/var/run/clamd.scan/clamd.sock srw-rw-rw- 1 clamscan clamscan 0 Jul 16 10:57 /var/run/clamd.scan/clamd.sock
On Mon, Jul 16, 2018, 12:27 PM Micah Snyder (micasnyd) <micas...@cisco.com> wrote: > What are your current user/group ownership and permissions on: > /var/run/clamd.scan/clamd.sock ? > > Regards, > Micah > > > Micah Snyder > ClamAV Development > Talos > Cisco Systems, Inc. > > > On Jul 16, 2018, at 12:19 PM, Robert Kudyba <rkud...@fordham.edu> wrote: > > I set: > MilterSocketGroup clamscan > User clamscan > > Still getting the permission denied. > > Note the process: > clamscan 30407 1.4 4.6 1406020 1150544 ? Ssl 10:57 1:08 > /usr/sbin/clamd -c /etc/clamd.d/scan.conf > > And I added most of the clamav-related users to the closely name groups: > clamilt:x:123:clamav,clamscan > clamav:x:124:clamscan,clamilt > clamupdate:x:125: > clamscan:x:126:clamilt,clamav > virusgroup:x:127:clamupdate,clamscan,clamilt > > > On Mon, Jul 16, 2018 at 11:50 AM, Micah Snyder (micasnyd) < > micas...@cisco.com> wrote: > >> Hi Robert, >> >> clamav-milter is a separate process that interacts with clamd. What user >> are you running clamav-milter under? It seems as thought clamav-milter >> doesn't have permission to access the clamd socket file to interact with >> clamd. >> >> Regarding multiple socket options: >> >> You are correct in that the ClamdSocket option in the milter config file >> may be used multiple times in case you have multiple clamd instances set >> up. However, each clamd instance will only listen on 1 socket, so you must >> select either 1 TCP or 1 Unix/Local. >> >> Cheers, >> Micah >> >> Micah Snyder >> ClamAV Development >> Talos >> Cisco Systems, Inc. >> >> >> On Jul 16, 2018, at 11:06 AM, Robert Kudyba <rkud...@fordham.edu> wrote: >> >> Thanks Micah, now getting a different error: >> Jul 16 10:59:23 storm clamav-milter[32079]: ClamAV: Unable to remove >> /var/run/clamd.scan/clamd.sock: Permission denied >> Jul 16 10:59:23 storm clamav-milter[32079]: ERROR: Failed to create >> socket /var/run/clamd.scan/clamd.sock >> Jul 16 10:59:23 storm clamav-milter[32079]: ClamAV: Unable to create >> listening socket on conn /var/run/clamd.scan/clamd.sock >> >> ls -l /var/run/clamd.scan/clamd.sock >> srw-rw-rw- 1 clamscan clamscan 0 Jul 16 10:57 >> /var/run/clamd.scan/clamd.sock >> >> In the /etc/mail/clamav-milter.conf I have: >> MilterSocket /var/run/clamd.scan/clamd.sock >> ClamdSocket unix:/var/run/clamd.scan/clamd.sock >> >> Clamd is running, note as the user clamscan: >> ps -auwx | grep clam >> clamupd+ 2252 0.0 0.0 50740 3832 ? Ss Jul11 0:38 >> /usr/bin/freshclam -d -c 4 >> root 17462 0.0 0.0 119104 3264 ? Ss 09:00 0:00 >> /bin/bash /usr/share/clamav/freshclam-sleep >> clamscan 30407 0.0 4.6 1406020 1141612 ? Ssl 10:57 0:00 >> /usr/sbin/clamd -c /etc/clamd.d/scan.conf >> >> The last few lines of /var/log/clamav-milter.log has: >> Mon Jul 16 10:30:15 2018 -> Failed to establish a connection to clamd >> Mon Jul 16 10:30:15 2018 -> Probe for slot 1 returned: failed >> Mon Jul 16 10:30:15 2018 -> Failed to establish a connection to clamd >> Mon Jul 16 10:30:15 2018 -> Probe for slot 2 returned: failed >> Mon Jul 16 10:30:15 2018 -> Probe for slot 3 returned: success >> >> You wrote: "You should use only 1 ( TCP _or_ Unix/Local ) socket for >> clamd" >> But in the clamav-milter.conf it says: >> # This option can be repeated several times with different sockets or even >> # with the same socket: clamd servers will be selected in a round-robin >> # fashion. >> >> Anyways, seems to be a permission problem. Is clamav-milter trying to >> restart clamd based on the logs above?? >> >> On Fri, Jul 13, 2018 at 9:06 AM, Micah Snyder (micasnyd) < >> micas...@cisco.com> wrote: >> >>> It looks to me like you have 2 types of sockets set up in your milter >>> config, and only 1 type of socket set up in your clamd config: >>> >>> >>> ClamdSocket tcp:localhost:3310 >>> ClamdSocket unix:/var/run/clamd.scan/clamd.sock >>> >>> Lines in /etc/clamd.d/scan.conf >>> >>> TCPSocket 3310 >>> TCPAddr 127.0.0.1 >>> >>> You should use only 1 ( TCP _or_ Unix/Local ) socket for clamd. We >>> recommend using Unix/Local sockets. >>> >>> >>> Micah Snyder >>> ClamAV Development >>> Talos >>> Cisco Systems, Inc. >>> >>> >>> On Jul 10, 2018, at 5:12 PM, Robert Kudyba <rkud...@fordham.edu> wrote: >>> >>> >>> ClamdSocket tcp:localhost:3310 >>> ClamdSocket unix:/var/run/clamd.scan/clamd.sock >>> >>> Lines in /etc/clamd.d/scan.conf >>> >>> TCPSocket 3310 >>> TCPAddr 127.0.0.1 >>> >>> >>> >>> _______________________________________________ >>> clamav-users mailing list >>> clamav-users@lists.clamav.net >>> >>> https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.clamav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=unhaF4uJnMs3AVEXQaA4Mffu_38QO9gp0_R1MQ-vQbQ&s=WuF3C5NO_kof-zA6OSL5C7p8pwYXzTfQq5aoMOg0GSM&e= >>> >>> >>> Help us build a comprehensive ClamAV guide: >>> >>> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=unhaF4uJnMs3AVEXQaA4Mffu_38QO9gp0_R1MQ-vQbQ&s=iUmHiP0ZFNaK22hm6e5QIA7sGao0Gh0ztdSLV2Qhg9U&e= >>> >>> >>> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=unhaF4uJnMs3AVEXQaA4Mffu_38QO9gp0_R1MQ-vQbQ&s=d-9aIaJVTefoOJR2YIGYgVGiD73p8LHdsXg3uY8WeNs&e= >>> >>> >> _______________________________________________ >> clamav-users mailing list >> clamav-users@lists.clamav.net >> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users >> <https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.clamav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwMFAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=sEj6BTig-WzjS1ciLt-7MaTBzf3bsr431mDsH8E8F8Y&s=Ma8bUEpcbTMKCnB7TgSZsHpftktY7mN4GyaRSRuGeAM&e=> >> >> >> Help us build a comprehensive ClamAV guide: >> https://github.com/vrtadmin/clamav-faq >> <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwMFAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=sEj6BTig-WzjS1ciLt-7MaTBzf3bsr431mDsH8E8F8Y&s=LFgCSVxCUoPCAzoz-OGuKanF9QiOaVZtcQJLe6dqK4M&e=> >> >> http://www.clamav.net/contact.html#ml >> <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwMFAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=sEj6BTig-WzjS1ciLt-7MaTBzf3bsr431mDsH8E8F8Y&s=Z6mWTROA1JWmTp_MmK4QtVnYdendm-5iJ-oMDSN4JA4&e=> >> >> >> >> _______________________________________________ >> clamav-users mailing list >> clamav-users@lists.clamav.net >> >> https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.clamav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=r2bNshHrUVxKD_COhef4PEadqcNLeu05lE_qjKrOO4A&s=vLMXaWC6wZVrusx9eRcsYvAEaOKtX8MW2pspqOsv4rI&e= >> >> >> Help us build a comprehensive ClamAV guide: >> >> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=r2bNshHrUVxKD_COhef4PEadqcNLeu05lE_qjKrOO4A&s=TTzeifPhHyRt8cSdV4LPAqwaMatyW6sDC0-PAMjdS4k&e= >> >> >> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=r2bNshHrUVxKD_COhef4PEadqcNLeu05lE_qjKrOO4A&s=2wZ9N-vkiLPuzmJ4H7B2UD642faHuWMGzogtZx4SAdU&e= >> >> > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > > > _______________________________________________ > clamav-users mailing list > clamav-users@lists.clamav.net > > https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.clamav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=sEj6BTig-WzjS1ciLt-7MaTBzf3bsr431mDsH8E8F8Y&s=Ma8bUEpcbTMKCnB7TgSZsHpftktY7mN4GyaRSRuGeAM&e= > > > Help us build a comprehensive ClamAV guide: > > https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=sEj6BTig-WzjS1ciLt-7MaTBzf3bsr431mDsH8E8F8Y&s=LFgCSVxCUoPCAzoz-OGuKanF9QiOaVZtcQJLe6dqK4M&e= > > > https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=sEj6BTig-WzjS1ciLt-7MaTBzf3bsr431mDsH8E8F8Y&s=Z6mWTROA1JWmTp_MmK4QtVnYdendm-5iJ-oMDSN4JA4&e= >
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
