ClamAV states virus databases are up to date but FreshClam log file says otherwise

I installed ClamAV. The setup was done some time ago, but I've noticed that, apparently, FreshClam hasn't run since September 22nd:

[x80486@uplink:~]$ sudo cat /var/log/clamav/freshclam.log
--------------------------------------
ClamAV update process started at Fri Jun 30 15:31:00 2023
daily database available for download (remote version: 26955)
Testing database: '/var/lib/clamav/tmp.9c82164f10/clamav-cc2397910639c7390c4707d791014939.tmp-daily.cvd' ...
Database test passed.
daily.cvd updated (version: 26955, sigs: 2037934, f-level: 90, builder: raynman)
main database available for download (remote version: 62)
Testing database: '/var/lib/clamav/tmp.9c82164f10/clamav-2ebd9ccfd37f99327a8188293f1c3485.tmp-main.cvd' ...
Database test passed.
main.cvd updated (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode database available for download (remote version: 334)
Testing database: '/var/lib/clamav/tmp.9c82164f10/clamav-1c6f9beb685cf5d255c0fc2a11405c58.tmp-bytecode.cvd' ...
Database test passed.
bytecode.cvd updated (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
WARNING: Clamd was NOT notified: Can't connect to clamd through /run/clamav/clamd.ctl: No such file or directory
--------------------------------------
freshclam daemon 1.0.1 (OS: Linux, ARCH: x86_64, CPU: x86_64)
ClamAV update process started at Fri Jun 30 15:38:12 2023
daily.cvd database is up-to-date (version: 26955, sigs: 2037934, f-level: 90, builder: raynman)
main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
--------------------------------------
...
--------------------------------------
Received signal: wake up
ClamAV update process started at Thu Sep 21 13:02:41 2023
daily database available for update (local version: 27037, remote version: 27038)
Testing database: '/var/lib/clamav/tmp.e048a53c2e/clamav-0dad46f97ba861f4cdc80aebfee2b3dc.tmp-daily.cld' ...
Database test passed.
daily.cld updated (version: 27038, sigs: 2041081, f-level: 90, builder: raynman)
main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
Clamd successfully notified about the update.
--------------------------------------
Received signal: wake up
ClamAV update process started at Thu Sep 21 20:15:53 2023
daily.cld database is up-to-date (version: 27038, sigs: 2041081, f-level: 90, builder: raynman)
main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
--------------------------------------
Update process terminated

The content of freshclam.log and its modification timestamp are aligned:

[x80486@uplink:~]$ ll /var/log/clamav/ 
total 248K
-rw-r----- 1 clamav 130K Dec 29 16:50 clamd.log
-rw-r----- 1 clamav 108K Sep 22 05:57 freshclam.log

Regardless, I see that ClamAV states its virus databases are up to date (today is Dec 29th, 2023):

[x80486@uplink:~]$ clamscan --version 
ClamAV 1.2.1/27138/Fri Dec 29 04:39:08 2023

I don't fully understand how is that possible 🤔 FreshClam service is enabled and running:

[x80486@uplink:~]$ systemctl status clamav-freshclam.service 
● clamav-freshclam.service - ClamAV virus database updater
     Loaded: loaded (/usr/lib/systemd/system/clamav-freshclam.service; enabled; preset: disabled)
     Active: active (running) since Fri 2023-12-29 16:50:52 EST; 4h 16min ago
       Docs: man:freshclam(1)
             man:freshclam.conf(5)
             https://docs.clamav.net/ 
   Main PID: 1051 (freshclam)
      Tasks: 1 (limit: 38104)
     Memory: 6.9M (peak: 14.5M zswap: 714.8K)
        CPU: 10ms
     CGroup: /system.slice/clamav-freshclam.service
             └─1051 /usr/bin/freshclam -d --foreground=true

Dec 29 16:50:57 uplink freshclam: ERROR: check_for_new_database_version: Failed to find daily database using server https://database.clamav.net .
Dec 29 16:50:57 uplink freshclam: Trying again in 5 secs...
Dec 29 16:51:02 uplink freshclam: Trying to retrieve CVD header from https://database.clamav.net/daily.cvd 
Dec 29 16:51:02 uplink freshclam: ERROR: remote_cvdhead: Download failed (6) ERROR:  Message: Couldn't resolve host name
Dec 29 16:51:02 uplink freshclam: WARNING: Failed to get daily database version information from server: https://database.clamav.net 
Dec 29 16:51:02 uplink freshclam: ERROR: check_for_new_database_version: Failed to find daily database using server https://database.clamav.net .
Dec 29 16:51:02 uplink freshclam: Giving up on https://database.clamav.net ...
Dec 29 16:51:02 uplink freshclam: ERROR: Update failed for database: daily
Dec 29 16:51:02 uplink freshclam: ERROR: Database update process failed: HTTP GET failed
Dec 29 16:51:02 uplink freshclam: ERROR: Update failed.

I checked the systemd logs (using journalctl) for freshclam and sometimes those (latest) errors arise, but most of the time the virus databases get updated:

[x80486@uplink:~]$ journalctl --since "2023-12-01" --unit clamav-freshclam.service 
Dec 27 10:11:27 uplink freshclam: ClamAV update process started at Wed Dec 27 10:11:27 2023
Dec 27 10:11:27 uplink freshclam: daily database available for update (local version: 27135, remote version: 27136)
Dec 27 10:11:28 uplink freshclam: Testing database: '/var/lib/clamav/tmp.c8cc0017d1/clamav-e36a2a20e61f2ab84e3ae79524c73ae4.tmp-daily.cld' ...
Dec 27 10:11:32 uplink freshclam: Database test passed.
Dec 27 10:11:32 uplink freshclam: daily.cld updated (version: 27136, sigs: 2049596, f-level: 90, builder: raynman)
Dec 27 10:11:32 uplink freshclam: main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
Dec 27 10:11:32 uplink freshclam: bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
Dec 27 10:11:32 uplink freshclam: Clamd successfully notified about the update.
Dec 27 16:11:32 uplink freshclam: Received signal: wake up
Dec 27 16:11:32 uplink freshclam: ClamAV update process started at Wed Dec 27 16:11:32 2023
Dec 27 16:11:32 uplink freshclam: daily.cld database is up-to-date (version: 27136, sigs: 2049596, f-level: 90, builder: raynman)
Dec 27 16:11:32 uplink freshclam: main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
Dec 27 16:11:32 uplink freshclam: bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
Dec 28 09:27:06 uplink freshclam: Received signal: wake up
Dec 28 09:27:06 uplink freshclam: ClamAV update process started at Thu Dec 28 09:27:06 2023
Dec 28 09:27:06 uplink freshclam: daily database available for update (local version: 27136, remote version: 27137)
Dec 28 09:27:07 uplink freshclam: Testing database: '/var/lib/clamav/tmp.c8cc0017d1/clamav-f96d7409ae21590143a85f4d2bc16f4c.tmp-daily.cld' ...
Dec 28 09:27:11 uplink freshclam: Database test passed.
Dec 28 09:27:11 uplink freshclam: daily.cld updated (version: 27137, sigs: 2049636, f-level: 90, builder: raynman)
Dec 28 09:27:11 uplink freshclam: main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
Dec 28 09:27:11 uplink freshclam: bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
Dec 28 09:27:11 uplink freshclam: Clamd successfully notified about the update.
Dec 28 15:27:11 uplink freshclam: Received signal: wake up
Dec 28 15:27:11 uplink freshclam: ClamAV update process started at Thu Dec 28 15:27:11 2023
Dec 28 15:27:11 uplink freshclam: daily.cld database is up-to-date (version: 27137, sigs: 2049636, f-level: 90, builder: raynman)
Dec 28 15:27:11 uplink freshclam: main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
Dec 28 15:27:11 uplink freshclam: bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
Dec 28 21:27:11 uplink freshclam: Received signal: wake up
Dec 28 21:27:11 uplink freshclam: ClamAV update process started at Thu Dec 28 21:27:11 2023
Dec 28 21:27:11 uplink freshclam: daily.cld database is up-to-date (version: 27137, sigs: 2049636, f-level: 90, builder: raynman)
Dec 28 21:27:11 uplink freshclam: main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
Dec 28 21:27:11 uplink freshclam: bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
Dec 29 11:11:45 uplink freshclam: Received signal: wake up
Dec 29 11:11:45 uplink freshclam: ClamAV update process started at Fri Dec 29 11:11:45 2023
Dec 29 11:11:45 uplink freshclam: daily database available for update (local version: 27137, remote version: 27138)
Dec 29 11:11:46 uplink freshclam: Testing database: '/var/lib/clamav/tmp.c8cc0017d1/clamav-136aa724061e4b2bc840a86b67cb13d2.tmp-daily.cld' ...
Dec 29 11:11:50 uplink freshclam: Database test passed.
Dec 29 11:11:50 uplink freshclam: daily.cld updated (version: 27138, sigs: 2049785, f-level: 90, builder: raynman)
Dec 29 11:11:50 uplink freshclam: main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
Dec 29 11:11:50 uplink freshclam: bytecode.cvd database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)
Dec 29 11:11:50 uplink freshclam: Clamd successfully notified about the update.
Dec 29 16:50:17 uplink freshclam: Update process terminated
Dec 29 16:50:18 uplink systemd: clamav-freshclam.service: Deactivated successfully.
Dec 29 16:50:18 uplink systemd: clamav-freshclam.service: Consumed 1min 10.200s CPU time, 1.3G memory peak.
Dec 29 16:50:52 uplink freshclam: ClamAV update process started at Fri Dec 29 16:50:52 2023
Dec 29 16:50:52 uplink freshclam: WARNING: Can't query current.cvd.clamav.net
Dec 29 16:50:52 uplink freshclam: WARNING: Invalid DNS reply. Falling back to HTTP mode.
Dec 29 16:50:52 uplink freshclam: Trying to retrieve CVD header from https://database.clamav.net/daily.cvd 
Dec 29 16:50:52 uplink freshclam: WARNING: remote_cvdhead: Download failed (6) WARNING:  Message: Couldn't resolve host name
Dec 29 16:50:52 uplink freshclam: WARNING: Failed to get daily database version information from server: https://database.clamav.net 
Dec 29 16:50:52 uplink freshclam: ERROR: check_for_new_database_version: Failed to find daily database using server https://database.clamav.net .
Dec 29 16:50:52 uplink freshclam: Trying again in 5 secs...
Dec 29 16:50:57 uplink freshclam: Trying to retrieve CVD header from https://database.clamav.net/daily.cvd 
Dec 29 16:50:57 uplink freshclam: WARNING: remote_cvdhead: Download failed (6) WARNING:  Message: Couldn't resolve host name
Dec 29 16:50:57 uplink freshclam: WARNING: Failed to get daily database version information from server: https://database.clamav.net 
Dec 29 16:50:57 uplink freshclam: ERROR: check_for_new_database_version: Failed to find daily database using server https://database.clamav.net .
Dec 29 16:50:57 uplink freshclam: Trying again in 5 secs...
Dec 29 16:51:02 uplink freshclam: Trying to retrieve CVD header from https://database.clamav.net/daily.cvd 
Dec 29 16:51:02 uplink freshclam: ERROR: remote_cvdhead: Download failed (6) ERROR:  Message: Couldn't resolve host name
Dec 29 16:51:02 uplink freshclam: WARNING: Failed to get daily database version information from server: https://database.clamav.net 
Dec 29 16:51:02 uplink freshclam: ERROR: check_for_new_database_version: Failed to find daily database using server https://database.clamav.net .
Dec 29 16:51:02 uplink freshclam: Giving up on https://database.clamav.net ...
Dec 29 16:51:02 uplink freshclam: ERROR: Update failed for database: daily
Dec 29 16:51:02 uplink freshclam: ERROR: Database update process failed: HTTP GET failed
Dec 29 16:51:02 uplink freshclam: ERROR: Update failed.

What I'm trying to understand is why there is no correlation between freshclam.log and the actual state of the system. It appears to me the virus databases are indeed up to date based on the systemd messages for freshclam, but that's not reflected in freshclam.log. Is there a way to fix that...or am I missing something? --- ### UPDATES I went ahead and verified the user and group configured for ClamAV, and they own and have the correct privileges. It all makes sense since /var/log/clamav/clamd.log is updated accordingly — though /var/log/clamav/freshclam.log is not 😑 I stopped clamav-freshclam.service and removed /var/log/clamav/freshclam.log just to verify if UpdateLogFile /var/log/clamav/freshclam.log setting (from /etc/clamav/freshclam.conf) was actually doing something, and the process couldn't start because the file didn't exist:

Dec 29 22:31:57 uplink freshclam: ERROR: lchown to user 'clamav' failed on
Dec 29 22:31:57 uplink freshclam: log file '/var/log/clamav/freshclam.log'.
Dec 29 22:31:57 uplink freshclam: Error was 'No such file or directory'
Dec 29 22:31:57 uplink freshclam: WARNING: lchown to user 'clamav' failed on log file '/var/log/clamav/freshclam.log'.  Error was 'No such file or directory'
Dec 29 22:31:57 uplink freshclam: ERROR: Failed to switch to clamav user.
Dec 29 22:31:57 uplink systemd: clamav-freshclam.service: Main process exited, code=exited, status=9/n/a
Dec 29 22:31:57 uplink systemd: clamav-freshclam.service: Failed with result 'exit-code'.

So I made a backup and created a new /var/log/clamav/freshclam.log file the correct privileges and permissions...just to see that clamav-freshclam.service started successfully, but not a single log statement in that file 😡