These forums are locked and archived, but all topics have been migrated to the new forum. You can search for this topic on the new forum: Search for Run ClamAV server scanner on the new forum.
Web Hosting and Cloud Computing Control Panels
Hi Patrick -- what distro is it that you're using?
-Eric
Sorry for the delayed response, I am using this with the latest version of CentOS 5.
Patrick
Okay, so when attempting to launch ClamAV, what errors show up in your mail log -- that's in /var/log/maillog?
Also, what do you get when typing this:
rpm -qa | grep clamavRunning through virtualmin postinstall I got stuck at the following after trying to enable clamd.
A problem occurred testing the ClamAV server scanner : ERROR: Clamd is not configured properly.
----------- SCAN SUMMARY ----------- Infected files: 0 Time: 0.000 sec (0 m 0 s)
I also tried the following command at the command line: /etc/init.d/clamd-virtualmin start I got the following output from it: Starting clamd.virtualmin: ERROR: Please define server type (local and/or TCP).
After performing the above here is the output from maillog on this new install
May 26 16:06:08 localhost dovecot: Dovecot v1.0.7 starting up May 26 16:06:08 localhost dovecot: Generating Diffie-Hellman parameters for the first time. This may take a while.. May 26 16:06:09 localhost spamd[2476]: logger: removing stderr method May 26 16:06:09 localhost sendmail[2495]: alias database /etc/aliases rebuilt by root May 26 16:06:09 localhost sendmail[2495]: /etc/aliases: 76 aliases, longest 10 bytes, 765 bytes total May 26 16:06:09 localhost sendmail[2500]: starting daemon (8.13.8): SMTP+queueing@01:00:00 May 26 16:06:09 localhost sm-msp-queue[2514]: starting daemon (8.13.8): queueing@01:00:00 May 26 16:06:10 localhost spamd[2478]: Error creating a DNS resolver socket: Network is unreachable at /usr/lib/perl5/vendor_perl/5.8.8/Mail/SpamAssassin/DnsResolver.pm line 234. May 26 16:06:10 localhost spamd[2478]: spamd: server started on port 783/tcp (running version 3.2.5) May 26 16:06:10 localhost spamd[2478]: spamd: server pid: 2478 May 26 16:06:10 localhost spamd[2478]: spamd: server successfully spawned child process, pid 2529 May 26 16:06:10 localhost spamd[2478]: spamd: server successfully spawned child process, pid 2530 May 26 16:06:10 localhost spamd[2478]: prefork: child states: II May 26 16:06:25 localhost dovecot: ssl-build-param: SSL parameters regeneration completed May 26 16:12:32 localhost spamd[2478]: spamd: server killed by SIGTERM, shutting down May 26 16:12:32 localhost dovecot: Killed with signal 15 May 26 16:13:59 newserver dovecot: Dovecot v1.0.7 starting up May 26 16:13:59 newserver spamd[2388]: logger: removing stderr method May 26 16:13:59 newserver sendmail[2407]: alias database /etc/aliases rebuilt by root May 26 16:13:59 newserver sendmail[2407]: /etc/aliases: 76 aliases, longest 10 bytes, 765 bytes total May 26 16:13:59 newserver sendmail[2412]: starting daemon (8.13.8): SMTP+queueing@01:00:00 May 26 16:13:59 newserver sm-msp-queue[2420]: starting daemon (8.13.8): queueing@01:00:00 May 26 16:14:01 newserver spamd[2390]: spamd: server started on port 783/tcp (running version 3.2.5) May 26 16:14:01 newserver spamd[2390]: spamd: server pid: 2390 May 26 16:14:01 newserver spamd[2390]: spamd: server successfully spawned child process, pid 2512 May 26 16:14:01 newserver spamd[2390]: spamd: server successfully spawned child process, pid 2513 May 26 16:14:01 newserver spamd[2390]: prefork: child states: II May 26 16:17:47 newserver postfix/postfix-script: starting the Postfix mail system May 26 16:17:47 newserver postfix/master[7051]: daemon started -- version 2.3.3, configuration /etc/postfix May 26 16:18:09 newserver postfix/smtpd[8164]: connect from localhost[127.0.0.1] May 26 16:18:09 newserver postfix/smtpd[8164]: F18DC53E012A: client=localhost[127.0.0.1] May 26 16:18:09 newserver postfix/cleanup[8167]: F18DC53E012A: message-id=mailman.0.1274905088.8055.mailman@newserver.newserver.com May 26 16:18:10 newserver postfix/qmgr[7055]: F18DC53E012A: from=mailman-bounces@newserver.newserver.com, size=2153, nrcpt=1 (queue active) May 26 16:18:10 newserver postfix/smtpd[8164]: disconnect from localhost[127.0.0.1] May 26 16:18:10 newserver postfix/local[8168]: F18DC53E012A: to=root@newserver.newserver.com, relay=local, delay=0.45, delays=0.1/0.01/0/0.34, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME) May 26 16:18:10 newserver postfix/qmgr[7055]: F18DC53E012A: removed May 26 16:21:10 newserver postfix/pickup[7054]: A414353E012C: uid=0 from= May 26 16:21:10 newserver postfix/cleanup[14542]: A414353E012C: message-id=20100526202110.A414353E012C@newserver.newserver.com May 26 16:21:10 newserver postfix/qmgr[7055]: A414353E012C: from=root@newserver.newserver.com, size=1015, nrcpt=1 (queue active) May 26 16:21:11 newserver postfix/local[14578]: A414353E012C: to=root@newserver.newserver.com, orig_to=, relay=local, delay=3.5, delays=2.7/0/0/0.77, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME) May 26 16:21:11 newserver postfix/qmgr[7055]: A414353E012C: removed
Output from requested command: rpm -qa | grep clamav
clamav-filesystem-0.96-1.vm.el5 clamav-0.96-1.vm.el5 clamav-server-sysv-0.96-1.vm.el5 clamav-data-0.96-1.vm.el5 clamav-server-0.96-1.vm.el5 clamav-update-0.96-1.vm.el5 clamav-lib-0.96-1.vm.el5
Thanks!
For your viewing pleasure I have repasted the output from maillog on pastebin as it didn't come out too pretty in the forum.
http://pastebin.com/sZ5Tqurb
Poking around on Google, this seems to come up with recently upgraded ClamAV instances. I'm not sure why it didn't come up previously, perhaps a default changed along the way :-)
However, ClamAV wants to to be told where exactly to listen it seems like...
In your /etc/clamav.conf file, what is "LocalSocket" set to?
-Eric
There isn't a clamav.conf but there is a clamd.conf. Here is what I found relating to LockSocket in that file
# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
#LocalSocket /var/run/clamd.virtualmin/clamd.sock
# Sets the group ownership on the unix socket.
# Default: disabled (the primary group of the user running clamd)
#LocalSocketGroup virusgroup
# Sets the permissions on the unix socket to the specified mode.
# Default: disabled (socket is world accessible)
#LocalSocketMode 660
Hi,
I uncommented these 2 lines:
# This option allows you to save a process identifier of the listening
# daemon (main thread).
# Default: disabled
PidFile /var/run/clamd.virtualmin/clamd.pid
# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
LocalSocket /var/run/clamd.virtualmin/clamd.sock
And it started working....
That did the trick, thanks!! Is there anyway we can get this incorporated into the installer's procedure to save time? Currently I have to get all the way to that step and let it generate the clamav.conf before I can modify it.
Try uncommenting those lines related to the LocalSocket, and then restart ClamAV... does it launch with an error at that point?
-Eric
Uncomenting those lines gives me the following error in virtualmin
A problem occurred testing the ClamAV server scanner :
ERROR: Can't connect to clamd: Connection refused
----------- SCAN SUMMARY -----------
Infected files: 0
Time: 0.001 sec (0 m 0 s)
Trying to start it from command line I get this error
/etc/init.d/clamd-virtualmin start
Starting clamd.virtualmin: ERROR: Unknown group virusgroup
[FAILED]
So I changed the group from virusgroup to clamav (which does exist) then I get this error
/etc/init.d/clamd-virtualmin start
Starting clamd.virtualmin: ERROR: Failed to change socket ownership to group clamav
[FAILED]
I changed it back to virusgroup for now