NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Antivirus scanner definition file update failed
ReadyNAS 212 OSversion 6.10.3
Since a couple of days (starting July 5th) my virus definition file update failes.. stating check internet-connection ; my internet connection is fine because the readynas succeeds in sending me a notification to my gmail-account immediately after the update fails.
restarting the readynas seems to solve this issue for a couple of days and then the update fails again...
what can I do to solve this
rgds Hans
I kept getting errors while executing command: 'systemctl status clamav-freshclam.service' ; see below
root@Geldrop:~# systemctl status clamav-freshclam.service
● clamav-freshclam.service - ClamAV virus database updater
Loaded: loaded (/lib/systemd/system/clamav-freshclam.service; static; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2020-12-23 14:33:45 CET; 15s ago
Process: 6263 ExecStart=/usr/bin/freshclam --quiet (code=exited, status=1/FAILURE)
Main PID: 6263 (code=exited, status=1/FAILURE)Dec 23 14:33:45 Geldrop systemd[1]: Starting ClamAV virus database updater...
Dec 23 14:33:45 Geldrop freshclam[6263]: ClamAV update process started at Wed Dec 23 14:33:45 2020
Dec 23 14:33:45 Geldrop freshclam[6263]: main.cvd is up to date (version: 59, sigs: 4564902, f-level: 60, builder: sigmgr)
Dec 23 14:33:45 Geldrop freshclam[6263]: daily.cld is up to date (version: 26026, sigs: 4328586, f-level: 63, builder: raynman)
Dec 23 14:33:45 Geldrop freshclam[6263]: bytecode.cvd is up to date (version: 331, sigs: 94, f-level: 63, builder: anvilleg)
Dec 23 14:33:45 Geldrop systemd[1]: clamav-freshclam.service: Main process exited, code=exited, status=1/FAILURE
Dec 23 14:33:45 Geldrop systemd[1]: Failed to start ClamAV virus database updater.
Dec 23 14:33:45 Geldrop systemd[1]: clamav-freshclam.service: Unit entered failed state.
Dec 23 14:33:45 Geldrop systemd[1]: clamav-freshclam.service: Failed with result 'exit-code'.The following I did after reading the following web-page (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972974):
stopping clamav: 'systemctl stop clamav-daemon'stopping clamav freshclam: 'systemctl stop clamav-freshclam'
adjusting member 'usr.bin.freshclam' in dir: /etc/apparmor.d ; adding 'capability dac_override,' and 'capability chown,'
capability setgid,
capability setuid,
capability dac_override,
capability chown,removing all file from dir: '/var/lib/clamav' (bytecode ; daily ; main ; mirrors ; antivir)
starting clamav : 'systemctl start clamav-daemon'
starting clamav freshclam: 'systemctl start clamav-freshclam'
starting 'clamav freshclam' takes a while (about 2 minutes, I guess) and afterwards it looks like the normal databased-updater is working again.... lets see what happens the coming days...
regards
338 Replies
Replies have been turned off for this discussion
some info found in clamscan.log:
----------- SCAN SUMMARY -----------
Known viruses: 7765153
Engine version: 0.100.2
Scanned directories: 1492
Scanned files: 9556
Infected files: 0
Total errors: 3
Data scanned: 704.59 MB
Data read: 7622.16 MB (ratio 0.09:1)
Time: 627.740 sec (10 m 27 s)-------------------------------------------------------------------------------
ERROR: Malformed database
----------- SCAN SUMMARY -----------
Known viruses: 3731217
Engine version: 0.100.2
Scanned directories: 0
Scanned files: 0
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 119.501 sec (1 m 59 s)-------------------------------------------------------------------------------
Hi HansRL,
Can you try assigning a static DNS on the NAS and see if you will still get the same issue? If you will still get the same issue. can you get the full logs of the NAS after experiencing it and provide it to us so we can check?
You may upload it to a file-sharing site then send me the download link via private message.
Regards,
I have a RN212 and a RN214 connected to the same network, and Im experiencing the same update issue on both devices. According to the log on the RN212 the problem/first error message started july 10. It did update update both on the 11'th and 12'th, but then got stuck at the 12'th of july. No updates since then, and I get the error message daily when it start-up in the morning.
According to the log on the RN214 the problem/first error message started july 12. However dispite a daily error message after start-up it continues to update the antivirus. From the 17'th the RN214 has updated without error messages.
So - the 214 had some 'hick-ups' but seems to be back on track, however the 212 did not, and is stuck at june 12'th update.
In the log of the 212 and the 214 the file "clamscan.log" do display the following error:
ERROR: Malformed database
on some of the entries....
Restarting the 212 do not fix the issue, and I'm clueless as what to do :-(
I don't think my ROOT-directory is an issue....,
=== df -h ===
Filesystem Size Used Avail Use% Mounted on
udev 10M 4.0K 10M 1% /dev
/dev/md0 3.7G 1.2G 2.3G 35% /
tmpfs 1009M 4.0K 1009M 1% /dev/shm
tmpfs 1009M 1.2M 1008M 1% /run
tmpfs 505M 12M 493M 3% /run/lock
tmpfs 1009M 0 1009M 0% /sys/fs/cgroup
/dev/md127 5.5T 1.2T 4.4T 21% /data
/dev/md127 5.5T 1.2T 4.4T 21% /home
/dev/md127 5.5T 1.2T 4.4T 21% /apps
=== df -i ===
Filesystem Inodes IUsed IFree IUse% Mounted on
udev 187927 228 187699 1% /dev
/dev/md0 1048576 13428 1035148 2% /
tmpfs 188818 2 188816 1% /dev/shm
tmpfs 188818 450 188368 1% /run
tmpfs 188818 30 188788 1% /run/lock
tmpfs 188818 9 188809 1% /sys/fs/cgroup
/dev/md127 0 0 0 - /data
/dev/md127 0 0 0 - /home
/dev/md127 0 0 0 - /appsSorry if this is a duplicate
I checked the volume.zip and there is plenty of space.
The problem continues, however.
Thanks
DW
Any update on this issue? I have two ReadyNAS 212's that have been running for a couple of years with no issue and updates started failing on or around 7/5. Both devices were running 6.10.2 when the errors started. Updated to 6.10.3 in an attempt to fix the issue with no joy. Reboots of the device or running a FRESHCLAM make the error go away temporarily but it comes back within a couple of days.
That's why I added FRESHCLAM to the CRONTAB; once a day updating my virus-definitions.
short description how to add:
open a SSH-session with your NAS and logon with userid: root
enter command: crontab -e
move your cursor to the last letter in the file and enter: oput in next line: 5 21 * * * /usr/bin/freshclam
enter: shift+zz
and now every day at 5 minutes past nine FRESHCLAM will run
rgds
I had precisely the same issue on a 212 that started the same day. I finally looked on the internet for a solution. Putting freshclam into root's crontab works for me - I'd like to see the issue fixed, but this is a fine solution.
Good Afternoon,
I am experiencing the same issue. I am running 6.10.3, that actually started failing on 7/13. I disabled and renabled as well with the same result.
Having the same problem. Wish there was a way to manually download the virus definitions. Have tried to find a way to do that, but no luck.
ReadyNAS 202, Firmware 6.10.3, 2x 1TB
Same here for me. Happened the first time on 19 July 2020. A reboot didn't helped to fix this issue. I was not able to fix it on my own. Tried it by deleting all files from /var/lib/clamav and running freshclam manually. Now I run a daily CRON job executing freshclam. This works reliable for me. All mounted drives have enough free space, reported by df.
Firmware 6.10.3
I have the same problem of antivirus signature file update error.
To run "freshclam" by hand, I need to be "root". How does one get the root shell prompt on the NAS box? I have SSH set up, and I regularly login as a local user (which I have created) and as admin, but neither of them is root. If I try to log in as admin@nasbox, my userID is 98, not 0, and if I run "freshclam" as that user, I get permission errors -- it cannot create a file or directory (I don't remember which) under /var/lib/clamav/
So I am guessing that "freshclam" can only be run as root. When I try to do an "ssh root@nasbox" I am told "Permission denied".
FYI, I've sent a PM to Marc to see where he is on troubleshooting the issue using my "untouched" NAS. Hopefully, he'll reply back soon and have something for all of us. I'm still getting the error, so if I don't hear back soon, I'll try at least doing a manual update.
I am also having a problem with 2 of my NAS at the same site. I entered a static IP address, made sure all the IP settings are correct.
I am finally fixing the issue by running freshclam -v
Once the AV update is done, I will monitor to see if the problem was resolved.
Biggels wrote:
I am finally fixing the issue by running freshclam -v
Once the AV update is done, I will monitor to see if the problem was resolved.
Other posts here suggest that it won't be resolved. They've found that running freshclam manually works, but the daily scheduled updates continue to fail.
I'm not seeing the problem on my own NAS, so I can't confirm this.
Is there any infromation that I can provide that will help resolve this problem? I have confirmed enough disk space, static IP address as well.
Thanks to everyone contributing to this thread. It has been most interesting to see the suggested solutions to this problem.
To review, my issues started immediately after I updated to the latest firmware 6.10.3. I am convinced this update is a factor in all this. Immediately after intallation things started going crazy. My Time Machine (Mac) backups stopped working and would not recognise my passwords. For a while the RAIDar app was also struggling to find the NAS and again, for a while, I could not get access to the admin section/page on the browser. Multiple restarts/reboots eventually resolved a few of the issues. Then, for a while, I could only get my data LUN's to display on my desktop one at a time. Sometimes the NAS would completely disappear from my network. GRRR!
Then came the error messages. Firstly, the dreaded AntiVirus definitions failure to download. Then a few days later a new error message advising that my System root memory was almost maxed out. (Diagnostic test showed 92.2% full.)
I started following this thread hoping to be able to get a solution, but for me, realistically there was nothing helpful, because I have absolutely no knowledge, skill of confidence in using command level instructions or SSH etc. Although many of the responses were very clear and concise with the exact commands required, most of it was like an unfamiliar foreign language. Terms like Freshclam and crontab are a complete mystery. Did I mention that I have zero knowledge and skills of command level stuff and how to even get there? I bit the bullet and paid for a support case.
The tech's did much of what has been suggested. I downloaded my log files and opened the Secure Diagnostic Mode back door. This allowed them to see some errors. I was subsequently asked to turn Time Machine off because somehow the files that it generates had been written to the wrong place/folder?
The two main error problems, as I had assumed, appear to have been related to each other and the bizarre behaviour of Time Machine was a part of this also. One day later everything had been resolved. The AntiVirus definitions have neen downloading successfully for a couple of weeks now. The diagnostic test indicates zero problems with the System Root file/memory. Time Machine has also been reactivated as is again working perfectly.
So, Thanks to StephenB who suggested this course of action. It has worked out well. I will also add that I mentioned to the tech support team several times that this issue is affecting quite a few people and I am pretty sure they have been working on this including the material Marc_V has been sending through.
ReadyNAS 202, Firmware 6.10.3, 2x 1TB
Hello. I will just say again since I run a daily CRON job my issue is resolved for me. Lets call it a workaround:
- login to your NAS as root via ssh
- 'crontab -e'
- e.g. add: '0 4 * * * /usr/bin/freshclam' - this will execute freshclam daily at 4 a.m.
Focusing on the error message "freshclam[5119]: [LibClamAV] mpool_malloc(): Can't allocate memory (262144 bytes)." I did some investigation. The default SWAP-partition is 512 MB and according to several fora on the internet small.
RAM No hibernation With Hibernation Maximum 256MB 256MB 512MB 512MB 512MB 512MB 1024MB 1024MB 1024MB 1024MB 2048MB 2048MB RAM No hibernation With Hibernation Maximum 1GB 1GB 2GB 2GB 2GB 1GB 3GB 4GB 3GB 2GB 5GB 6GB 4GB 2GB 6GB 8GB 5GB 2GB 7GB 10GB 6GB 2GB 8GB 12GB 8GB 3GB 11GB 16GBSo I added a swap-file of 512 MB so the total swap-space became 1024MB and will see if CLAMAV will be updated correctly by the default update-process (the first time it did, so fingers crossed).
So if this additional SWAP-file works, maybe it is an idea to add SWAPD package to the installation and therefor is no need to add a pre-defined SWAP-file :-)
rgds Hans
HansRL wrote:
Focusing on the error message "freshclam[5119]: [LibClamAV] mpool_malloc(): Can't allocate memory (262144 bytes)." I did some investigation. The default SWAP-partition is 512 MB and according to several fora on the internet small.
So I added a swap-file of 512 MB
The memory allocation error is a clue. But that added swap file reduces the OS partition by 512 MB (and it is also rather small). You don't want a full OS partition either, so you do need to be careful here.
Perhaps a better strategy is to look at the services you have running on the NAS, and disable the ones you don't actually need. Also, if you have NFS running you could reduce the number of threads. Similarly remove apps that aren't needed.
My own RN202 (which has never had this failure) has SMB, RSYNC, uPNP, HTTP, HTTPS, SSH, and AntiVirus services enabled. The others are all disabled. All Cloud servers are off. The only app installed is Plex.
chrhei wrote:ReadyNAS 202, Firmware 6.10.3, 2x 1TB
Hello. I will just say again since I run a daily CRON job my issue is resolved for me. Lets call it a workaround:
- login to your NAS as root via ssh
- 'crontab -e'
- e.g. add: '0 4 * * * /usr/bin/freshclam' - this will execute freshclam daily at 4 a.m.
This suggestion worked for me and got my updates running again. At least for the past 48 hours. I have not had a problem. We'll see how long it lasts.
Is / Has there been any updates for the Antivirus Updates? Mine is still showing Aug 27 2020, 14:16:21?
In the unlikely event that something happens to the OS, shall netgear look at reimbursing any issues caused from a subsequent failur due to not having an AV?
I don't think Netgear will reimburse you if you get a virus on your NAS, if they are out of warranty. I supplied the log files and opened the SDM port for Marc_V for almost a month, and I haven't heard anything back from either Marc_V or anyone else from Netgear about this.
This problem has been ongoing for a couple of months now, and its only affecting 3 of my 11 NAS Devices in our enterprise, so far. Which is sad, becasue I do like the ReadyNAS and would hate to have to replace my NAS devices.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
