On Sep 29, 2016, at 5:56 PM, Gregory P. Ennis PoMec@PoMec.net wrote:
I had set the log file in scan.conf to be /var/log/clamd.scan having the user and group name of clamscan and protections of -rw-rw-rw-
I don’t use ClamAV, but I’ll bet it runs as a non-root user. In CentOS 7, only root can write to /var/log.
You should create a clamav directory under /var/log and give the ClamAV user write access to it, then configure ClamAV to write its logs there.
That, or switch to syslog or similar, if ClamAV allows it.