Submitted by erintech on Sat, 09/03/2016 - 12:23 Pro Licensee
Hi
Using the EICAR signature in an email from another service I find that ClamAV works if I am using Standalone scanner (clamscan) but not for Server scanner (clamdscan).
From the command line, both these work perfectly:
clamscan test_virus_eicar.txt
clamdscan test_virus_eicar.txt
Of course I have Googled this, and found others with the same issue, including a couple of claimed solutions, but none work for me.
I have tried
chmod 755 /var/run/clamd.scan
I see this in procmail.log - may or may not be related:
ERROR: Could not lookup : Servname not supported for ai_socktype
I am out of ideas! - any help appreciated.
Thnaks,
Status:
Closed (fixed)
Comments
Submitted by JamieCameron on Sat, 09/03/2016 - 12:47 Comment #1
Do those commands work from the command line when run as a non-root user? The issue may be permissions on the socket file.
Submitted by erintech on Sat, 09/03/2016 - 15:08 Pro Licensee Comment #2
Good Point. No.
As non-root user:
clamdscan test_virus_eicar.txt ERROR: Could not lookup : Servname not supported for ai_socktype
But permissions on the socket seem OK to me:
pwd /var/run/clamd.scan [root@mail2 clamd.scan]# ls -al total 0 drwxr-xr-x 2 clamscan clamscan 60 Sep 3 18:01 . drwxr-xr-x 48 root root 1340 Sep 3 20:53 .. srw-rw---- 1 root clamscan 0 Sep 3 18:01 clamd.sock
However if I set to srw-rw-rw- it works
My question is whether this is a correct/robust solution - and will it revert after reboot?
Thanks
richard
Submitted by JamieCameron on Sun, 09/04/2016 - 16:11 Comment #3
That should fix it - maybe some one-off problem happened that caused the permissions to be incorrect?
Submitted by erintech on Mon, 09/05/2016 - 05:08 Pro Licensee Comment #4
I found that fix reverts back when the service is restarted.
This is a permanent solution:
vi /etc/clamd.conf
LocalSocketMode 660LocalSocketMode 666
Submitted by JamieCameron on Mon, 09/05/2016 - 12:49 Comment #5
Ok, that explains it. Virtualmin should fix up the
LocalSocketModeline if it already exists inclamd.conf, but won't add a new line. This will be fixed in the next release.Submitted by JamieCameron on Mon, 09/05/2016 - 12:49 Comment #6