I set: MilterSocketGroup clamscan User clamscan Still getting the permission denied.
Note the process: clamscan 30407 1.4 4.6 1406020 1150544 ? Ssl 10:57 1:08 /usr/sbin/clamd -c /etc/clamd.d/scan.conf And I added most of the clamav-related users to the closely name groups: clamilt:x:123:clamav,clamscan clamav:x:124:clamscan,clamilt clamupdate:x:125: clamscan:x:126:clamilt,clamav virusgroup:x:127:clamupdate,clamscan,clamilt On Mon, Jul 16, 2018 at 11:50 AM, Micah Snyder (micasnyd) < micas...@cisco.com> wrote: > Hi Robert, > > clamav-milter is a separate process that interacts with clamd. What user > are you running clamav-milter under? It seems as thought clamav-milter > doesn't have permission to access the clamd socket file to interact with > clamd. > > Regarding multiple socket options: > > You are correct in that the ClamdSocket option in the milter config file > may be used multiple times in case you have multiple clamd instances set > up. However, each clamd instance will only listen on 1 socket, so you must > select either 1 TCP or 1 Unix/Local. > > Cheers, > Micah > > Micah Snyder > ClamAV Development > Talos > Cisco Systems, Inc. > > > On Jul 16, 2018, at 11:06 AM, Robert Kudyba <rkud...@fordham.edu> wrote: > > Thanks Micah, now getting a different error: > Jul 16 10:59:23 storm clamav-milter[32079]: ClamAV: Unable to remove > /var/run/clamd.scan/clamd.sock: Permission denied > Jul 16 10:59:23 storm clamav-milter[32079]: ERROR: Failed to create socket > /var/run/clamd.scan/clamd.sock > Jul 16 10:59:23 storm clamav-milter[32079]: ClamAV: Unable to create > listening socket on conn /var/run/clamd.scan/clamd.sock > > ls -l /var/run/clamd.scan/clamd.sock > srw-rw-rw- 1 clamscan clamscan 0 Jul 16 10:57 > /var/run/clamd.scan/clamd.sock > > In the /etc/mail/clamav-milter.conf I have: > MilterSocket /var/run/clamd.scan/clamd.sock > ClamdSocket unix:/var/run/clamd.scan/clamd.sock > > Clamd is running, note as the user clamscan: > ps -auwx | grep clam > clamupd+ 2252 0.0 0.0 50740 3832 ? Ss Jul11 0:38 > /usr/bin/freshclam -d -c 4 > root 17462 0.0 0.0 119104 3264 ? Ss 09:00 0:00 /bin/bash > /usr/share/clamav/freshclam-sleep > clamscan 30407 0.0 4.6 1406020 1141612 ? Ssl 10:57 0:00 > /usr/sbin/clamd -c /etc/clamd.d/scan.conf > > The last few lines of /var/log/clamav-milter.log has: > Mon Jul 16 10:30:15 2018 -> Failed to establish a connection to clamd > Mon Jul 16 10:30:15 2018 -> Probe for slot 1 returned: failed > Mon Jul 16 10:30:15 2018 -> Failed to establish a connection to clamd > Mon Jul 16 10:30:15 2018 -> Probe for slot 2 returned: failed > Mon Jul 16 10:30:15 2018 -> Probe for slot 3 returned: success > > You wrote: "You should use only 1 ( TCP _or_ Unix/Local ) socket for clamd" > But in the clamav-milter.conf it says: > # This option can be repeated several times with different sockets or even > # with the same socket: clamd servers will be selected in a round-robin > # fashion. > > Anyways, seems to be a permission problem. Is clamav-milter trying to > restart clamd based on the logs above?? > > On Fri, Jul 13, 2018 at 9:06 AM, Micah Snyder (micasnyd) < > micas...@cisco.com> wrote: > >> It looks to me like you have 2 types of sockets set up in your milter >> config, and only 1 type of socket set up in your clamd config: >> >> >> ClamdSocket tcp:localhost:3310 >> ClamdSocket unix:/var/run/clamd.scan/clamd.sock >> >> Lines in /etc/clamd.d/scan.conf >> >> TCPSocket 3310 >> TCPAddr 127.0.0.1 >> >> You should use only 1 ( TCP _or_ Unix/Local ) socket for clamd. We >> recommend using Unix/Local sockets. >> >> >> Micah Snyder >> ClamAV Development >> Talos >> Cisco Systems, Inc. >> >> >> On Jul 10, 2018, at 5:12 PM, Robert Kudyba <rkud...@fordham.edu> wrote: >> >> >> ClamdSocket tcp:localhost:3310 >> ClamdSocket unix:/var/run/clamd.scan/clamd.sock >> >> Lines in /etc/clamd.d/scan.conf >> >> TCPSocket 3310 >> TCPAddr 127.0.0.1 >> >> >> >> _______________________________________________ >> clamav-users mailing list >> clamav-users@lists.clamav.net >> https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.cl >> amav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwICAg& >> c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4 >> iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=unhaF4uJnMs3AVEXQaA4Mffu_38QO9 >> gp0_R1MQ-vQbQ&s=WuF3C5NO_kof-zA6OSL5C7p8pwYXzTfQq5aoMOg0GSM&e= >> >> >> Help us build a comprehensive ClamAV guide: >> https://urldefense.proofpoint.com/v2/url?u=https-3A__github. >> com_vrtadmin_clamav-2Dfaq&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l >> 0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m= >> unhaF4uJnMs3AVEXQaA4Mffu_38QO9gp0_R1MQ-vQbQ&s=iUmHiP0ZFNaK22 >> hm6e5QIA7sGao0Gh0ztdSLV2Qhg9U&e= >> >> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clam >> av.net_contact.html-23ml&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy >> 8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m= >> unhaF4uJnMs3AVEXQaA4Mffu_38QO9gp0_R1MQ-vQbQ&s=d-9aIaJVTefoOJ >> R2YIGYgVGiD73p8LHdsXg3uY8WeNs&e= >> >> > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > > > > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > https://urldefense.proofpoint.com/v2/url?u=http-3A__lists. > clamav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwICAg&c= > aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_ > qVtR3lLNo4tOL1ry_m7-psV3GejY&m=r2bNshHrUVxKD_ > COhef4PEadqcNLeu05lE_qjKrOO4A&s=vLMXaWC6wZVrusx9eRcsYvAEaOKtX8 > MW2pspqOsv4rI&e= > > > Help us build a comprehensive ClamAV guide: > https://urldefense.proofpoint.com/v2/url?u=https-3A__github. > com_vrtadmin_clamav-2Dfaq&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURk > cqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY& > m=r2bNshHrUVxKD_COhef4PEadqcNLeu05lE_qjKrOO4A&s= > TTzeifPhHyRt8cSdV4LPAqwaMatyW6sDC0-PAMjdS4k&e= > > https://urldefense.proofpoint.com/v2/url?u=http-3A__www. > clamav.net_contact.html-23ml&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURk > cqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY& > m=r2bNshHrUVxKD_COhef4PEadqcNLeu05lE_qjKrOO4A&s=2wZ9N- > vkiLPuzmJ4H7B2UD642faHuWMGzogtZx4SAdU&e= > >
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
