Mailing List Archive

Hi there,

On Tue, 16 Aug 2022, John wrote:

> I apologise in advance if this question is trivial but I am getting
> very lost. [...] recently I started using the Debian package rather
> that a self-build (mainly because clamav requires an increase of
> support code)

It isn't too difficult to set up a build system on Debian but there is
quite a bit to do. It would probably be worth your while to put in
the effort get on top of it. There's help here. If you use packages,
unfortunately most package maintainers seem to like a configuration
for ClamAV which is very different from that which which you'll be
familiar if you've been building it yourself. Things are in different
places, and ownerships and groups will be different. You will need to
go through all the configuration methodically. You can use 'clamconf'
to see most of the important configuration settings.

> ...
> Starting ClamAV daemon: Tue Aug 9 16:36:00 2022 -> !LOCAL: Socket file
> /var/run/clamav/clamd could not be bound: Permission denied
> Tue Aug 9 16:36:00 2022 -> *Closing the main socket.
>
> I have tried changing ownership/permissions on /var/run/clamav with no
> noticeable affect. In the past I had to change ownership to Debian-exim
> but that does not seem sufficient.

You haven't actually said what permissions and ownerships you tried, but
just to see if the permissions really are the problem you could try

chmod +777 /var/run/clamav/

I don't mean for you to use those permissions routinely of course.

Another packaging issue is that there's usually an init script or
systemd configuration to start clamd, and that might not do what you
expect. Instead of relying on that sort of thing, at least to get
clamd running initially you can start it from the command line. If
you do that you can specify on the command line the configuration file
to be used so there's no room for doubt:

# /path/to/clamd -c /path/to/clamd.conf

The '#' there means you're to start clamd as root. It will read its
configuration file, drop root permissions and take on the UID of the
owner specified in the config. That owner has certain permissions.
Set the permissions on the directory which will contain the socket so
that they allow that owner (and/or group if you like) to create the
socket. It might be helpful to configure verbose logging to a file
which you specify in the config rather than e.g. relying on syslog and
then hunting for messages from clamd in the system logs.

If you still have problems post the output of the command

clamconf -n

to the list.

--

73,
Ged.
_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

On Tuesday, August 16, 2022 4:13:55 PM EDT John wrote:
> I apologise in advance if this question is trivial but I am getting
> very lost.
>
> I have been running clamav as part of my mailer's anti-spam system for
> years. More recently I started using the Debian package rather that a
> self-build (mainly because clamav requires an increase of support
> code) but I am having trouble starting it. In particular it reports
>
> Starting ClamAV daemon: Tue Aug 9 16:36:00 2022 -> !LOCAL: Socket file
> /var/run/clamav/clamd could not be bound: Permission denied
> Tue Aug 9 16:36:00 2022 -> *Closing the main socket.
>
> I have tried changing ownership/permissions on /var/run/clamav with no
> noticeable affect. In the past I had to change ownership to Debian-exim
> but that does not seem sufficient.
>
> What should I do next? I get the same error for a couple of versions,
> 103 and 104 I think.

If you're using Debian packages on the current stable release, the default for
the clamd socket is:

LocalSocket /run/clamav/clamd.ctl

I would suggest checking what you have in /etc/clamav/clamd.conf

Currently /var/run and /run should be symlinked, so either should work. It is
owned by the clamav user and the root group:

drwxr-xr-x 2 clamav root 60 Aug 1 11:34 clamav

If you are running using sysv init and there is a /etc/default/clamav-daemon
file, it's sourced by the init script and will override what's in the clamd
config file.

I think you are hunting in the right area of the likely problem, but there's
some additional things you can check.

Scott K


_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

follows this line--
> It isn't too difficult to set up a build system on Debian but there is
> quite a bit to do. It would probably be worth your while to put in
> the effort get on top of it. There's help here. If you use packages,
> unfortunately most package maintainers seem to like a configuration
> for ClamAV which is very different from that which which you'll be
> familiar if you've been building it yourself. Things are in different
> places, and ownerships and groups will be different. You will need to
> go through all the configuration methodibcally. You can use 'clamconf'
> to see most of the important configuration settings.

I built clamav from sources until recently when builds failed on both
Debian ad openSuse. I gave up with version 0.104 I think but was fully
up to speed on 0.103.4 which I rebuilt yesterday. Really I did not want
to get involved with rust...

More information.

I have tried with /run/clamav with 777 permissions and owned by root,
clamav and Debian-exim. The last is how it used to run. In all cases
I get the same error message.

I installed the most recent package for buster (0.103.6) and there is
certainly something odd about it. It says

# clamconf -n
Checking configuration files in /usr/--sysconfdir=/etc/clamav/etc

clamd.conf not found

freshclam.conf not found

clamav-milter.conf not found

Software settings
-----------------
Version: 0.103.4
Optional features supported: MEMPOOL IPv6 AUTOIT_EA06 BZIP2 LIBXML2 PCRE2 ICONV JSON RAR

Database information
--------------------
Database directory: /usr/--sysconfdir=/etc/clamav/share/clamav
WARNING: freshclam.conf and clamd.conf point to different database directories
print_dbs: Can't open directory /usr/--sysconfdir=/etc/clamav/share/clamav

Platform information
--------------------
uname: Linux 4.19.0-21-amd64 #1 SMP Debian 4.19.249-2 (2022-06-30) x86_64
OS: linux-gnu, ARCH: x86_64, CPU: x86_64
Full OS version: Debian GnNU/Linux 10 (buster)
zlib version: 1.2.11 (1.2.11), compile flags: a9
platform id: 0x0a217d7d0800000000080300

Build information
-----------------
GNU C: 8.3.0 (8.3.0)
CPPFLAGS:
CFLAGS: -g -O2 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
CXXFLAGS: -g -O2
LDFLAGS:
Configure: '--with-user=Debian-exim' '--with-group=Debian-exim' '--bindir=/usr/sbin' '--prefix=/usr/--sysconfdir=/etc/clamav/'
sizeof(void*) = 8
Engine flevel: 125, dconf: 125
#

I am starting clamd on the command line with
clamd -c /etc/clamvav/clamd

The reference to --sysconfdir is certainly odd

I found an old clamd binary that now seems to work. We will see!
==John ffitch
_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Hi there,

On Wed, 17 Aug 2022, John wrote:

> ...
> # clamconf -n
> Checking configuration files in /usr/--sysconfdir=/etc/clamav/etc
>
> clamd.conf not found
>
> freshclam.conf not found
>
> clamav-milter.conf not found
> ...

Ouch. Did this clamconf binary come from a package??

What's the output of

clamconf -V

?

> ...
> Build information
> -----------------
> GNU C: 8.3.0 (8.3.0)
> CPPFLAGS:
> CFLAGS: -g -O2 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
> CXXFLAGS: -g -O2
> LDFLAGS:
> Configure: '--with-user=Debian-exim' '--with-group=Debian-exim' '--bindir=/usr/sbin' '--prefix=/usr/--sysconfdir=/etc/clamav/'
> ...

It looks like the arguments given to 'configure' were broken when the
binary was built. There should have been whitespace between the last
two options, so you would have had the prefix value given by

'--prefix=/usr/'

and the sysconfdir value given by

'--sysconfdir=/etc/clamav/'

but they've somehow been run into a single value for "--prefix" which
as you might expect isn't going to work too well.

If your clamd was built in the same way then all bets are off. It
should probably be rebuilt from scratch.

> I found an old clamd binary that now seems to work. We will see!

What version? How old? If it's a very old version of clamd there may
be issues with some of the more recent signatures - not to mention the
potential for vulnerabilities which have been published. Also if you
use an old clamd you will probably need old libraries to support it.

ldd /path/to/old/clamd

will tell you about the libraries that your old clamd expects to find.

--

73,
Ged.
_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat