be. Wenn I shut it down it says FAILED when trying to stop the Clamav service.
Has someone an idea what to do?
Thanks!

BR
dwmp

Seems you missed some steps in this post

to get rid of yara related errors. ( you can always enable it again)
/etc/clamav-unofficial-sigs/master.conf

yararulesproject_enabled="no"
enable_yararules="no"

And delete or move to backup dir from /var/lib/clamav/

Code: Select all

rm /var/lib/clamav/*yar
rm /var/lib/clamav/*yara

Thank you! I will try that.
Do you think that the problem (that mails are not coming through Outlook and reappearing in Mailwatch list) will also be resolved with your recommendation?
Or is it only for the boot-error-messages?

I quess you will find the answer in this post viewtopic.php?f=14&p=12615#p12615

Thank you very much, it worked!