Hi Noel, > On Feb 22, 2018, at 10:23 AM, Noel Jones <njo...@megan.vbhcs.org> wrote: > >> On 2/22/2018 8:29 AM, J Doe wrote: >> >>> Hello, >>> >>> I recently installed ClamAV 0.99.3 on a Ubuntu 16.04.03 LTS server and >>> utilize it as a milter for Postfix v. 3.1.0. >>> >>> When freshclam runs according to its’ cron job and successfully downloads >>> an update, it leaves the following note in the freshclam log: >>> >>> WARNING: clamd was NOT notified: Can’t connect to clamd through >>> /var/spool/postfix/var/run/clamav/clamd.sock >>> >>> My initial thought was a simple permissions error, so I checked the >>> permissions to the clamd.sock socket: >>> >>> drwxr-xr-x clamav clamav /var/spool/postfix/var/run/clamav >>> srw-rw-rw clamav clamav /var/spool/postfix/var/run/clamd.sock > > This path doesn't match the error message above. > >>> >>> $ sudo -u clamav namei -m /var/spool/postfix/var/run/clamav/clamd.sock > > Yet this path does. > >>> I’m pretty sure this is a minor mistake on my part; can anyone suggest a >>> solution ? > > Check your paths in clamd.conf and freshclam.conf carefully. It's > likely they don't match. > > -- Noel Jones
Oops. You’re right - those paths did not match. /etc/clamav/freshclam.conf is set to read clamd’s configuration file when a update is successfully downloaded for the signature database. When I check the path in /etc/clamav/clamd.conf it points to the correct path to the socket: /var/spool/postfix/var/run/clamav/clamd.sock I verified that freshclam runs as clamav via ps aux, so performing the namei test again works: $ sudo -u clamav namei -m /var/spool/postfix/var/run/clamav/clamd.sock The file permissions on the socket are: drwxr-xr-x clamav clamav /var/spool/postfix/var/run/clamav/ srw-rw-rw clamav clamav /var/spool/postfix/var/run/clamav/clamd.sock I note though that man 5 freshclam.conf states that clamd is *NOT* set to update by default, however when I installed the package on Ubuntu 16.04.03 LTS, it has put in 3600 for an update frequency. That said, if freshclam does not notify clamd by default, does that mean if I don’t get the socket problem sorted out that clamd (and more importantly clamav-milter), will still use the most recently downloaded signatures when scanning ? Or does clamd and clamav-milter have to receive an update message via the socket to use the most recent signatures ? Thanks, - J _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
