some errors in syslog in new installation

Discussion in 'ISPConfig 3 Priority Support' started by pawan, Nov 3, 2018.

  1. pawan

    pawan Member HowtoForge Supporter

    I am getting these errors in syslog which I want to fix.
    Code:
     (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to a UNIX socket /var/run/clamav/clamd.ctl: Permission denied
    Nov  4 00:35:49 server2 amavis[1838]: (01838-10) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 113) line 659.\n
    Nov  4 00:35:49 server2 amavis[1838]: (01838-10) (!)WARN: all primary virus scanners failed, considering backups
    Nov  4 00:36:01 server2 cron[682]: Authentication failure
    Nov  4 00:36:01 server2 CRON[18715]: Authentication failure
    How I can fix it?
     
  2. Taleman

    Taleman Well-Known Member HowtoForge Supporter

  3. pawan

    pawan Member HowtoForge Supporter

    Hi Taleman,
    Thanks for your query. The OS is Ubuntu 18.04
    and here is the status of clamav
    PHP:
    root@server2:/usr/sbin# service clamav-daemon status
    clamav-daemon.service Clam AntiVirus userspace daemon
       Loaded
    loaded (/lib/systemd/system/clamav-daemon.serviceenabledvendor presetenabled)
      
    Drop-In: /etc/systemd/system/clamav-daemon.service.d
               
    `-extend.conf
       Active: failed (Result: exit-code) since Sun 2018-11-04 02:13:33 IST; 2s ago
         Docs: man:clamd(8)
               man:clamd.conf(5)
               https://www.clamav.net/documents/
      Process: 26456 ExecStart=/usr/sbin/clamd --foreground=true (code=exited, status=1/FAILURE)
      Process: 26455 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, status=0/SUCCESS)
      Process: 26454 ExecStartPre=/bin/mkdir /run/clamav (code=exited, status=1/FAILURE)
     Main PID: 26456 (code=exited, status=1/FAILURE)

    Nov 04 02:13:14 server2 systemd[1]: Starting Clam AntiVirus userspace daemon...
    Nov 04 02:13:14 server2 mkdir[26454]: /bin/mkdir: cannot create directory '/run/clamav': File exists
    Nov 04 02:13:14 server2 systemd[1]: Started Clam AntiVirus userspace daemon.
    Nov 04 02:13:33 server2 clamd[26456]: Sun Nov  4 02:13:33 2018 -> !Failed to change socket ownership to group clamav
    Nov 04 02:13:33 server2 systemd[1]: clamav-daemon.service: Main process exited, code=exited, status=1/FAILURE
    Nov 04 02:13:33 server2 systemd[1]: clamav-daemon.service: Failed with result 'exit-code'.
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Please run the command:

    ps aux | grep clam

    and post the result. Is this a fresh Ubuntu 18.04 install or a system that you updated recently to 18.04?
     
  5. pawan

    pawan Member HowtoForge Supporter

    The result is like this:
    [email protected]:/# ps aux | grep clam
    clamav 684 0.0 0.1 152084 27084 ? Ss Nov03 0:17 /usr/bin/freshclam -d --foreground=true
    root 5703 0.0 0.0 16788 2172 pts/0 S+ 14:47 0:00 grep --color=auto clam

    This the system I recently migrated to 18.04.
     
    Last edited: Nov 4, 2018
  6. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Try rebooting the system to get a consistent state:
    Code:
    sudo shutdown -r now
    If problem persists, read logs to see what happens with clamav.
    Try
    Code:
    apt update
    apt dist-upgrade
    to make sure the system is fully upgraded.
     
  7. pawan

    pawan Member HowtoForge Supporter

    Hi Taleman,
    I run all the commands, but the result of ps aux | grep clam
    is the same like:
    clamav 673 0.0 0.1 151920 26368 ? Ss 17:31 0:00 /usr/bin/freshclam -d --foreground=true
    root 2512 0.0 0.0 16788 2032 pts/0 S+ 17:35 0:00 grep --color=auto clam
     
  8. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Well , what was the results of the command you ran?
     
  9. pawan

    pawan Member HowtoForge Supporter

    apt update
    Code:
    Hit:1 http://us.archive.ubuntu.com/ubuntu bionic InRelease
    Get:2 http://us.archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]
    Get:3 http://security.ubuntu.com/ubuntu bionic-security InRelease [83.2 kB]
    Get:4 http://us.archive.ubuntu.com/ubuntu bionic-backports InRelease [74.6 kB]
    Fetched 247 kB in 1s (355 kB/s)
    Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    All packages are up to date.
    apt dist-upgrade
    Code:
    Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    Calculating upgrade... Done
    The following packages were automatically installed and are no longer required:
      liblockfile-bin liblockfile1
    Use 'apt autoremove' to remove them.
    0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
    I run both the commands after shutdown -r now
     
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    Seems as if a directory /run/clamav exists even if clamav is not running. If that's the case, try renaming it for a test like:

    mv /run/clamav /run/clamav_bak

    and then restart clamav.
     
  11. pawan

    pawan Member HowtoForge Supporter

    Hi Till
    mv /run/clamav /run/clamav_bak
    service clamav-daemon start
    ps aux | grep clam
    clamav 673 0.0 0.1 152056 27228 ? Ss 17:31 0:05 /usr/bin/freshclam -d --foreground=true
    root 14614 0.0 0.0 16788 2144 pts/1 S+ 20:33 0:00 grep --color=auto clam

    is that okay?
     
  12. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    That ps command was used to test if there are multiple clamav processes running. Seems there are no extra processes.
    See if clamav is OK now:
    Code:
    systemctl status clamav
     
  13. pawan

    pawan Member HowtoForge Supporter

    systemctl status clamav
    Unit clamav.service could not be found

    service clamav-daemon status
    * clamav-daemon.service - Clam AntiVirus userspace daemon
    Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled; vendor preset: enabled)
    Drop-In: /etc/systemd/system/clamav-daemon.service.d
    `-extend.conf
    Active: failed (Result: exit-code) since Sun 2018-11-04 20:33:23 IST; 13min ago
    Docs: man:clamd(8)
    man:clamd.conf(5)
    https://www.clamav.net/documents/
    Process: 14593 ExecStart=/usr/sbin/clamd --foreground=true (code=exited, status=1/FAILURE)
    Process: 14592 ExecStartPre=/bin/chown clamav /run/clamav (code=exited, status=0/SUCCESS)
    Process: 14591 ExecStartPre=/bin/mkdir /run/clamav (code=exited, status=0/SUCCESS)
    Main PID: 14593 (code=exited, status=1/FAILURE)

    Nov 04 20:33:04 server2 systemd[1]: Starting Clam AntiVirus userspace daemon...
    Nov 04 20:33:04 server2 systemd[1]: Started Clam AntiVirus userspace daemon.
    Nov 04 20:33:23 server2 clamd[14593]: Sun Nov 4 20:33:23 2018 -> !Failed to change socket ownership to group clamav
    Nov 04 20:33:23 server2 systemd[1]: clamav-daemon.service: Main process exited, code=exited, status=1/FAILURE
    Nov 04 20:33:23 server2 systemd[1]: clamav-daemon.service: Failed with result 'exit-code'.
     
  14. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    Is the host installed in non standard way? It looks like clamav is running as wrong group or can not change to the right group when started.
    What shows
    ls -lhd /run/clamav
     
  15. pawan

    pawan Member HowtoForge Supporter

  16. pawan

    pawan Member HowtoForge Supporter

    Can I run this again
    apt-get -y install amavisd-new spamassassin clamav clamav-daemon unzip bzip2 arj nomarch lzop cabextract apt-listchanges libnet-ldap-perl libauthen-sasl-perl clamav-docs daemon libio-string-perl libio-socket-ssl-perl libnet-ident-perl zip libnet-dns-perl postgrey
     
  17. Taleman

    Taleman Well-Known Member HowtoForge Supporter

  18. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    If that does not resolve the issue, do the commands and show results:
    Code:
    ls -lhd /run/clamav/
    ls -lh /run/clamav/
    id clamav
     
  19. pawan

    pawan Member HowtoForge Supporter

    yes Taleman,
    that didn't helped in anyway.
    The result of the commands you suggested is like below:

    Code:
    ls -lhd /run/clamav/
    drwxr-xr-x 2 clamav root 60 Nov  4 20:33 /run/clamav/
    
    ls -lh /run/clamav/
    total 0
    s--------- 1 clamav dovecot 0 Nov  4 20:33 clamd.ctl
    
    id clamav
    uid=113(clamav) gid=121(dovecot) groups=121(dovecot),125(amavis)
     
  20. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    What is contents of file
    /etc/apt/sources.list
    and contents of files in /etc/apt/sources.list.d/ directory, if any.
     

Share This Page