[RESOLVED] Virtual Users Domains Postfix Ubuntu 8.04 clamav fails after upgrade Hi all, After successfully using a mail server built with Falko's "Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Ubuntu 8.04 LTS)" for more than a year, and on the advice of a friend, I ran two commands on the server Code: apt-get update apt-get upgrade and since then I am experiencing these problems. During startup I see: Code: Starting ClamAV daemon clamd: ERROR: Parse error at line 44: Unknown Option ScanPartialMessages. ERROR: Can't open/parse the config file /etc/clamav/clamd.conf [[COLOR="Red"]FAIL[/COLOR]] and in Code: less /var/log/mail.log Jun 15 11:29:25 smail amavis[6184]: (06184-01-4) (!)run_av (ClamAV-clamd, built-in i/f): Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 86) line 310. Jun 15 11:29:25 smail amavis[6184]: (06184-01-4) (!!)ClamAV-clamd av-scanner FAILED: CODE(0x604e60) Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 86) line 310. at (eval 86) line 511. Jun 15 11:29:25 smail amavis[6184]: (06184-01-4) (!!)WARN: all primary virus scanners failed, considering backups I know it is the upgrade which has done this but I dont know how to fix it. When I try to find out version I get Code: /usr/sbin/clamd -V ERROR: Parse error at line 44: Unknown option ScanPartialMessages. ERROR: Can't open/parse the config file /etc/clamav/clamd.conf and this output Code: ps aux|grep clam clamav 4872 0.0 0.0 21612 1116 ? Ss 10:17 0:00 /usr/bin/freshclam -d --quiet amavis 13972 105 2.6 122400 106424 ? R 15:08 0:04 /usr/bin/clamscan --stdout --disable-summary -r --tempdir=/var/lib/amavis/tmp /var/lib/amavis/tmp/amavis-20090615T150636-13922/parts amavis 13973 103 1.8 90580 74564 ? R 15:08 0:02 /usr/bin/clamscan --stdout --disable-summary -r --tempdir=/var/lib/amavis/tmp /var/lib/amavis/tmp/amavis-20090615T150111-13747/parts alan 13975 0.0 0.0 5168 844 pts/0 R+ 15:08 0:00 grep clam My setup is exactly as it is in Falko's Howto. If anyone can help me with this I would be greatly appreciative. Cheers Al.
output Thanks for your reply Falko. Code: alan@smail:~$ sudo updatedb alan@smail:~$ sudo locate clamd.conf /etc/clamav/clamd.conf /usr/share/doc/clamav-base/examples/clamd.conf /usr/share/man/man5/clamd.conf.5.gz /var/lib/ucf/cache/:etc:clamav:clamd.conf I have noticed that in clamd.conf there is this line: Code: LocalSocket /var/run/clamav/clamd.ctl but that folder only contains one file Code: alan@smail:/var/run/clamav$ ls freshclam.pid It is causing the mail server to run very slowly. I sent a mailout yesterday at midday to 54,326 recipients and this morning at 10:00am there is still 53,000 messages in the queue. Thanks for your help with this.
/etc/clamav/clamd.conf Code: #Automatically Generated by clamav-base postinst #To reconfigure clamd run #dpkg-reconfigure clamav-base #Please read /usr/share/doc/clamav-base/README.Debian.gz for details LocalSocket /var/run/clamav/clamd.ctl FixStaleSocket true TemporaryDirectory /tmp User clamav AllowSupplementaryGroups true ScanMail true ScanArchive true ArchiveLimitMemoryUsage false ArchiveBlockEncrypted false MaxDirectoryRecursion 15 FollowDirectorySymlinks false FollowFileSymlinks false ReadTimeout 180 MaxThreads 12 MaxConnectionQueueLength 15 StreamMaxLength 10M LogSyslog false LogFacility LOG_LOCAL6 LogClean false LogVerbose false PidFile /var/run/clamav/clamd.pid DatabaseDirectory /var/lib/clamav SelfCheck 3600 Foreground false Debug false ScanPE true ScanOLE2 true ScanHTML true DetectBrokenExecutables false MailFollowURLs false ExitOnOOM false LeaveTemporaryFiles false AlgorithmicDetection true ScanELF true IdleTimeout 30 PhishingSignatures true PhishingScanURLs true PhishingAlwaysBlockSSLMismatch false PhishingAlwaysBlockCloak false DetectPUA false ScanPartialMessages false HeuristicScanPrecedence false StructuredDataDetection false LogFile /var/log/clamav/clamav.log LogTime true LogFileUnlock false LogFileMaxSize 0 Thanks again Falko
ls -la /etc/clamav/ Code: alan@smail:~$ ls -la /etc/clamav/ total 28 drwxr-xr-x 5 root root 4096 2009-06-17 08:13 . drwxr-xr-x 93 root root 4096 2009-06-15 10:17 .. -rw-r--r-- 1 root root 1216 2009-06-12 17:55 clamd.conf -rw-r--r-- 1 clamav adm 679 2008-11-07 14:42 freshclam.conf drwxr-xr-x 2 root root 4096 2008-07-19 01:22 onerrorexecute.d drwxr-xr-x 2 root root 4096 2008-07-19 01:22 onupdateexecute.d drwxr-xr-x 2 root root 4096 2008-07-19 01:22 virusevent.d
Dam! I thought if any one could help me it would be you. I have been reading a lot of things on the internet about this problem when clamav has been upgraded but most of them are a slightly different setup to mine with different programs. Im not that experienced in Linux matters so I was worried that if I tried some of their proposed solutions I might break something else. People have been saying it is a permissions problem, others say it was a flaw in the upgrade and there is a later one that will fix it. They speak of "volatile repositries". Im not sure what that means or whether it is a good idea. I feel the major clue is the fact that clamd.conf is looking for: LocalSocket /var/run/clamav/clamd.ctl but there is no file called clamd.ctl I seem to remember during startup, before the upgrade, it used to say something about trying to start clamav and changing something because of what was in clamd.conf. I think I will try to go through the howto again and see if there are any clues of what needs to be done. I did notice that in the howto it says: and mine now says: Code: alan@smail:~$ sudo netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 localhost.localdo:10024 *:* LISTEN 4422/amavisd (maste tcp 0 0 localhost.localdo:10025 *:* LISTEN 15100/master tcp 0 0 localhost.localdo:mysql *:* LISTEN 4496/mysqld tcp 0 0 *:www *:* LISTEN 5140/apache2 tcp 0 0 *:smtp *:* LISTEN 15100/master tcp 0 0 smail.scribalpubl:56420 mta-v15.mail.vip.r:smtp ESTABLISHED 15112/smtp tcp 0 0 localhost.localdo:44645 localhost.localdo:10024 ESTABLISHED 15110/smtp tcp 0 1 smail.scribalpubl:46693 mta-v11.mail.vip.r:smtp SYN_SENT 15123/smtp tcp 0 0 localhost.localdo:52377 localhost.localdo:mysql TIME_WAIT - tcp 0 0 localhost.localdo:10025 localhost.localdo:39881 TIME_WAIT - tcp 0 0 localhost.localdo:mysql localhost.localdo:52414 ESTABLISHED 4496/mysqld tcp 0 0 localhost.localdo:10025 localhost.localdo:39877 TIME_WAIT - tcp 0 0 localhost.localdo:52342 localhost.localdo:mysql TIME_WAIT - tcp 0 0 localhost.localdo:52362 localhost.localdo:mysql TIME_WAIT - tcp 0 0 localhost.localdo:52389 localhost.localdo:mysql TIME_WAIT - tcp 0 0 localhost.localdo:10025 localhost.localdo:39867 TIME_WAIT - tcp 0 0 localhost.localdo:52343 localhost.localdo:mysql TIME_WAIT - tcp 0 0 localhost.localdo:52344 localhost.localdo:mysql TIME_WAIT - tcp 0 0 localhost.localdo:10024 localhost.localdo:44644 ESTABLISHED 14844/amavisd (ch2- tcp 0 0 localhost.localdo:44644 localhost.localdo:10024 ESTABLISHED 15107/smtp tcp 0 0 localhost.localdo:10025 localhost.localdo:39915 TIME_WAIT - tcp 0 0 localhost.localdo:52390 localhost.localdo:mysql TIME_WAIT - tcp 0 0 localhost.localdo:10024 localhost.localdo:44645 ESTABLISHED 14887/amavisd (ch2- tcp 0 0 localhost.localdo:52413 localhost.localdo:mysql TIME_WAIT - tcp 0 0 localhost.localdo:10025 localhost.localdo:39862 TIME_WAIT - tcp 0 0 localhost.localdo:41188 localhost.localdo:mysql TIME_WAIT - tcp 0 0 localhost.localdo:52375 localhost.localdo:mysql TIME_WAIT - tcp 0 1 smail.scribalpubl:53934 mta-v10.mail.vip.m:smtp SYN_SENT 15117/smtp tcp 0 0 localhost.localdo:10025 localhost.localdo:39921 TIME_WAIT - tcp 0 0 localhost.localdo:52376 localhost.localdo:mysql TIME_WAIT - tcp 0 1 smail.scribalpubl:56273 mta-v15.mail.vip.r:smtp FIN_WAIT1 - tcp 0 0 smail.scribalpubl:39502 211.29.133.14:smtp ESTABLISHED 15111/smtp tcp 0 0 localhost.localdo:52414 localhost.localdo:mysql ESTABLISHED 15132/cleanup tcp 0 1 smail.scribalpubl:33520 mta-v9.mail.vip.mu:smtp SYN_SENT 15122/smtp tcp 0 0 localhost.localdo:52360 localhost.localdo:mysql TIME_WAIT - tcp6 0 0 [::]:imaps [::]:* LISTEN 4929/couriertcpd tcp6 0 0 [::]:pop3s [::]:* LISTEN 4963/couriertcpd tcp6 0 0 [::]:pop3 [::]:* LISTEN 4943/couriertcpd tcp6 0 0 [::]:imap2 [::]:* LISTEN 4909/couriertcpd tcp6 0 0 [::]:ssh [::]:* LISTEN 4387/sshd tcp6 0 0 smail.scribalpublis:ssh 192.168.1.75%76233:3469 ESTABLISHED 14534/sshd: alan [p I did read that upgrading changed the bash/dash thing so I redid that from the how to. If all else fails I will have to wipe the server and start again. I really dont want to do that because there is still at least 40,000 emails stuck in the queue that it is ever so slowly sending out and it is a very important mailout. I do know one thing though. I will never do an upgrade again. Thanks for looking at this for me Falko.
This option does not exist in clamav, it might have in older versions but the current one does not understand this. you could copy the example conf over this one and make the changes you need to to that one if your not sure. its located here: /usr/share/doc/clamav-base/examples/clamd.conf This has to do with the fact the mail server is not running, thus the socket is not created. Fix the ScanPartialMessages error, and clamd will start up and create the socket file.
Yay! Thank you Flash. All I did was comment out the line ScanPartialMessages false i.e. #ScanPartialMessages false Then I tried to check the version again and recived an error about HeuristicScanPrecedence so I commented that out as well i.e. #HeuristicScanPrecedence false Then for good measure I commented out the last one #StructuredDataDetection false and rebooted. now no more error messages, and speed has returned. After commenting out the lines, I was able to find version of clamav. It is: Clamav 0.92 I realise that the latest is 0.95 but after what I have been through with upgrades, I am going to give this a miss for now. I am happy to have my mail seerver back to functional. Thank you for your help Flash. Cheers AL
