Re: [Clamav-users] amavisd can't connect to clamd on Gentoo

Wed, 19 Aug 2009 01:36:56 -0700 

Nathan Phillip Brink ha scritto:



On 2009-08-17 15:15, Federico Giovannini wrote:
 > Hi all,
 >
 > I'm new in this mailing-list and also as clamav-user so sorry for my
elementary questions.
 > With my configuration gentoo, postfix ( 2.2.11-r1), amavisd-new
(2.5.2) and ClamAV 0.95.2 sometimes when my mailserver receives emails
with attachments, clamd stops working and also clamscan dies as
indicated in the following amavis logs:

If you expect clamav + amavisd + postfix to essentially work out of 
the box in gentoo, you should file a bug at https://bugs.gentoo.org/ 
(and CC me, for my benefit ;-)). Personally, I use clamav-milter to 
scan emails, so all my advice for your use of amavisd is primarily 
guessing based on the information you have posted.

 >
 > Aug 17 03:42:59 scilla.sestante.net /usr/sbin/amavisd[10531]:
(10531-12) (!!)TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL
VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: CODE(0x8011a434)
Too many retries to talk to /var/amavis/clamd.sock (Can't connect to
UNIX socket /var/amavis/clamd.sock: Connection refused) at (eval 67)
line 310. at (eval 67) line 511.; ClamAV-clamscan av-scanner FAILED:
/usr/bin/clamscan DIED on signal 11 (000b) at (eval 67) line 511.
 >

Could you check if /var/amavis/clamd.sock exists after clamd has been 
started? Please also give the permissions of the file. You can get 
this information by running:


stat /var/amavis/clamd.sock

stat /var/amavis/clamd.sock
 File: `/var/amavis/clamd.sock'
 Size: 0               Blocks: 0          IO Block: 131072 socket
Device: 902h/2306d      Inode: 978391      Links: 1
Access: (0777/srwxrwxrwx)  Uid: (  102/  amavis)   Gid: (  408/  amavis)
Access: 2009-08-19 09:51:00.000000000 +0200
Modify: 2009-08-19 09:51:00.000000000 +0200
Change: 2009-08-19 09:51:00.000000000 +0200



Of course, you should tell amavisd to look for the clamd socket in 
/var/run/clamav/clamd.sock instead. If you still have trouble after 
updating amavisd's configuration, please also give the output of:

My amavisd configuration looks for /var/amavis/clamd.sock!
['ClamAV-clamd',
 \&ask_daemon, ["CONTSCAN {}\n", "/var/amavis/clamd.sock"],
 qr/\bOK$/, qr/\bFOUND$/,
 qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],
# NOTE: run clamd under the same user as amavisd, or run it under its own
#   uid such as clamav, add user clamav to the amavis group, and then add
#   AllowSupplementaryGroups to clamd.conf;
# NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
#   this entry; when running chrooted one may prefer socket "$MYHOME/clamd".

and also my clamd il looking for the same socket (as you can see):
clamconf -n
Checking configuration files in /etc

Config file: clamd.conf
-----------------------
LogFile = "/var/log/clamav/clamd.log"
LogTime = "yes"
LogVerbose = "yes"
PidFile = "/var/run/clamav/clamd.pid"
LocalSocket = "/var/amavis/clamd.sock"
MaxConnectionQueueLength = "30"
User = "amavis"
ScanArchive disabled

Config file: freshclam.conf
---------------------------
PidFile = "/var/run/clamav/freshclam.pid"
UpdateLogFile = "/var/log/clamav/freshclam.log"
DatabaseOwner = "amavis"
Checks = "24"
DatabaseMirror = "database.clamav.net"

clamav-milter.conf not found

Software settings
-----------------
Version: 0.95.2
Optional features supported: MEMPOOL CLAMUKO AUTOIT_EA06 RAR
Database directory: /var/lib/clamav
main.cvd: version 51, sigs: 545035, built on Thu May 14 16:28:45 2009
main.cld: version 51, sigs: 545035, built on Thu May 14 16:28:45 2009
daily.cld: version 9715, sigs: 64814, built on Wed Aug 19 09:21:15 2009



stat /var/run/clamav/clamd.sock

Also, why is /usr/bin/clamscan being run when a connection is being 
made to clamd? wouldn't it be better to run clamdscan?

 > I took a look also to clamd.log but there are not FATAL evidence.

This is because amavisd was unable to connect to the clamd. So clamd 
should have heard nothing, AFAICT



postfix version 2.5.7
amavisd-new version 2.6.1-r1

Please note that non-Gentooers do not understand what ``-r1'' means ;-).


mail ~ # clamconf -n
Checking configuration files in /etc

Config file: clamd.conf
-----------------------
LogFile = "/var/log/clamav/clamd.log"
LogTime = "yes"
LogClean = "yes"
LogVerbose = "yes"
PidFile = "/var/run/clamav/clamd.pid"
LocalSocket = "/var/run/clamav/clamd.sock"

Try setting this option to the file that amavis is looking for: 
/var/amavis/clamd.sock. Or tell amavis to look in 
/var/run/clamav/clamd.sock instead of /var/amavis/clamd.sock . The 
latter option is probably preferable because applications other than 
amavisd are able to make use of clamd.

Debug = "yes"
User = "clamav"
AllowSupplementaryGroups = "yes"


_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml






















					Reply via email to