How to be sure ClamAV database is up to date?

I am currently having an issue with ClamAV and freshclam on Centos 6.9.

I have the last Clam engine 0.99.2, and a working internet connection. Even if I run the # freshclam -v command ( it only returns a security warning about unsecure permission of freshclam.conf) before a # clamscan, clamAV return me this warning :

LibClamAV Warning: ************************************************** LibClamAV Warning: *** The virus database is older than 7 days. *** LibClamAV Warning: *** Please update it IMMEDIATELY! *** LibClamAV Warning: **************************************************

So my questions are : how can I know when the last update was done ? Or make sure the virus database is up-to-date ?

PS : I've tested the clamscan with eicar test file and it detects it.


clamscan --version shows the version and date of signatures, e.g.

$ clamscan --version
ClamAV 0.101.4/25613/Fri Oct 25 11:00:25 2019

where 25613 is the signatures version and it is followed by the date of the signatures


You have 2 questions:

  1. How can I know when the last update was done ?

host -t txt current.cvd.clamav.net; perl -e 'printf "%d\n", time;'

This will tell you when clamav made available the last update.

  1. Make sure the virus database is up-to-date ?

First you need to understand why you get the security warning. If you post the warning here maybe we'd have a better chance to help you.

Then I recommend you look in the log at /var/log/clamav/freshclam.log

Also, if you have selinux enabled, you'd have to run this: setsebool -P antivirus_can_scan_system 1. If by any chance the error is something like this During database load : LibClamAV Warning: RWX mapping denied: Can't allocate RWX Memory: Permission denied then clearly your solution is the command I mentioned above.


This is what I do for the second part of your question: Make sure the virus database is up-to-date ?

My systems are offline so cannot query the clamav site for their most recent virus definitions database but I can easily examine the date of my current cvd files with this linux command.

strings /var/lib/clamav/daily.cvd|head -1|cut -c1-28
ClamAV-VDB:31 Jul 2019 04-17

Edit: As Jonathon has so kindly mentioned, sigtool is a great way to examine the clamav dat file signature:

sigtool --info daily.cvd
File: daily.cvd
Build time: 28 Aug 2019 04:24 -0400
Version: 25555
Signatures: 1739106
Functionality level: 63
Builder: raynman
...