I finally got Amavis working without ClamAV working after moving to Fedora
38.
I'm trying to implement ClamAV for scanning incoming mail.
I tested ClamAV standalone and it works.
Out of the box, I got this error and haven't been able to change the
behavior:
Apr 22 10:35:42 mcq amavis[22581]: (22581-01) (!)connect to
/run/clamd.scan/clamd.sock failed, attempt #1: Can't connect to a UNIX
socket /run/clamd.scan/clamd.sock: Permission denied
Apr 22 10:35:42 mcq amavis[22581]: (22581-01) (!)ClamAV-clamd: All attempts
(1) failed connecting to /run/clamd.scan/clamd.sock, retrying (2)
Info:
# ls -al /run/clamd.amavisd/
total 4
drwxrwx--- 2 amavis clamupdate 80 Apr 22 10:22 .
drwxr-xr-x 52 root root 1480 Apr 22 10:07 ..
-rw-r--r-- 1 root root 6 Apr 22 10:21 clamd.pid
srw-rw-rw- 1 amavis amavis 0 Apr 22 10:22 clamd.sock
ls -al /run/clamd.scan/
total 0
drwxrwx--- 2 clamscan virusgroup 40 Apr 22 05:29 .
drwxr-xr-x 52 root root 1480 Apr 22
I've changed Amavisd.conf in /etc/clamd.d
Original file had
TCPSocket 3310
User Clamscan
I tried commenting out TCPSocket and user Amavis to no avail.
Additional: On Clamd@scan:
pr 23 06:46:06 mcq clamd[12680]: Loaded 8662532 signatures.
Apr 23 06:46:10 mcq clamd[12680]: TCP: Cannot bind to []:3310: Address
already in use
Apr 23 06:46:10 mcq clamd[12680]: TCP: Cannot bind to []:3310: Address
already in use
Apr 23 06:46:10 mcq clamd[12680]: LOCAL: Socket file
/run/clamd.scan/clamd.sock is in use by another process.
Apr 23 06:46:10 mcq clamd[12685]: Received 0 file descriptor(s) from
systemd.
Apr 23 06:46:10 mcq clamd[12685]: clamd daemon 1.0.1 (OS: Linux, ARCH:
x86_64, CPU: x86_64)
Apr 23 06:46:10 mcq clamd[12685]: Log file size limited to 2097152 bytes.
Apr 23 06:46:10 mcq clamd[12685]: Reading databases from /var/lib/clamav
Apr 23 06:46:10 mcq clamd[12685]: Not loading PUA signatures.
Apr 23 06:46:10 mcq clamd[12685]: Not loading phishing signatures.
Apr 23 06:46:10 mcq clamd[12685]: Bytecode: Security mode set to
"TrustSigned".
Apr 23 06:46:10 mcq clamd[12685]: Disabling URL based phishing detection.
# stat /run/clamd.scan/
File: /run/clamd.scan/
Size: 40 Blocks: 0 IO Block: 4096 directory
Device: 0,25 Inode: 1568 Links: 2
Access: (0710/drwx--x---) Uid: ( 981/clamscan) Gid: ( 974/virusgroup)
Access: 2023-04-23 08:22:44.511473195 -0400
Modify: 2023-04-23 06:55:52.128161474 -0400
Change: 2023-04-23 06:55:52.128161474 -0400
Birth: 2023-04-23 05:21:39.015948197 -0400
cat clamd@scan.service
[Unit]
Description = clamd scanner (%i) daemon
Documentation=man:clamd(8) man:clamd.conf(5)
https://www.clamav.net/documents/
After = syslog.target nss-lookup.target network.target
[Service]
Type = forking
ExecStart = /usr/sbin/clamd -c /etc/clamd.d/%i.conf
# Reload the database
ExecReload=/bin/kill -USR2 $MAINPID
Restart = on-failure
TimeoutStartSec=420
[Install]
WantedBy = multi-user.target
Clam based services running is clam-freshclam, clamav-freshclam, clamd,
clamd@amavisd, clamd@scan
Where did I go wrong???
Regards,
Wayne
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
38.
I'm trying to implement ClamAV for scanning incoming mail.
I tested ClamAV standalone and it works.
Out of the box, I got this error and haven't been able to change the
behavior:
Apr 22 10:35:42 mcq amavis[22581]: (22581-01) (!)connect to
/run/clamd.scan/clamd.sock failed, attempt #1: Can't connect to a UNIX
socket /run/clamd.scan/clamd.sock: Permission denied
Apr 22 10:35:42 mcq amavis[22581]: (22581-01) (!)ClamAV-clamd: All attempts
(1) failed connecting to /run/clamd.scan/clamd.sock, retrying (2)
Info:
# ls -al /run/clamd.amavisd/
total 4
drwxrwx--- 2 amavis clamupdate 80 Apr 22 10:22 .
drwxr-xr-x 52 root root 1480 Apr 22 10:07 ..
-rw-r--r-- 1 root root 6 Apr 22 10:21 clamd.pid
srw-rw-rw- 1 amavis amavis 0 Apr 22 10:22 clamd.sock
ls -al /run/clamd.scan/
total 0
drwxrwx--- 2 clamscan virusgroup 40 Apr 22 05:29 .
drwxr-xr-x 52 root root 1480 Apr 22
I've changed Amavisd.conf in /etc/clamd.d
Original file had
TCPSocket 3310
User Clamscan
I tried commenting out TCPSocket and user Amavis to no avail.
Additional: On Clamd@scan:
pr 23 06:46:06 mcq clamd[12680]: Loaded 8662532 signatures.
Apr 23 06:46:10 mcq clamd[12680]: TCP: Cannot bind to []:3310: Address
already in use
Apr 23 06:46:10 mcq clamd[12680]: TCP: Cannot bind to []:3310: Address
already in use
Apr 23 06:46:10 mcq clamd[12680]: LOCAL: Socket file
/run/clamd.scan/clamd.sock is in use by another process.
Apr 23 06:46:10 mcq clamd[12685]: Received 0 file descriptor(s) from
systemd.
Apr 23 06:46:10 mcq clamd[12685]: clamd daemon 1.0.1 (OS: Linux, ARCH:
x86_64, CPU: x86_64)
Apr 23 06:46:10 mcq clamd[12685]: Log file size limited to 2097152 bytes.
Apr 23 06:46:10 mcq clamd[12685]: Reading databases from /var/lib/clamav
Apr 23 06:46:10 mcq clamd[12685]: Not loading PUA signatures.
Apr 23 06:46:10 mcq clamd[12685]: Not loading phishing signatures.
Apr 23 06:46:10 mcq clamd[12685]: Bytecode: Security mode set to
"TrustSigned".
Apr 23 06:46:10 mcq clamd[12685]: Disabling URL based phishing detection.
# stat /run/clamd.scan/
File: /run/clamd.scan/
Size: 40 Blocks: 0 IO Block: 4096 directory
Device: 0,25 Inode: 1568 Links: 2
Access: (0710/drwx--x---) Uid: ( 981/clamscan) Gid: ( 974/virusgroup)
Access: 2023-04-23 08:22:44.511473195 -0400
Modify: 2023-04-23 06:55:52.128161474 -0400
Change: 2023-04-23 06:55:52.128161474 -0400
Birth: 2023-04-23 05:21:39.015948197 -0400
cat clamd@scan.service
[Unit]
Description = clamd scanner (%i) daemon
Documentation=man:clamd(8) man:clamd.conf(5)
https://www.clamav.net/documents/
After = syslog.target nss-lookup.target network.target
[Service]
Type = forking
ExecStart = /usr/sbin/clamd -c /etc/clamd.d/%i.conf
# Reload the database
ExecReload=/bin/kill -USR2 $MAINPID
Restart = on-failure
TimeoutStartSec=420
[Install]
WantedBy = multi-user.target
Clam based services running is clam-freshclam, clamav-freshclam, clamd,
clamd@amavisd, clamd@scan
Where did I go wrong???
Regards,
Wayne
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat