Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 14th November 2007, 06:26
bschultz bschultz is offline
Senior Member
 
Join Date: Jul 2006
Posts: 221
Thanks: 11
Thanked 10 Times in 10 Posts
Default Clam AV error

Here's the error I'm getting in the syslog...

Quote:
Nov 13 23:06:55 mail amavis[3264]: (03264-01) (!) ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory, retrying (2)
Nov 13 23:07:01 mail amavis[3264]: (03264-01) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.
Nov 13 23:07:01 mail amavis[3264]: (03264-01) (!!) WARN: all primary virus scanners failed, considering backups

Upon looking in /var/run/clamav/ I have no clamd.ctl file. It used to be there...Any idea what happened, or how to fix this? Without Clamav working, all email is going into the queue.

Thanks.

Brian
Reply With Quote
Sponsored Links
  #2  
Old 15th November 2007, 14:12
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Is Clamd running? What's the output of
Code:
ps aux | grep -i clam
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 15th November 2007, 22:41
bschultz bschultz is offline
Senior Member
 
Join Date: Jul 2006
Posts: 221
Thanks: 11
Thanked 10 Times in 10 Posts
Default

I was having some other email problems anyway, so I re-did all of the postfix steps in the howto and everything seems to be ok now.

Thanks.
Reply With Quote
  #4  
Old 9th December 2007, 22:30
bschultz bschultz is offline
Senior Member
 
Join Date: Jul 2006
Posts: 221
Thanks: 11
Thanked 10 Times in 10 Posts
Default

The error is back...

Here's that output Falko...

Quote:

mail:~# ps aux | grep -i clam
clamav 2458 0.0 0.3 5816 1896 ? Ss Dec03 1:59 /usr/bin/freshclam -d --quiet
amavis 16903 41.1 2.5 20020 14892 ? R 15:22 2:59 /usr/bin/clamscan --stdout --disable-summary -r --tempdir=/var/lib/amavis/tmp /var/lib/amavis/tmp/amavis-20071209T152239-15531/parts
amavis 16904 41.1 2.5 20020 14888 ? R 15:22 2:59 /usr/bin/clamscan --stdout --disable-summary -r --tempdir=/var/lib/amavis/tmp /var/lib/amavis/tmp/amavis-20071209T152239-15532/parts
clamav 17448 32.9 2.0 17384 11660 ? Rs 15:28 0:35 /usr/sbin/clamd
root 17471 0.0 0.1 2852 708 pts/0 R+ 15:30 0:00 grep -i clam
mail:~#
Reply With Quote
  #5  
Old 23rd January 2008, 02:01
chrisruss chrisruss is offline
Junior Member
 
Join Date: Jan 2008
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default UNIX socket /var/run/clamav/clamd.ctl: No such file or directory

I have come to the same problem.

Any ideas?
Reply With Quote
  #6  
Old 23rd January 2008, 08:39
topdog topdog is offline
Senior Member
 
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 153 Times in 150 Posts
Default

Check your clamd.conf the socket may be pointing elsewhere
Reply With Quote
  #7  
Old 23rd January 2008, 10:18
chrisruss chrisruss is offline
Junior Member
 
Join Date: Jan 2008
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default Conf correct

Hi Topdog.
Thanks for your fast answer.

But nope, clamd.conf pointing with LocalSocket to /var/run/clamav/clamd.ctl.

So no mistake here.
Now i tried the following (it seems to help, but maybe just temporarily? Have to wait a few days...):
To guarantee that the scanner has write-access i did:

chmod -R 750 /var/lib/amavis

Then i looked whether the amavis and clamav users were in the right groups. It seems that amavis might have some probs in accessing clamav-directories,...

So i tried to change the user from clamav to amavis:
In /etc/clamav/clamd.conf i changed User clamav to User amavis.

And because clamav has files in
/var/run/clamav
/var/log/clamav
/var/lib/clamav
(if not made other configurations)
I changed the user and the group:

chown -R amavis:amavis /var/run/clamav
(The same with clamav in /var/log and /var/lib.)

Then I edited the /etc/clamav/freshclam.conf
DatabaseOwner clamav, changed it to DatabaseOwner amavis.

For all those who have logrotate: I also had a look at
/etc/logrotate.d/clamav-daemon
as well as
/etc/logrotate.d/clamav-freshclam
Changes here:
create 640 clamav adm to create 640 amavis adm

Then i force-reloaded /etc/init.d/clamav-daemon
and /etc/init.d/clamav-freshclam

Now the error seems gone (from 2 A.M. on till now, just a few hours), but i'm not sure whether it re-appears or not.

Maybe it would be a smarter solution to just add the user amavis to the clamav-group. But didn't try that, because found that "step-by-step"-howto on the net and tried that first. (see http://www200.pair.com/mecham/spam/c...avisd-new.html)

So maybe it helps someone, maybe not, depends on what will happen to my log-file ;-)
Reply With Quote
  #8  
Old 23rd January 2008, 10:30
topdog topdog is offline
Senior Member
 
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 153 Times in 150 Posts
Default

Changing clamav to run as amavis user is not a good idea.

Clamd provides for your issue with this config option
Code:
AllowSupplementaryGroups yes
That needs to be set to yes and then the amavis user added to the clamav group.

That will fix the problem.
Reply With Quote
  #9  
Old 13th February 2008, 08:43
Zous Zous is offline
Junior Member
 
Join Date: Feb 2008
Location: Atlanta, GA, USA
Posts: 4
Thanks: 1
Thanked 0 Times in 0 Posts
Default

I too have been plagued by this issue, and have been spending all day trying to debug it.

It's the exact same error, postfix is sending the mail to amavis which scans it with ClamAV. But instead of it working correctly, amavis throws the "ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory)"

Yes, ClamAV is running as user clamav, who is in the amavis group (and just in case, vice versa is true, amavis is in the clamav group)

Yes, I even had found the same page chrisruss found, and tried that to no avail (I have since reverted those changes)

From what I can tell, the Socket file is never being created. It is not listed in a "netstat -a" call nor is it in the directory it should be in.

I just found the following in the clamav log.

Code:
ERROR: Socket file /var/run/clamav/clamd.ctl could not be bound: Permission denied
That was before I wiped the configuration and replaced it with a new configuration. I stopped getting that (even though the LocalSocket line didn't change). I've even reverted to the original conf (from the package maintainer) and still am not seeing either a message saying it connected to the socket or an error about it not being able to connect to the socket when I restart.

And yes, the /var/run/clamav folder is owned by clamav and clamav has all privileges on it.

I'm at my wits end here, and I would very much like to have a working scanner for my mail server. Any help would be appreciated!
Reply With Quote
  #10  
Old 13th February 2008, 08:53
topdog topdog is offline
Senior Member
 
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 153 Times in 150 Posts
 
Default

can you send output of
Code:
ls /var/run -l
Code:
ls /var/run/clamav -l
__________________
----
http://www.topdog.za.net - Got Linux problems ? - I can help.
http://www.baruwa.org - Try it.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
configuring IPTABLES firewall adityavpratap HOWTO-Related Questions 9 27th May 2006 21:42
Frustrated with ISPConfig install! woozyerdaddee Installation/Configuration 4 19th May 2006 03:38
Installation Fails... :( cyberstorm Installation/Configuration 1 15th January 2006 18:07
Could not make OpenSSL yontengyatso Installation/Configuration 3 3rd November 2005 10:50
Install stop at uuwish, UUDeview SeaWolf Installation/Configuration 6 4th October 2005 23:53


All times are GMT +2. The time now is 22:21.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.