I can't speak for amisvd, but I did run into various issues with
configuring clamav as a milter option with sendmail. I tried running
clamd as the "smmsp" user (the sendmail mail submission user) so that I
could restrict the socket file and directories to be accessible by a
single user and group.
I eventually found that clamd was configured to use "clamd.sock" but the
example for the milter entry in sendmail.mc was "clamd.socket."
On 09/02/2010 01:55 PM, jeff donovan wrote:
On Sep 2, 2010, at 12:40 PM, Oliver Schinagl wrote:
Hello all,
I've been stuffed with the old and known "(!!)ClamAV-clamd av-scanner
FAILED: run_av error: Too many retries to talk to
/var/run/clamav/clamd.sock (Can't connect to UNIX socket
/var/run/clamav/clamd.sock: Permission denied) at (eval 99) line 326.\n"
error.
I have 2 mail servers running with near identical configs, so I did
cross-check them. Also, I googled and verified my permissions and the
like, but I can't seem to get amavis to talk to clamav.
The socket is world read/write-able, so how this is an issue is beyond me:
7of9 var # ls -laF /var/run/clamav/clamd.sock
srw-rw-rw- 1 clamav clamav 0 Sep 2 18:22 /var/run/clamav/clamd.sock=
And supplementary groups are enabled:
7of9 var # grep Supp /etc/clamd.conf
AllowSupplementaryGroups yes
Amavis and clamav aren in each others groups:
clamav:x:10024:amavis
amavis:x:10021:clamav
and when I 'cat' as user amavis, I do get access to the socket (I think?)
cat: /var/run/clamav/clamd.sock: No such device or address
File: `/var/run/clamav/clamd.sock'
Size: 0 Blocks: 0 IO Block: 4096 socket
Device: 903h/2307d Inode: 7921 Links: 1
Access: (0666/srw-rw-rw-) Uid: ( 116/ clamav) Gid: (10024/ clamav)
Access: 2010-09-02 18:22:43.000000000 +0200
Modify: 2010-09-02 18:22:43.000000000 +0200
Change: 2010-09-02 18:22:43.000000000 +0200
Which I think is what is supposed to happen?
The thing that is strangest though, is that freshclam can't even connect
to the socket:
Received signal: wake up
ClamAV update process started at Thu Sep 2 09:30:35 2010
main.cvd is up to date (version: 52, sigs: 704727, f-level: 44, builder:
sven)
Downloading daily-11776.cdiff [100%]
daily.cld updated (version: 11776, sigs: 118691, f-level: 53, builder:
arnaud)
bytecode.cld is up to date (version: 40, sigs: 9, f-level: 53, builder:
edwin)
Database updated (823427 signatures) from database.clamav.net (IP:
xx.xx.xx.xx)
WARNING: Clamd was NOT notified: Can't connect to clamd through
/var/run/clamav/clamd.sock
I checked/tried all obvious answers but that's just not it I think.
Any other pointers?
Oliver
greetings oliver
check your local socket path in your clamd.conf file. and your local user. it
sounds like you have a permissions issue.
# Path to a local socket file the daemon will listen on.
# Default: disabled (must be specified by a user)
LocalSocket /var/amavis/clamd
# Remove stale socket after unclean shutdown.
# Default: no
FixStaleSocket yes
<snip>
# Run as another user (clamd must be started by root to make this option
# working).
# Default: don't drop privileges
User _amavisd
hope this helps
-j
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
