Re: [clamav-users] clamav-milter with sendmail on Fedora 28: init failed to open, to error state, initialization failed, temp failing commands

Micah Snyder (micasnyd) Mon, 16 Jul 2018 09:28:11 -0700

What are your current user/group ownership and permissions on:  
/var/run/clamd.scan/clamd.sock ?


Regards,
Micah


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Jul 16, 2018, at 12:19 PM, Robert Kudyba 
<rkud...@fordham.edu<mailto:rkud...@fordham.edu>> wrote:

I set:
MilterSocketGroup clamscan
User clamscan

Still getting the permission denied.

Note the process:
clamscan 30407  1.4  4.6 1406020 1150544 ?     Ssl  10:57   1:08 
/usr/sbin/clamd -c /etc/clamd.d/scan.conf

And I added most of the clamav-related users to the closely name groups:
clamilt:x:123:clamav,clamscan
clamav:x:124:clamscan,clamilt
clamupdate:x:125:
clamscan:x:126:clamilt,clamav
virusgroup:x:127:clamupdate,clamscan,clamilt


On Mon, Jul 16, 2018 at 11:50 AM, Micah Snyder (micasnyd) 
<micas...@cisco.com<mailto:micas...@cisco.com>> wrote:
Hi Robert,

clamav-milter is a separate process that interacts with clamd.  What user are 
you running clamav-milter under?  It seems as thought clamav-milter doesn't 
have permission to access the clamd socket file to interact with clamd.

Regarding multiple socket options:

You are correct in that the ClamdSocket option in the milter config file may be 
used multiple times in case you have multiple clamd instances set up.  However, 
each clamd instance will only listen on 1 socket, so you must select either 1 
TCP or 1 Unix/Local.

Cheers,
Micah

Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Jul 16, 2018, at 11:06 AM, Robert Kudyba 
<rkud...@fordham.edu<mailto:rkud...@fordham.edu>> wrote:

Thanks Micah, now getting a different error:
Jul 16 10:59:23 storm clamav-milter[32079]: ClamAV: Unable to remove 
/var/run/clamd.scan/clamd.sock: Permission denied
Jul 16 10:59:23 storm clamav-milter[32079]: ERROR: Failed to create socket 
/var/run/clamd.scan/clamd.sock
Jul 16 10:59:23 storm clamav-milter[32079]: ClamAV: Unable to create listening 
socket on conn /var/run/clamd.scan/clamd.sock

ls -l /var/run/clamd.scan/clamd.sock
srw-rw-rw- 1 clamscan clamscan 0 Jul 16 10:57 /var/run/clamd.scan/clamd.sock

In the /etc/mail/clamav-milter.conf I have:
MilterSocket /var/run/clamd.scan/clamd.sock
ClamdSocket unix:/var/run/clamd.scan/clamd.sock

Clamd is running, note as the user clamscan:
ps -auwx | grep clam
clamupd+  2252  0.0  0.0  50740  3832 ?        Ss   Jul11   0:38 
/usr/bin/freshclam -d -c 4
root     17462  0.0  0.0 119104  3264 ?        Ss   09:00   0:00 /bin/bash 
/usr/share/clamav/freshclam-sleep
clamscan 30407  0.0  4.6 1406020 1141612 ?     Ssl  10:57   0:00 
/usr/sbin/clamd -c /etc/clamd.d/scan.conf

The last few lines of /var/log/clamav-milter.log has:
Mon Jul 16 10:30:15 2018 -> Failed to establish a connection to clamd
Mon Jul 16 10:30:15 2018 -> Probe for slot 1 returned: failed
Mon Jul 16 10:30:15 2018 -> Failed to establish a connection to clamd
Mon Jul 16 10:30:15 2018 -> Probe for slot 2 returned: failed
Mon Jul 16 10:30:15 2018 -> Probe for slot 3 returned: success

You wrote: "You should use only 1 ( TCP _or_ Unix/Local ) socket for clamd"
But in the clamav-milter.conf it says:
# This option can be repeated several times with different sockets or even
# with the same socket: clamd servers will be selected in a round-robin
# fashion.

Anyways, seems to be a permission problem. Is clamav-milter trying to restart 
clamd based on the logs above??

On Fri, Jul 13, 2018 at 9:06 AM, Micah Snyder (micasnyd) 
<micas...@cisco.com<mailto:micas...@cisco.com>> wrote:
It looks to me like you have 2 types of sockets set up in your milter config, 
and only 1 type of socket set up in your clamd config:


ClamdSocket tcp:localhost:3310
ClamdSocket unix:/var/run/clamd.scan/clamd.sock

Lines in /etc/clamd.d/scan.conf

TCPSocket 3310
TCPAddr 127.0.0.1

You should use only 1 ( TCP _or_ Unix/Local ) socket for clamd.  We recommend 
using Unix/Local sockets.


Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.


On Jul 10, 2018, at 5:12 PM, Robert Kudyba 
<rkud...@fordham.edu<mailto:rkud...@fordham.edu>> wrote:


ClamdSocket tcp:localhost:3310
ClamdSocket unix:/var/run/clamd.scan/clamd.sock

Lines in /etc/clamd.d/scan.conf

TCPSocket 3310
TCPAddr 127.0.0.1



_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>
https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.clamav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=unhaF4uJnMs3AVEXQaA4Mffu_38QO9gp0_R1MQ-vQbQ&s=WuF3C5NO_kof-zA6OSL5C7p8pwYXzTfQq5aoMOg0GSM&e=


Help us build a comprehensive ClamAV guide:
https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=unhaF4uJnMs3AVEXQaA4Mffu_38QO9gp0_R1MQ-vQbQ&s=iUmHiP0ZFNaK22hm6e5QIA7sGao0Gh0ztdSLV2Qhg9U&e=

https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=unhaF4uJnMs3AVEXQaA4Mffu_38QO9gp0_R1MQ-vQbQ&s=d-9aIaJVTefoOJR2YIGYgVGiD73p8LHdsXg3uY8WeNs&e=


_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml


_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>
https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.clamav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=r2bNshHrUVxKD_COhef4PEadqcNLeu05lE_qjKrOO4A&s=vLMXaWC6wZVrusx9eRcsYvAEaOKtX8MW2pspqOsv4rI&e=


Help us build a comprehensive ClamAV guide:
https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=r2bNshHrUVxKD_COhef4PEadqcNLeu05lE_qjKrOO4A&s=TTzeifPhHyRt8cSdV4LPAqwaMatyW6sDC0-PAMjdS4k&e=

https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=r2bNshHrUVxKD_COhef4PEadqcNLeu05lE_qjKrOO4A&s=2wZ9N-vkiLPuzmJ4H7B2UD642faHuWMGzogtZx4SAdU&e=


_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net<mailto:clamav-users@lists.clamav.net>
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

_______________________________________________
clamav-users mailing list
clamav-users@lists.clamav.net
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Re: [clamav-users] clamav-milter with sendmail on Fedora 28: init failed to open, to error state, initialization failed, temp failing commands

Reply via email to