Here's the error I'm getting in the syslog... Upon looking in /var/run/clamav/ I have no clamd.ctl file. It used to be there...Any idea what happened, or how to fix this? Without Clamav working, all email is going into the queue. Thanks. Brian
I was having some other email problems anyway, so I re-did all of the postfix steps in the howto and everything seems to be ok now. Thanks.
UNIX socket /var/run/clamav/clamd.ctl: No such file or directory I have come to the same problem. Any ideas?
Conf correct Hi Topdog. Thanks for your fast answer. But nope, clamd.conf pointing with LocalSocket to /var/run/clamav/clamd.ctl. So no mistake here. Now i tried the following (it seems to help, but maybe just temporarily? Have to wait a few days...): To guarantee that the scanner has write-access i did: chmod -R 750 /var/lib/amavis Then i looked whether the amavis and clamav users were in the right groups. It seems that amavis might have some probs in accessing clamav-directories,... So i tried to change the user from clamav to amavis: In /etc/clamav/clamd.conf i changed User clamav to User amavis. And because clamav has files in /var/run/clamav /var/log/clamav /var/lib/clamav (if not made other configurations) I changed the user and the group: chown -R amavis:amavis /var/run/clamav (The same with clamav in /var/log and /var/lib.) Then I edited the /etc/clamav/freshclam.conf DatabaseOwner clamav, changed it to DatabaseOwner amavis. For all those who have logrotate: I also had a look at /etc/logrotate.d/clamav-daemon as well as /etc/logrotate.d/clamav-freshclam Changes here: create 640 clamav adm to create 640 amavis adm Then i force-reloaded /etc/init.d/clamav-daemon and /etc/init.d/clamav-freshclam Now the error seems gone (from 2 A.M. on till now, just a few hours), but i'm not sure whether it re-appears or not. Maybe it would be a smarter solution to just add the user amavis to the clamav-group. But didn't try that, because found that "step-by-step"-howto on the net and tried that first. (see http://www200.pair.com/mecham/spam/clamav-amavisd-new.html) So maybe it helps someone, maybe not, depends on what will happen to my log-file ;-)
Changing clamav to run as amavis user is not a good idea. Clamd provides for your issue with this config option Code: AllowSupplementaryGroups yes That needs to be set to yes and then the amavis user added to the clamav group. That will fix the problem.
I too have been plagued by this issue, and have been spending all day trying to debug it. It's the exact same error, postfix is sending the mail to amavis which scans it with ClamAV. But instead of it working correctly, amavis throws the "ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory)" Yes, ClamAV is running as user clamav, who is in the amavis group (and just in case, vice versa is true, amavis is in the clamav group) Yes, I even had found the same page chrisruss found, and tried that to no avail (I have since reverted those changes) From what I can tell, the Socket file is never being created. It is not listed in a "netstat -a" call nor is it in the directory it should be in. I just found the following in the clamav log. Code: ERROR: Socket file /var/run/clamav/clamd.ctl could not be bound: Permission denied That was before I wiped the configuration and replaced it with a new configuration. I stopped getting that (even though the LocalSocket line didn't change). I've even reverted to the original conf (from the package maintainer) and still am not seeing either a message saying it connected to the socket or an error about it not being able to connect to the socket when I restart. And yes, the /var/run/clamav folder is owned by clamav and clamav has all privileges on it. I'm at my wits end here, and I would very much like to have a working scanner for my mail server. Any help would be appreciated!
Of course I will, I've been looking at those over and over ls -l /var/run Code: ... drwxr-xr-x 2 clamav clamav 4096 2008-02-13 03:02 clamav ... ls -l /var/run/clamav Code: -rwxrw---- 1 clamav clamav 4 2008-02-13 01:48 freshclam.pid Btw, I was about to repost here as I realized that I stopped seeing comments about the UNIX socket in the log as the default config file turned off LogClean With LogClean on, when I restart I see: Code: Wed Feb 13 03:02:37 2008 -> Unix socket file /var/run/clamav/clamd.ctl Also, notice that the folder /var/run/clamav got touched at 3:02 as well (even if the ctl file is not there currently, and yes clamd is still running) This makes me think that it is getting created, even if it doesn't stay around for long.
Yes, I do. I turned it off. I looked through the clean version of the log for a little more and found the following. Code: Wed Feb 13 03:02:50 2008 -> Socket file removed. I'll probably let it run for a while with FixStaleSocket set to no I didn't think that it would remove a socket in 30 seconds...
And now it's back, which is why I let it run last time. Loading the database takes a long time (20+ mins). While before it was a permissions issue, once I fixed the permissions I kept changing settings and never gave it enough time to load the database. Only once it loaded the database would it actually create the socket. Thanks for your help, hopefully this was just a misunderstanding between me and ClamAV
Me Too! I have this same issue. I took the time to wait for Clamav to spring back to life and email started moving again... for about four hours, then it stopped again. Any ideas as to what causes this? How would I initiate a secondary virus scanner to combat this happening? I've had a pretty good look through the logs and all I see is that the socket stopped responding. Feb 22 18:20:49 ferengi amavis[9734]: (09734-07) (!) run_av: timed out Feb 22 18:20:49 ferengi amavis[9734]: (09734-07) (!!) ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462. Feb 22 18:20:49 ferengi amavis[9734]: (09734-07) (!!) TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462. Feb 22 18:20:49 ferengi amavis[9734]: (09734-07) (!) PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20080222T181527-09734 Feb 22 18:20:50 ferengi amavis[9734]: (09734-08) (!) ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory, retrying (2) Feb 22 18:20:51 ferengi amavis[9732]: (09732-08) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268. Feb 22 18:20:51 ferengi amavis[9732]: (09732-08) (!!) WARN: all primary virus scanners failed, considering backups Feb 22 18:20:56 ferengi amavis[9734]: (09734-08) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268. Feb 22 18:20:56 ferengi amavis[9734]: (09734-08) (!!) WARN: all primary virus scanners failed, considering backups for a little more info.. Clamav.log Fri Feb 22 14:44:58 2008 -> ERROR: reload db failed: Unable to lock database directory (try 2) Fri Feb 22 14:47:08 2008 -> ERROR: reload db failed: Unable to lock database directory (try 3) Fri Feb 22 14:47:08 2008 -> ERROR: reload db failed: Unable to lock database directory Fri Feb 22 14:47:08 2008 -> Terminating because of a fatal error.Fri Feb 22 14:47:08 2008 -> Socket file removed. Fri Feb 22 14:47:08 2008 -> Pid file removed. Fri Feb 22 14:47:08 2008 -> --- Stopped at Fri Feb 22 14:47:08 2008 Fri Feb 22 18:06:29 2008 -> +++ Started at Fri Feb 22 18:06:29 2008 Fri Feb 22 18:06:29 2008 -> clamd daemon 0.90.1 (OS: linux-gnu, ARCH: i386, CPU: i486) Fri Feb 22 18:06:29 2008 -> Log file size limit disabled. Fri Feb 22 18:06:29 2008 -> Reading databases from /var/lib/clamav TIA
The problem is that some of your freshclam processes seem to terminate uncleanly leaving the lock in place, (.dbLock). The next update process then cannot "lock" the db because there is already a lock in place. This means you have to take a close look at your system to figure out why the update does not finish cleanly, also this issue seems to have affected clamav version 0.90 if you are running that version or something below an upgrade is worth the try.