Hi All, This morning we started seeing this in the headers of our emails: Code: X-Virus-Status: Failed X-Virus-Report: /usr/bin/clamdscan error 2 X-Virus-Checker-Version: clamassassin 1.2.4 with clamdscan / ERROR: Can't connect to clamd: No such file or directory Attempts to manually start clamd result in this Code: # service clamd start Starting Clam AntiVirus Daemon: ERROR: LOCAL: Socket file unix:/var/run/clamav/clamd.sock could not be bound: No such file or directory ERROR: Can't unlink the socket file unix:/var/run/clamav/clamd.sock What is responsible for creating the socket and how do I make it do so? Thanks Jon
Anyone have any ideas at all on this? We're running without Anti Virus until this has been sorted. Thanks, Jon
That's the problem, there is no such file. I tried touching it to create the file, which worked, but evidently wasn't enough for ClamAV to work. I have since rebooted the machine and all it well now. I just hate having to do that because it is production so we have to wait until after hours to do it and that means everyone is running without AV all day long. If there's some way to create the clamd.sock file properly if it is not being created, I would prefer to do that over rebooting. Thanks Jon
What's the output of Code: ls -la /var/run/ ? Maybe it's a permissions problem with one of the directories in the path...
I had the same problem. Commenting out Code: LocalSocket unix:/var/run/clamav/clamd.sock and Code: FixStaleSocket yes in /etc/clamd.conf allowed clamd to restart. Then I noticed that there was a new version of clamd available through yum. Installing that seems to have fixed the problem and clamd now restarts even with the lines above uncommented.
Worked for me. . . Hey, I hate to open an old thread, but I just wanted to say thanks! I was having the same issue with clamd on a client's machine, and for whatever reason -- even after an upgrade it still kept giving me the socket permission denied error message. I checked the permissions on the file and on the directory and everything seemed to be fine, but still I got the error message. Commenting out the two lines mentioned above allowed clamd to start without a hitch! Code: root@server [/var]# service clamd start Starting Clam AntiVirus Daemon: Bytecode: Security mode set to "TrustSigned". ERROR: LOCAL: Socket file /var/clamd could not be removed: Permission denied ERROR: Can't unlink the socket file /var/clamd [FAILED] root@server [/var]# nano /etc/clamd.conf root@server [/var]# service clamd start Starting Clam AntiVirus Daemon: Bytecode: Security mode set to "TrustSigned". [ OK ] root@server [/var]# So I'm happy! - Eric Gillette
I don't want to be a wet blanket, but you haven't fixed the problem, you've ignored it. What you did was to turn off the socket by which 99% of local programs will submit data to be scanned for viruses by clamav. To be perfectly honest, while it is possible to configure clamav to accept submissions via tcp that's not too popular right now. Clamav was complaining that either /var/run/clamd/clamd.sock (the bolded directory) didn't exist or it had no rights to read/create/modify etc. in that directory. Solution: #mkdir /var/run/clamd #chown root:<same group name that clamd runs as> /var/run/clamd You also might want to un-comment those two lines in clamd.conf.
An Upgrade Resolved The Issue. . . Well, after upgrading ClamAV, clamd now starts fine even with the lines uncommented for the socket. So problem was apparently resolved on their end, and as quickly as it started, it's now finished just as quickly!
The problem is the new user. cat /etc/passwd clamav:x:101:103:Clam Anti Virus Checker:/var/clamav:/sbin/nologin clam:x:104:106:Clam Anti Virus Checker:/var/lib/clamav:/sbin/nologin Change the permisions back to the user clamav and all will be ok, without commenting the lines. # chown -R clamav.clamav /var/log/clamav/ # chown -R clamav.clamav /var/run/clamav/ # chown -R clamav.clamav /var/lib/clamav/
New problem of till now running server? Linux distribution and Vserion? I found out there are quit some differences, so the tutorials not always work 1:1 Rainer
I like many were using the 13.1 howto to apply to 13.2 setup, in 13.2 you can just forget creating the link and remove any socket file if it is even there. Then just give the vscan user the permission to the directory: chown vscan:vscan -Rv /var/run/clamav (That's because the clamd config [/etc/clamd.conf] has vscan set as default user in 13.2) Then you can just start the service and it will create the socket. That's it, plain and simple.
Hi! I had the same problem today. Well, let's just say that during the installation process, I just got a hint: If you're a ubuntu user (and I guess I might say any other Linux distro user), then check out if daemon package is installed. If It's not, install the package and clamd.clt is going to show up into the /var/run/clamav directory. It goes as simple as that.
