BYOE issues with ClamXav Sentry

Discussions relating to ClamXav

Moderator: Mark

BYOE issues with ClamXav Sentry

Postby fchanMSI » Thu 17 Mar 2016 5:23 pm

I tried to BYO Engine for the latest release of clamav 0.99.1 and I noticed that ClamXav Sentry doesn't start up properly. I did follow the instructions as described on http://www.clamxav.com/docs_byo.html but no success for me, at least. I've set the permissions as shown in BYO Engine and double checked it with any changes to for get ClamXav Sentry not running. In the end I had to revert back to original clamav 0.99 engine that came with the current version of ClamXav v2.8.9.1
This is not the first time I had this issue with trying to BYO Engine so I'm checking of anyone seen this before and what is fix for this.
fchanMSI
 
Posts: 136
Joined: Fri 16 Feb 2007 10:50 pm

Re: BYOE issues with ClamXav Sentry

Postby alvarnell » Thu 17 Mar 2016 5:44 pm

Make sure you have PCRE 8 installed and then try:
Code: Select all
CFLAGS="-O2 -g -D_FILE_OFFSET_BITS=64 -mmacosx-version-min=10.6 -arch x86_64 -w -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE"
./configure --disable-dependency-tracking --enable-llvm=no --enable-clamdtop --with-user=_clamav --with-group=_clamav --enable-all-jit-targets --prefix=/usr/local/clamXav --enable-ltdl-convenience


Last Edited 5/5/16
-Al-
--
iMac(21.5-inch, Mid 2011) 2.8GHz Intel Core i7/OS X 10.10.5, 10.11.6, 10.12.6 & 10.13.6/ClamXAV v3.0.9 (7713)/0.100.2_01
iMac(Retina 5K, 27-inch, 2017) 4.2GHz Intel Core i7/macOS 10.12.6, 10.13.6 & 10.14.3/ClamXAV v3.0.9 (7713)/0.100.2_01
alvarnell
Site Admin
 
Posts: 5507
Joined: Thu 04 Sep 2008 1:18 am
Location: Mountain View, CA, USA

Re: BYOE issues with ClamXav Sentry

Postby fchanMSI » Fri 18 Mar 2016 1:05 am

Hello, Al,
Thank you for assistance with this and I installed PCRE8 recompiled clamav 0.99.1 and it didn't make any difference with ClamXav Sentry issue.
However, I was looking at the clamav processes and noticed that clamd would start and then die soon afterwards leaving Clamxav Sentry running with the new engine running. When I reverted back to clamav 0.99 that came with ClamXav the clamd process would running continuously so I think this is where my problem is, clamd on the new compiled engine doesn't keep running.

Thank you in advanced for your assistance,
Frank
fchanMSI
 
Posts: 136
Joined: Fri 16 Feb 2007 10:50 pm

Re: BYOE issues with ClamXav Sentry

Postby alvarnell » Fri 18 Mar 2016 8:07 am

The only thing I can think of is that Sentry needs to be tweaked for some change in clamd. I was able to successfully compile it, but never installed in 2.8.9.1 as I like to stay with release versions to better respond to common user issues.

Mark is super busy right now dealing with the database update and trying to get 0.99.1 out to users, so I would have to guess he has a new version in test. Not sure whether that will be 2.8.9.2 or 2.9, the latter with several feature updates. Depends on how testing goes. I don't believe there are very many improvements in 0.99.1 for OS X users to justify rushing it out.
-Al-
--
iMac(21.5-inch, Mid 2011) 2.8GHz Intel Core i7/OS X 10.10.5, 10.11.6, 10.12.6 & 10.13.6/ClamXAV v3.0.9 (7713)/0.100.2_01
iMac(Retina 5K, 27-inch, 2017) 4.2GHz Intel Core i7/macOS 10.12.6, 10.13.6 & 10.14.3/ClamXAV v3.0.9 (7713)/0.100.2_01
alvarnell
Site Admin
 
Posts: 5507
Joined: Thu 04 Sep 2008 1:18 am
Location: Mountain View, CA, USA

Re: BYOE issues with ClamXav Sentry

Postby fchanMSI » Fri 18 Mar 2016 9:13 pm

Hello, Al,
Thank you for trying and thank you Mark for working on getting the database update and getting 0.99.1 out.
I'll try play around with clamd in my "copious" spare time and report what I find here.

Again thank you and have a nice & safe weekend,
Frank
fchanMSI
 
Posts: 136
Joined: Fri 16 Feb 2007 10:50 pm

Re: BYOE issues with ClamXav Sentry

Postby eiichi » Sat 19 Mar 2016 5:46 am

Hi, Frank,

I have no issues about using ClamXav Sentry Version 3.5.9.1 (1481) with BYO ClamAV 0.99.1.
- Running clamd and RunFresclam as launchd daemon
- Running ClamXav Sentry as launchd agent

Probably the issue which you encounter is the one I mention in:
http://www.gctv.ne.jp/~yokota/clamav/#pcre_error

I hope you find it informative.
eiichi
 
Posts: 33
Joined: Sat 19 Mar 2016 5:41 am

Re: BYOE issues with ClamXav Sentry

Postby eiichi » Sat 19 Mar 2016 7:47 am

Just for reference:
This issue has been fixed by "PCRE2 support" (https://github.com/vrtadmin/clamav-deve ... a7accd1c7c?).
So when building ClamAV 0.99.2, you don't have to apply the patch and you won't encounter this issue.
eiichi
 
Posts: 33
Joined: Sat 19 Mar 2016 5:41 am

Re: BYOE issues with ClamXav Sentry

Postby ChipMcKNo2 » Sat 19 Mar 2016 4:30 pm

alvarnell wrote:Make sure you have PCRE 8 installed and then try:
Code: Select all
./configure --disable-dependency-tracking --enable-llvm=no --enable-clamdtop --with-user=_clamav --with-group=_clamav --enable-all-jit-targets --with-pcre=/usr/local/clamXav --prefix=/usr/local/clamXav CFLAGS=-O2 -g -D_FILE_OFFSET_BITS=64 -mmacosx-version-min=10.6 -arch x86_64 -w --enable-ltdl-convenience

That is NOT what is in the B.Y.O. Engine document

Update: Cause syntax errors as stated. It needs some quotation marks.
Last edited by ChipMcKNo2 on Sat 19 Mar 2016 7:12 pm, edited 2 times in total.
ChipMcKNo2
 
Posts: 87
Joined: Sun 07 Dec 2014 11:20 pm
Location: U S of A

Re: BYOE issues with ClamXav Sentry

Postby alvarnell » Sat 19 Mar 2016 4:33 pm

ChipMcKNo2 wrote:That is NOT what is in the B.Y.O. Engine document
Because the current engine is not 0.99.1.

And I've edited post #2 so it should not cause those errors.
-Al-
--
iMac(21.5-inch, Mid 2011) 2.8GHz Intel Core i7/OS X 10.10.5, 10.11.6, 10.12.6 & 10.13.6/ClamXAV v3.0.9 (7713)/0.100.2_01
iMac(Retina 5K, 27-inch, 2017) 4.2GHz Intel Core i7/macOS 10.12.6, 10.13.6 & 10.14.3/ClamXAV v3.0.9 (7713)/0.100.2_01
alvarnell
Site Admin
 
Posts: 5507
Joined: Thu 04 Sep 2008 1:18 am
Location: Mountain View, CA, USA

Re: BYOE issues with ClamXav Sentry

Postby eiichi » Sat 19 Mar 2016 11:37 pm

alvarnell wrote:Because the current engine is not 0.99.1.

This is not correct.

1. "--enable-llvm=no" was introduced along with ClamAV 0.98.7, because built-in LLVM of ClamAV 0.98.7 was not compatible with GNU C++ on OS X 10.10 Yosemite.
See "Bug 11309: freshclam crashing when trying to load bytecode" (https://bugzilla.clamav.net/show_bug.cgi?id=11309).

2. "--with-pcre=/usr/local/clamXav" was introduced along with current engine ClamAV 0.99.
See "Building ClamAV 0.99 with PCRE support" (http://www.gossamer-threads.com/lists/c ... evel/64943).
eiichi
 
Posts: 33
Joined: Sat 19 Mar 2016 5:41 am

Re: BYOE issues with ClamXav Sentry

Postby alvarnell » Sun 20 Mar 2016 7:23 am

I checked my e-mail and see that the last discussion I had with another user and Mark about updating the BYOE page was back in October so I thought he had updated it then, but obviously not. Now that ClamXav has gone commercial, he has little time or interest in providing free support. I went ahead and wrote it up as in a formal bug report, referencing our conversation, but I wouldn't be surprised to see that page disappear as a result.
-Al-
--
iMac(21.5-inch, Mid 2011) 2.8GHz Intel Core i7/OS X 10.10.5, 10.11.6, 10.12.6 & 10.13.6/ClamXAV v3.0.9 (7713)/0.100.2_01
iMac(Retina 5K, 27-inch, 2017) 4.2GHz Intel Core i7/macOS 10.12.6, 10.13.6 & 10.14.3/ClamXAV v3.0.9 (7713)/0.100.2_01
alvarnell
Site Admin
 
Posts: 5507
Joined: Thu 04 Sep 2008 1:18 am
Location: Mountain View, CA, USA

Re: BYOE issues with ClamXav Sentry

Postby eiichi » Tue 03 May 2016 12:29 pm

Just for reference:
I have just updated ClamXav Sentry Version 3.5.9.3 (1490) included in ClamXav v2.8.9.3 (1053) and have no issues with BYO ClamAV 0.99.1.
- Running clamd and RunFresclam as launchd daemon
- Running ClamXav Sentry as launchd agent
eiichi
 
Posts: 33
Joined: Sat 19 Mar 2016 5:41 am

Re: BYOE issues with ClamXav Sentry

Postby eiichi » Tue 03 May 2016 9:53 pm

Notes;
If you have installed openssl for building ClamAV, OpenSSL 1.0.2h(including bug and security fixes) is now available.
See: OpenSSL Security Advisory [3rd May 2016] (https://www.openssl.org/news/secadv/20160503.txt).
eiichi
 
Posts: 33
Joined: Sat 19 Mar 2016 5:41 am

Re: BYOE issues with ClamXav Sentry

Postby alvarnell » Tue 03 May 2016 10:48 pm

Note also that ClamAV 0.99.2 was released today and glancing through the ChangeLog seems to have some important fixes.
-Al-
--
iMac(21.5-inch, Mid 2011) 2.8GHz Intel Core i7/OS X 10.10.5, 10.11.6, 10.12.6 & 10.13.6/ClamXAV v3.0.9 (7713)/0.100.2_01
iMac(Retina 5K, 27-inch, 2017) 4.2GHz Intel Core i7/macOS 10.12.6, 10.13.6 & 10.14.3/ClamXAV v3.0.9 (7713)/0.100.2_01
alvarnell
Site Admin
 
Posts: 5507
Joined: Thu 04 Sep 2008 1:18 am
Location: Mountain View, CA, USA

Re: BYOE issues with ClamXav Sentry

Postby eiichi » Tue 03 May 2016 11:42 pm

Thanks, Al.
I have just updated to ClamAV 0.99.2 of my own custom build.
Running ClamXav Sentry Version 3.5.9.3 (1490) as 'launch agent' and running clamd and RunFresclam as 'launchd daemon' have no issues.
eiichi
 
Posts: 33
Joined: Sat 19 Mar 2016 5:41 am

Next

Return to ClamXav

Who is online

Users browsing this forum: No registered users