HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   Virtual Users Domains Postfix Ubuntu 8.04 clamav fails after upgrade (http://www.howtoforge.com/forums/showthread.php?t=36477)

almeister9 15th June 2009 04:02

[RESOLVED] Virtual Users Domains Postfix Ubuntu 8.04 clamav fails after upgrade
 
Hi all,

After successfully using a mail server built with Falko's "Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Ubuntu 8.04 LTS)" for more than a year, and on the advice of a friend, I ran two commands on the server
Code:

apt-get update
apt-get upgrade

and since then I am experiencing these problems.

During startup I see:
Code:

Starting ClamAV daemon clamd:
ERROR: Parse error at line 44: Unknown Option ScanPartialMessages.
ERROR: Can't open/parse the config file /etc/clamav/clamd.conf  [FAIL]

and in
Code:

less /var/log/mail.log

Jun 15 11:29:25 smail amavis[6184]: (06184-01-4) (!)run_av (ClamAV-clamd, built-in i/f): Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 86) line 310.
Jun 15 11:29:25 smail amavis[6184]: (06184-01-4) (!!)ClamAV-clamd av-scanner FAILED: CODE(0x604e60) Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 86) line 310. at (eval 86) line 511.
Jun 15 11:29:25 smail amavis[6184]: (06184-01-4) (!!)WARN: all primary virus scanners failed, considering backups

I know it is the upgrade which has done this but I dont know how to fix it.

When I try to find out version I get
Code:

/usr/sbin/clamd -V
ERROR: Parse error at line 44: Unknown option ScanPartialMessages.
ERROR: Can't open/parse the config file /etc/clamav/clamd.conf

and this output
Code:

ps aux|grep clam
clamav    4872  0.0  0.0  21612  1116 ?        Ss  10:17  0:00 /usr/bin/freshclam -d --quiet
amavis  13972  105  2.6 122400 106424 ?      R    15:08  0:04 /usr/bin/clamscan --stdout --disable-summary -r --tempdir=/var/lib/amavis/tmp /var/lib/amavis/tmp/amavis-20090615T150636-13922/parts
amavis  13973  103  1.8  90580 74564 ?        R    15:08  0:02 /usr/bin/clamscan --stdout --disable-summary -r --tempdir=/var/lib/amavis/tmp /var/lib/amavis/tmp/amavis-20090615T150111-13747/parts
alan    13975  0.0  0.0  5168  844 pts/0    R+  15:08  0:00 grep clam

My setup is exactly as it is in Falko's Howto.

If anyone can help me with this I would be greatly appreciative.
Cheers Al.

falko 15th June 2009 14:57

What's the output of
Code:

updatedb
locate clamd.conf

?

almeister9 16th June 2009 01:58

output
 
Thanks for your reply Falko.

Code:

alan@smail:~$ sudo updatedb
alan@smail:~$ sudo locate clamd.conf
/etc/clamav/clamd.conf
/usr/share/doc/clamav-base/examples/clamd.conf
/usr/share/man/man5/clamd.conf.5.gz
/var/lib/ucf/cache/:etc:clamav:clamd.conf

I have noticed that in clamd.conf there is this line:
Code:

LocalSocket /var/run/clamav/clamd.ctl
but that folder only contains one file
Code:

alan@smail:/var/run/clamav$ ls
freshclam.pid

It is causing the mail server to run very slowly. I sent a mailout yesterday at midday to 54,326 recipients and this morning at 10:00am there is still 53,000 messages in the queue.

Thanks for your help with this.

falko 16th June 2009 16:40

What's in /etc/clamav/clamd.conf?

almeister9 17th June 2009 00:01

/etc/clamav/clamd.conf
 
Code:

#Automatically Generated by clamav-base postinst
#To reconfigure clamd run #dpkg-reconfigure clamav-base
#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
LocalSocket /var/run/clamav/clamd.ctl
FixStaleSocket true
TemporaryDirectory /tmp
User clamav
AllowSupplementaryGroups true
ScanMail true
ScanArchive true
ArchiveLimitMemoryUsage false
ArchiveBlockEncrypted false
MaxDirectoryRecursion 15
FollowDirectorySymlinks false
FollowFileSymlinks false
ReadTimeout 180
MaxThreads 12
MaxConnectionQueueLength 15
StreamMaxLength 10M
LogSyslog false
LogFacility LOG_LOCAL6
LogClean false
LogVerbose false
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /var/lib/clamav
SelfCheck 3600
Foreground false
Debug false
ScanPE true
ScanOLE2 true
ScanHTML true
DetectBrokenExecutables false
MailFollowURLs false
ExitOnOOM false
LeaveTemporaryFiles false
AlgorithmicDetection true
ScanELF true
IdleTimeout 30
PhishingSignatures true
PhishingScanURLs true
PhishingAlwaysBlockSSLMismatch false
PhishingAlwaysBlockCloak false
DetectPUA false
ScanPartialMessages false
HeuristicScanPrecedence false
StructuredDataDetection false
LogFile /var/log/clamav/clamav.log
LogTime true
LogFileUnlock false
LogFileMaxSize 0

Thanks again Falko

falko 17th June 2009 13:26

Looks ok. What's the output of
Code:

ls -la /etc/clamav/
?

almeister9 17th June 2009 13:38

ls -la /etc/clamav/
 
Code:

alan@smail:~$ ls -la /etc/clamav/
total 28
drwxr-xr-x  5 root  root 4096 2009-06-17 08:13 .
drwxr-xr-x 93 root  root 4096 2009-06-15 10:17 ..
-rw-r--r--  1 root  root 1216 2009-06-12 17:55 clamd.conf
-rw-r--r--  1 clamav adm  679 2008-11-07 14:42 freshclam.conf
drwxr-xr-x  2 root  root 4096 2008-07-19 01:22 onerrorexecute.d
drwxr-xr-x  2 root  root 4096 2008-07-19 01:22 onupdateexecute.d
drwxr-xr-x  2 root  root 4096 2008-07-19 01:22 virusevent.d


falko 18th June 2009 14:13

Looks ok as well... :confused:

almeister9 19th June 2009 01:58

Dam!
 
I thought if any one could help me it would be you.

I have been reading a lot of things on the internet about this problem when clamav has been upgraded but most of them are a slightly different setup to mine with different programs. Im not that experienced in Linux matters so I was worried that if I tried some of their proposed solutions I might break something else. People have been saying it is a permissions problem, others say it was a flaw in the upgrade and there is a later one that will fix it.

They speak of "volatile repositries". Im not sure what that means or whether it is a good idea.

I feel the major clue is the fact that clamd.conf is looking for:
LocalSocket /var/run/clamav/clamd.ctl
but there is no file called clamd.ctl

I seem to remember during startup, before the upgrade, it used to say something about trying to start clamav and changing something because of what was in clamd.conf.

I think I will try to go through the howto again and see if there are any clues of what needs to be done.

I did notice that in the howto it says:
Quote:

Now run

netstat -tap

and you should see Postfix (master) listening on port 25 (smtp) and 10025, and amavisd-new on port 10024:
and mine now says:
Code:

alan@smail:~$ sudo netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address          Foreign Address        State      PID/Program name
tcp        0      0 localhost.localdo:10024 *:*                    LISTEN      4422/amavisd (maste
tcp        0      0 localhost.localdo:10025 *:*                    LISTEN      15100/master
tcp        0      0 localhost.localdo:mysql *:*                    LISTEN      4496/mysqld
tcp        0      0 *:www                  *:*                    LISTEN      5140/apache2
tcp        0      0 *:smtp                  *:*                    LISTEN      15100/master
tcp        0      0 smail.scribalpubl:56420 mta-v15.mail.vip.r:smtp ESTABLISHED 15112/smtp
tcp        0      0 localhost.localdo:44645 localhost.localdo:10024 ESTABLISHED 15110/smtp
tcp        0      1 smail.scribalpubl:46693 mta-v11.mail.vip.r:smtp SYN_SENT    15123/smtp
tcp        0      0 localhost.localdo:52377 localhost.localdo:mysql TIME_WAIT  -
tcp        0      0 localhost.localdo:10025 localhost.localdo:39881 TIME_WAIT  -
tcp        0      0 localhost.localdo:mysql localhost.localdo:52414 ESTABLISHED 4496/mysqld
tcp        0      0 localhost.localdo:10025 localhost.localdo:39877 TIME_WAIT  -
tcp        0      0 localhost.localdo:52342 localhost.localdo:mysql TIME_WAIT  -
tcp        0      0 localhost.localdo:52362 localhost.localdo:mysql TIME_WAIT  -
tcp        0      0 localhost.localdo:52389 localhost.localdo:mysql TIME_WAIT  -
tcp        0      0 localhost.localdo:10025 localhost.localdo:39867 TIME_WAIT  -
tcp        0      0 localhost.localdo:52343 localhost.localdo:mysql TIME_WAIT  -
tcp        0      0 localhost.localdo:52344 localhost.localdo:mysql TIME_WAIT  -
tcp        0      0 localhost.localdo:10024 localhost.localdo:44644 ESTABLISHED 14844/amavisd (ch2-
tcp        0      0 localhost.localdo:44644 localhost.localdo:10024 ESTABLISHED 15107/smtp
tcp        0      0 localhost.localdo:10025 localhost.localdo:39915 TIME_WAIT  -
tcp        0      0 localhost.localdo:52390 localhost.localdo:mysql TIME_WAIT  -
tcp        0      0 localhost.localdo:10024 localhost.localdo:44645 ESTABLISHED 14887/amavisd (ch2-
tcp        0      0 localhost.localdo:52413 localhost.localdo:mysql TIME_WAIT  -
tcp        0      0 localhost.localdo:10025 localhost.localdo:39862 TIME_WAIT  -
tcp        0      0 localhost.localdo:41188 localhost.localdo:mysql TIME_WAIT  -
tcp        0      0 localhost.localdo:52375 localhost.localdo:mysql TIME_WAIT  -
tcp        0      1 smail.scribalpubl:53934 mta-v10.mail.vip.m:smtp SYN_SENT    15117/smtp
tcp        0      0 localhost.localdo:10025 localhost.localdo:39921 TIME_WAIT  -
tcp        0      0 localhost.localdo:52376 localhost.localdo:mysql TIME_WAIT  -
tcp        0      1 smail.scribalpubl:56273 mta-v15.mail.vip.r:smtp FIN_WAIT1  -
tcp        0      0 smail.scribalpubl:39502 211.29.133.14:smtp      ESTABLISHED 15111/smtp
tcp        0      0 localhost.localdo:52414 localhost.localdo:mysql ESTABLISHED 15132/cleanup
tcp        0      1 smail.scribalpubl:33520 mta-v9.mail.vip.mu:smtp SYN_SENT    15122/smtp
tcp        0      0 localhost.localdo:52360 localhost.localdo:mysql TIME_WAIT  -
tcp6      0      0 [::]:imaps              [::]:*                  LISTEN      4929/couriertcpd
tcp6      0      0 [::]:pop3s              [::]:*                  LISTEN      4963/couriertcpd
tcp6      0      0 [::]:pop3              [::]:*                  LISTEN      4943/couriertcpd
tcp6      0      0 [::]:imap2              [::]:*                  LISTEN      4909/couriertcpd
tcp6      0      0 [::]:ssh                [::]:*                  LISTEN      4387/sshd
tcp6      0      0 smail.scribalpublis:ssh 192.168.1.75%76233:3469 ESTABLISHED 14534/sshd: alan [p


I did read that upgrading changed the bash/dash thing so I redid that from the how to.

If all else fails I will have to wipe the server and start again. I really dont want to do that because there is still at least 40,000 emails stuck in the queue that it is ever so slowly sending out and it is a very important mailout.

I do know one thing though.
I will never do an upgrade again.

Thanks for looking at this for me Falko.

Flash 19th June 2009 16:28

Quote:

Starting ClamAV daemon clamd:
ERROR: Parse error at line 44: Unknown Option ScanPartialMessages.
ERROR: Can't open/parse the config file /etc/clamav/clamd.conf [FAIL]
This option does not exist in clamav, it might have in older versions but the current one does not understand this. you could copy the example conf over this one and make the changes you need to to that one if your not sure. its located here: /usr/share/doc/clamav-base/examples/clamd.conf


Quote:

less /var/log/mail.log

Jun 15 11:29:25 smail amavis[6184]: (06184-01-4) (!)run_av (ClamAV-clamd, built-in i/f): Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 86) line 310.
Jun 15 11:29:25 smail amavis[6184]: (06184-01-4) (!!)ClamAV-clamd av-scanner FAILED: CODE(0x604e60) Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 86) line 310. at (eval 86) line 511.
Jun 15 11:29:25 smail amavis[6184]: (06184-01-4) (!!)WARN: all primary virus scanners failed, considering backups
This has to do with the fact the mail server is not running, thus the socket is not created.

Fix the ScanPartialMessages error, and clamd will start up and create the socket file.


All times are GMT +2. The time now is 19:02.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.