HAllo, ich habe mir nach Anleitung einen Debian Lenny-Server aufgesetzt, auf dem neben Postfix auch Amavis mit ClamAV und freshclam etc. läuft. Der Server läuft im großen und ganzen rund ... nur füllen sich die Mail-Logs überdimensional stark, da mit jeder Email eine Fehlermeldung von ClamAV ausgespuckt wird. Es wird folgender Eintrag in der /var/log/mail.log erstellt: "... Jul 28 22:04:28 galaxy5 amavis[31819]: (31819-19) (!)ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: 2, retrying (2) Jul 28 22:04:34 galaxy5 amavis[31819]: (31819-19) (!!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 88) line 309. Jul 28 22:04:34 galaxy5 amavis[31819]: (31819-19) (!!)WARN: all primary virus scanners failed, considering backups ..." Wenn ich aber in ISPConfig auf "Überwachung -->Übersicht zeigen" gehe, sagt er mir, dass sowohl der Virenscanner wie auch alle anderen Dienst uptodate sind. Kann mir einer sagen, woher diese Fehlermeldung kommt? Ich habe auch schon einmal versucht, eine leere Datei mit dem Namen clamd.ctl als auch clamav.log zu erstellen in den in den Fehlermeldungen benannten Pfaden ... aber nix tat sich. Nach dem, was ich bislang gelesen habe, scheint der Virenscanner veraltet zu sein. Aber eigentlich ja auch nicht! Kann mir jemand helfen?! Vielen Dank schon einmal Alex
HAllo, I installed an VServer with Debian Lenny with Postfix, Amavis and ClamAV an, freshclam aso. For the installation I used a Howto from this forum. Normally the Server is working fine ... only the clamAV made problems. With every Email there is written an Error-Log into the /var/log/mail.log .... and this file becomes bigger and bigger. The log is: "... Jul 28 22:04:28 galaxy5 amavis[31819]: (31819-19) (!)ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: 2, retrying (2) Jul 28 22:04:34 galaxy5 amavis[31819]: (31819-19) (!!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 88) line 309. Jul 28 22:04:34 galaxy5 amavis[31819]: (31819-19) (!!)WARN: all primary virus scanners failed, considering backups ..." The ISPConfig-Controlpanel tells me, that everything is working fine and uptodate, also the virusScanner. Can anybody tell me, where the Error-Message comes from and how to stop it? I tryed to create the files clamd.ctl and also clamav.log, but no change. Can anybody help me? Thanks. Greetings from Alex
Yes, I did. I restarted the hole VServer ... but no change. The named files are still missing. I think, it is a problem of ClamAV and not of ISPConfig, but isn't there a solution? ALex
Yes, I think so. The ServerArchitecture should be OpenVZ. The output of "cat /proc/user_beancounters" is "... #cat /proc/user_beancounters Version: 2.5 uid resource held maxheld barrier limit failcnt 9351: kmemsize 11512754 11529611 30720347 30192382 0 lockedpages 0 0 331 331 28 privvmpages 94908 94961 1048576 1153434 0 shmpages 862 862 38400 38400 0 dummy 0 0 9223372036854775807 9223372036854775807 0 numproc 97 97 500 500 0 physpages 59252 59309 0 2147483647 0 vmguarpages 0 0 524288 2147483647 0 oomguarpages 59252 59309 524288 2147483647 0 numtcpsock 31 31 550 550 0 numflock 18 19 262 288 0 numpty 1 1 16 16 0 numsiginfo 0 1 1024 1024 0 tcpsndbuf 591336 591336 6720000 9408000 0 tcprcvbuf 507904 507904 6720000 9408000 0 othersockbuf 305432 305432 5760000 8064000 0 dgramrcvbuf 0 0 794989 794989 0 numothersock 196 196 400 400 0 dcachesize 1424358 1434827 3022848 3113532 0 numfile 3752 3752 7680 7680 0 dummy 0 0 0 0 0 dummy 0 0 0 0 0 dummy 0 0 0 0 0 numiptent 72 72 2000 2000 0 ..." At the moment with an server-Uptime of 3 days theres a failedcount of Lockedpages with 28. But the error-message of ClaimAV is also there after a new server-Restart. Especially the missing files are not existent. My Server-Parameter are the followings: "... galaxy5:~# top top - 19:43:06 up 3 days, 20:16, 1 user, load average: 0.02, 0.08, 0.04 Tasks: 73 total, 1 running, 72 sleeping, 0 stopped, 0 zombie Cpu(s): 0.0%us, 0.0%sy, 0.0%ni,100.0%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 4194304k total, 379296k used, 3815008k free, 0k buffers Swap: 0k total, 0k used, 0k free, 0k cached ..." Thanks for your help. With best regards Alexander
Hallo, galaxy5:~# ls -la /var/run/clamav total 12 drwxr-xr-x 2 clamav root 4096 2011-07-27 23:27 . drwxr-xr-x 13 root root 4096 2011-07-28 22:21 .. -rw-rw---- 1 clamav clamav 4 2011-08-01 04:45 freshclam.pid There is no file "/etc/clamd.conf", only "/etc/clamav/clamd.conf. And in this file is the following writte: Code: MaxConnectionQueueLength 15 LogSyslog false LogFacility LOG_LOCAL6 LogClean false LogVerbose false PidFile /var/run/clamav/clamd.pid DatabaseDirectory /var/lib/clamav SelfCheck 3600 Foreground false Debug false ScanPE true ScanOLE2 true ScanHTML true DetectBrokenExecutables false ExitOnOOM false LeaveTemporaryFiles false AlgorithmicDetection true ScanELF true IdleTimeout 30 PhishingSignatures true PhishingScanURLs true PhishingAlwaysBlockSSLMismatch false PhishingAlwaysBlockCloak false DetectPUA false ScanPartialMessages false HeuristicScanPrecedence false StructuredDataDetection false CommandReadTimeout 5 SendBufTimeout 200 MaxQueue 100 ExtendedDetectionInfo true OLE2BlockMacros false StreamMaxLength 25M LogFile /var/log/clamav/clamav.log LogTime true LogFileUnlock false LogFileMaxSize 0 Bytecode true BytecodeSecurity TrustSigned BytecodeTimeout 60000 OfficialDatabaseOnly false CrossFilesystems true Greetings Alex
WEll Done ... Thanks for your Answer. I thougt, I installed the clamav deamon, because it was written in my Install Manual. Now everything is working well without the permanent error messages. With best regards Alexander
