Am 04.12.2017 um 15:50 schrieb robert k Wild:
ok should i have started clamd@server OR clamd@service?
dunno, i just pointed out to the offical docs how things are supposed to
work and you need to configure the service anyways while i perfer my own
systemd units anyways because of far better control over new systemd
features (since you are using yum some of them won't probably work on RHEL)
cat /etc/tmpfiles.d/clamd.conf
d /run/clamd 0775 clamscan clamilt
cat /etc/systemd/system/clamd.service
[Unit]
Description=ClamAV Scanner Daemon
[Service]
Type=forking
Environment="TMPDIR=/tmp"
Environment="LANG=en_GB.UTF-8"
ExecStart=/usr/sbin/clamd -c /etc/clamd.d/scan.conf
ExecReload=/usr/bin/kill -SIGUSR2 $MAINPID
Restart=always
RestartSec=1
Nice=5
User=clamscan
Group=clamilt
PrivateTmp=yes
PrivateDevices=yes
PrivateNetwork=no
NoNewPrivileges=yes
CapabilityBoundingSet=CAP_KILL
RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6
SystemCallArchitectures=x86-64
SystemCallFilter=~acct modify_ldt add_key adjtimex clock_adjtime
delete_module fanotify_init finit_module get_mempolicy init_module
io_destroy io_getevents iopl ioperm io_setup io_submit io_cancel kcmp
kexec_load keyctl lookup_dcookie mbind migrate_pages mount move_pages
open_by_handle_at perf_event_open pivot_root process_vm_readv
process_vm_writev ptrace remap_file_pages request_key set_mempolicy
swapoff swapon umount2 uselib vmsplice
ReadOnlyDirectories=/
ReadWriteDirectories=/run/clamd.scan
ReadWriteDirectories=/run/clamd
ReadWriteDirectories=/var/log
ReadWriteDirectories=/tmp
InaccessibleDirectories=-/boot
InaccessibleDirectories=-/etc/dbus-1
InaccessibleDirectories=-/etc/modprobe.d
InaccessibleDirectories=-/etc/modules-load.d
InaccessibleDirectories=-/etc/postfix
InaccessibleDirectories=-/etc/ssh
InaccessibleDirectories=-/etc/sysctl.d
InaccessibleDirectories=-/home
InaccessibleDirectories=-/media
InaccessibleDirectories=-/root
InaccessibleDirectories=-/run/blkid
InaccessibleDirectories=-/run/console
InaccessibleDirectories=-/run/dbus
InaccessibleDirectories=-/run/lock
InaccessibleDirectories=-/run/log
InaccessibleDirectories=-/run/mount
InaccessibleDirectories=-/run/screen
InaccessibleDirectories=-/run/sepermit
InaccessibleDirectories=-/run/setrans
InaccessibleDirectories=-/run/spamassassin
InaccessibleDirectories=-/run/spamassassin-submission
InaccessibleDirectories=-/run/spamass-milter
InaccessibleDirectories=-/run/spamd-debug
InaccessibleDirectories=-/run/systemd/generator
InaccessibleDirectories=-/run/systemd/system
InaccessibleDirectories=-/run/systemd/users
InaccessibleDirectories=-/run/udev
InaccessibleDirectories=-/run/user
InaccessibleDirectories=-/run/vnstat
InaccessibleDirectories=-/usr/lib64/dbus-1
InaccessibleDirectories=-/usr/lib64/xtables
InaccessibleDirectories=-/usr/lib/dracut
InaccessibleDirectories=-/usr/libexec/iptables
InaccessibleDirectories=-/usr/libexec/openssh
InaccessibleDirectories=-/usr/libexec/postfix
InaccessibleDirectories=-/usr/lib/grub
InaccessibleDirectories=-/usr/lib/kernel
InaccessibleDirectories=-/usr/lib/modprobe.d
InaccessibleDirectories=-/usr/lib/modules
InaccessibleDirectories=-/usr/lib/modules-load.d
InaccessibleDirectories=-/usr/lib/rpm
InaccessibleDirectories=-/usr/lib/sysctl.d
InaccessibleDirectories=-/usr/lib/udev
InaccessibleDirectories=-/usr/local
InaccessibleDirectories=-/var/db
InaccessibleDirectories=-/var/lib/alternatives
InaccessibleDirectories=-/var/lib/bayes-persistent
InaccessibleDirectories=-/var/lib/dbus
InaccessibleDirectories=-/var/lib/dnf
InaccessibleDirectories=-/var/lib/initramfs
InaccessibleDirectories=-/var/lib/logrotate
InaccessibleDirectories=-/var/lib/mailgraph
InaccessibleDirectories=-/var/lib/misc
InaccessibleDirectories=-/var/lib/mlocate
InaccessibleDirectories=-/var/lib/ntp
InaccessibleDirectories=-/var/lib/os-prober
InaccessibleDirectories=-/var/lib/postfix
InaccessibleDirectories=-/var/lib/rbldnsd
InaccessibleDirectories=-/var/lib/rkhunter
InaccessibleDirectories=-/var/lib/rpm
InaccessibleDirectories=-/var/lib/rsyslog
InaccessibleDirectories=-/var/lib/smokeping
InaccessibleDirectories=-/var/lib/spamassassin
InaccessibleDirectories=-/var/lib/spamass-milter
InaccessibleDirectories=-/var/lib/spamfilter
InaccessibleDirectories=-/var/lib/systemd
InaccessibleDirectories=-/var/lib/unbound
InaccessibleDirectories=-/var/lib/vnstat
InaccessibleDirectories=-/var/log/rkhunter
InaccessibleDirectories=-/var/spool
[Install]
WantedBy=multi-user.target
cat /etc/clamd.d/scan.conf
User clamscan
AllowSupplementaryGroups yes
PidFile /run/clamd.scan/clamd.pid
TemporaryDirectory /tmp
DatabaseDirectory /var/lib/clamav
OfficialDatabaseOnly no
LocalSocket /run/clamd/clamd.sock
LocalSocketMode 0666
MaxConnectionQueueLength 100
StreamMaxLength 35M
StreamMinPort 31000
StreamMaxPort 32000
MaxThreads 10
MaxQueue 50
ReadTimeout 120
CommandReadTimeout 5
SendBufTimeout 200
IdleTimeout 30
ExcludePath ^/proc/
ExcludePath ^/sys/
MaxDirectoryRecursion 20
FollowDirectorySymlinks no
FollowFileSymlinks no
CrossFilesystems yes
SelfCheck 86400
ExitOnOOM yes
Foreground no
Debug no
LeaveTemporaryFiles no
AllowAllMatchScan no
DetectPUA no
AlgorithmicDetection yes
DisableCache no
ScanPE yes
DisableCertCheck yes
ScanELF yes
DetectBrokenExecutables yes
ScanOLE2 yes
OLE2BlockMacros no
ScanPDF yes
ScanSWF yes
ScanMail yes
ScanPartialMessages no
PhishingSignatures yes
PhishingScanURLs no
PhishingAlwaysBlockSSLMismatch no
PhishingAlwaysBlockCloak no
PartitionIntersection no
HeuristicScanPrecedence yes
StructuredDataDetection no
ScanHTML yes
ScanArchive yes
ArchiveBlockEncrypted no
MaxScanSize 50M
MaxFileSize 50M
MaxRecursion 10
MaxFiles 10000
MaxEmbeddedPE 10M
MaxHTMLNormalize 10M
MaxHTMLNoTags 2M
MaxScriptNormalize 5M
MaxZipTypeRcg 5M
MaxPartitions 50
MaxIconsPE 100
ScanOnAccess no
Bytecode yes
BytecodeSecurity TrustSigned
BytecodeTimeout 2000
StatsEnabled no
StatsPEDisabled yes
LogFile /var/log/clamscan.log
LogFileMaxSize 32M
LogTime yes
LogClean no
ExtendedDetectionInfo yes
LogFileUnlock yes
On 4 December 2017 at 14:46, robert k Wild <robertkw...@gmail.com> wrote:
as you said i did a
yum install -y clamav-server-systemd
then to start it i did a
systemctl enable clamd@server
On 4 December 2017 at 13:58, Reindl Harald <h.rei...@thelounge.net> wrote:
Am 04.12.2017 um 14:56 schrieb robert k Wild:
i have done a
yum install -y clamav
and to start the service i would had thought it would be simple
systemctl start clam or clamd
but i get a
Failed to start clam.service: Unit not found.
what am i doing wrong please
rpm -q --filesbypkg clamav-server-systemd
clamav-server-systemd /usr/lib/systemd/system/clamd@.service
https://fedoramagazine.org/systemd-template-unit-files/
_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
