I installed ClamAV in Knoppix on USB with persistent changes to use as a tool of repairing windows drives. Unfortunately after every boot /var/log/clamav folder is been deleted and it contains the freshclam.log file without which freshclam gives an error message and update is impossible. I have to manually recreate clamav folder and log file to update the anti-virus. I think it has something to do with syslog-knoppix.conf or syslog.conf but I am not sure how to fix this problem. If anyone has any ideas - Please help

I installed ClamAV in Knoppix on USB with persistent changes to use as a tool of repairing windows drives. Unfortunately after every boot /var/log/clamav folder is been deleted and it contains the freshclam.log file without which freshclam gives an error message and update is impossible. I have to manually recreate clamav folder and log file to update the anti-virus. I think it has something to do with syslog-knoppix.conf or syslog.conf but I am not sure how to fix this problem. If anyone has any ideas - Please help

The places you mention seem like fertile ground for searching out the flaw. You can also put the actions you mentioned doing repeatedly, i.e.
mkdir /var/log/clamav in a script that runs on bootup, e.g. /etc/rc.local, which was mentioned in this thread (http://www.knoppix.net/forum/threads/28224-Knoppix_V6.2.1-First-impressions) as a place to put such.

Hope that helps!
Krishna :mrgreen:

Another thread that relates to the location for running scripts on bootup is here (http://www.knoppix.net/forum/threads/28366-Script-to-run-at-bootup?p=120152), for your viewing pleasure.

Cheers!:mrgreen:

Thank you Krishna - I was thinking about this solution myself. I have a few scripts running at boot of my own, but I dont know how to write the script which creates /var/log/clamav/freshclam.log and makes the CLAMAV as an OWNER and GROUP ID of the folder and the file in it. If freshclam.log is with root as owner and group id freshclam still won't update

Problem SOLVED :D
The solution is - Copy /var/log/clamav and /var/run/clamav into a new location which has persistence like /home. Before you copy check the original permissions of owner and group of both folders and files inside and memorize them, then restore the same permissions in the new location. When this is done edit /etc/clamav/clamd.conf and /etc/clamav/freshclam.conf and modify all instances in this files which point to the old location to point to the new persistent one. That's it - hope its helpful to anyone.
freshclam works like a charm

Same can be achieved by running: dpkg-reconfigure clamav-base
and following the step-by-step set-up.This will probably avoid the permissions misconfiguration. Did not try it though