Redhat – Clamd won’t start after update

clamavpcreredhat

Since updating clamd to 0.99.2-1.e15 on our RedHat 5 x86_64 system, it has failed to start successfully. The error we get is as follows:

LibClamAV Error: cli_pcre_compile: PCRE compilation failed at offset 52: unrecognized character after (?<
LibClamAV Error: cli_pcre_build: failed to build pcre regex
ERROR: Database initialization error: Malformed database [FAILED]

Freshclam works fine. I've even removed clamd, clamav-milter, and freshclam, then re-installed them (using "yum install clamd" and "yum install clamav-milter"), but even after running freshclam, I get the same error when trying to start clamd (using service clamd start).

I've been Googling this error and found a Mac OS X with a similar issue but the patch was not available

Please advise because I'm not sure how to correct this issue. It appears to be something with PCRE, but I'm not sure (we're running pcre.x86_64, version 6.6-9.el5).

Best Answer

In summary:
This temporary workaround from the CentOS 5 CLI (Command Line Interface) got our mail happily flowing again via amavisd-new:

sudo sh -c "cat << EOF >> /var/lib/clamav/daily-23161.ign2
Doc.Macro.GenericHeuristic-5901772-0
Doc.Macro.GenericHeuristic-5931846-1
EOF
service clamd restart"

More details:
The (filename doesn't matter).ign2 whitelists the troublesome entries from the latest daily.cvd
Thanks @Jamen-McGranahan for the OP (Original Post) and @Michael-Hampton for mentioning bug report. Found these resources useful:
ClamAV Bugzilla: Bug 11800 - 23161 seems to break clamd
Stack Overflow: How do I use sudo to redirect output ...
Unix & Linux Stack Exchange: How to append multiple lines to a file with bash
amavis

Related Solutions

Is it safe to disable clamd

All of the other answers for some reason seem to assume that clamd actually scans your system automatically. In reality, clamd does not scan your system on its own. All it does is wait for another process to ask it to scan the system, and thus doesn't do much more then speed up the "clamscan" procedure (since it doesn't have to reload virus definitions on each scan). If you are running a mail or file sharing server and want to scan files as they are passed through, this can be a highly useful optimization. However, if you are like me and simply want to make sure nobody's trying to host Windows malware on your server with a once-daily cronjob scan, clamd is largely unnecessary.

I realize that this is three years old, but it comes in the first few entries when someone searches "what's the point of clamd", "is it safe to turn of clamd" and the like.

Php-devel failed on installation red-hat 6

Your problem is here:

Error: Package: php-devel-5.3.3-22.el6.x86_64 (shared-rhel-x86_64-server-optional-6)
           Requires: php(x86-64) = 5.3.3-22.el6
           Installed: php-5.3.3-27.el6_5.x86_64 (@rhel-x86_64-server-6)

Your version of php is higher than the available php-devel. Either downgrade php to 5.3.3-22 or find a channel/repo that offers you the later version of php-devel.

Best Answer

Related Solutions

Is it safe to disable clamd

Php-devel failed on installation red-hat 6

Related Topic