CLAMAV not working after 16.04.01 upgrade

What is the output of:

file /var/run/clamav/clamd.ctl; apt-cache policy clamav

Thanks

Thanks for getting back to me actionparsnip ......

/var/run/clamav/clamd.ctl did not exist after installation, so I created it with a "touch" following "advice" on another board. It is currently 0 bytes length.

output of apt-cache policy command:

Sun Jul 31 10:24 /var/run/clamav => apt-cache policy clamav
clamav:
  Installed: 0.99+dfsg-1ubuntu1.1
  Candidate: 0.99+dfsg-1ubuntu1.1
  Version table:
 *** 0.99+dfsg-1ubuntu1.1 500
        500 http://gb.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
        100 /var/lib/dpkg/status
     0.99+dfsg-1ubuntu1 500
        500 http://gb.archive.ubuntu.com/ubuntu xenial/main amd64 Packages

Also the following errors occur when trying to start the clamav daemon in a shell script:

/-- script fragment
echo starting daemons
service clamav-daemon start
service freshclam-daemon start
echo
echo Done
/-- script fragment ends

/-- script output
starting daemons
Failed to start clamav-daemon.socket: Unit clamav-daemon.socket is not loaded properly: Invalid argument.
See system logs and 'systemctl status clamav-daemon.socket' for details.
Failed to start clamav-daemon.service: Unit clamav-daemon.socket is not loaded properly: Invalid argument.
See system logs and 'systemctl status clamav-daemon.service' for details.
Failed to start freshclam-daemon.service: Unit freshclam-daemon.service not found.
/-- script fragment ends

/-- running the "systemctl status" commands as suggested:

Sun Jul 31 10:31 /var/run/clamav => systemctl status clamav-daemon.socket
● clamav-daemon.socket - Socket for Clam AntiVirus userspace daemon
   Loaded: error (Reason: Invalid argument)
  Drop-In: /etc/systemd/system/clamav-daemon.socket.d
           └─extend.conf
   Active: inactive (dead)
     Docs: man:clamd(8)
           man:clamd.conf(5)
           http://www.clamav.net/lang/en/doc/

and

Sun Jul 31 10:34 /home/alan => systemctl status clamav-daemon.service
● clamav-daemon.service - Clam AntiVirus userspace daemon
   Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Sun 2016-07-31 09:49:44 BST; 44min ago
     Docs: man:clamd(8)
           man:clamd.conf(5)
           http://www.clamav.net/lang/en/doc/
  Process: 2921 ExecStart=/usr/sbin/clamd --foreground=true (code=exited, status=1/FAILURE)
 Main PID: 2921 (code=exited, status=1/FAILURE)
Jul 31 09:48:46 DALEK-UB systemd[1]: Started Clam AntiVirus userspace daemon.
Jul 31 09:49:44 DALEK-UB clamd[2921]: ERROR: LOCAL: Socket file /var/run/clamav/clamd.ctl could not be bound: No such file or directory
Jul 31 09:49:44 DALEK-UB clamd[2921]: ERROR: Can't unlink the socket file /var/run/clamav/clamd.ctl
Jul 31 09:49:44 DALEK-UB systemd[1]: clamav-daemon.service: Main process exited, code=exited, status=1/FAILURE
Jul 31 09:49:44 DALEK-UB systemd[1]: clamav-daemon.service: Unit entered failed state.
Jul 31 09:49:44 DALEK-UB systemd[1]: clamav-daemon.service: Failed with result 'exit-code'.
Jul 31 09:59:50 DALEK-UB systemd[1]: Stopped Clam AntiVirus userspace daemon.
Jul 31 10:19:54 DALEK-UB systemd[1]: Stopped Clam AntiVirus userspace daemon.
Jul 31 10:31:20 DALEK-UB systemd[1]: Stopped Clam AntiVirus userspace daemon.

/-- end "systemclt status" commands output

It would appear that Mozilla have dropped support for Thunderbird integration with Clamav for email malware scanning - is this part of the problem? If so, any advice you could give me on a suitable malware email scanner would be very gratefully received!
many thanks for your time on this

Alan

If you run:

sudo freshclam

Does it update OK? Does it help?

Hi actionparsnip,

running the command:

Mon Aug 01 10:42 /home/alan => sudo freshclam
[sudo] password for alan:
ERROR: /var/log/clamav/freshclam.log is locked by another process
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
Mon Aug 01 10:42 /home/alan =>

thanks
Alan

Try:

sudo fuser -vki /var/log/clamav/freshclam.log

Select yes to kill the process and rerun:

sudo freshclam

Hi actionparsnip,
]
yep, that allowed a manual freshclam run

I think there may be a wider problem here - although I can update using freshclam and run a manual scan with ClamTK, what I can't do (my original problem) is interface Clamav with Clamdrib (a workable version for Thunderbird became available today) for email scanning, as this requires the clamav-daemon to be running.

Many thanks for all of your help, I'm not sure we're quite over the li be on this one yet.

cheers
Alan

Hi actionparsnip,

thanks to your prompting, I think I have solved the issue.

The upgrade to 16.04.01 from 14:04.04 allows for an upgrade to Clamav from 0.97 to 0.99+dfsg-1ubuntu1.1.

There appear to be a couple of issues with the upgrade, the most important seems to be a change in the clamd.conf file, which is not upgraded to the new version of clamd.conf.

Mon Aug 01 12:55 /etc/clamav => sudo cp clamd.conf.ucf-dist clamd.conf

followed by

Mon Aug 01 12:55 /etc/clamav => sudo dpkg-reconfigure clamav-daemon

coupled with the previously mentioned new version of Clamdrib add-on for Thunderbird sems to have restored my AV system to what it was before.

Another feature of the Clamav upgrade seems to be a change in the way that the clamav daemons are "packaged" ans started stopped with the servic e command:

Old style:

 #refresh ClamAV sigs and restart daemon
service clamav-daemon stop
freshclam
service clamav-daemon start

New style:

#refresh ClamAV sigs and restart daemon

service clamav-freshclam stop
freshclam
service clamav-freshclam start

these changes seem to have solved the issues I was having.

Again, many thanks for your help!

cheers
Alan