Since my power problems that resulted in a re-install I have a problem which I've failed to locate up to now. The logs show
daily.cld updated (version: 8950, sigs: 72593, f-level: 38, builder: ccordes) Database updated (510565 signatures) from db.gb.clamav.net (IP: 163.1.3.8) WARNING: Clamd was NOT notified: Can't connect to clamd through /tmp/clamd.socket
I've been through the config files, but obviously there is something in the setup that I've failed to do. Scans are running every night, but
service clamd status clamd: unrecognized service
It has to be something stupid that I've missed. Can someone kick me in the right direction? Thanks
Anne
Anne Wilson wrote:
Hello,
daily.cld updated (version: 8950, sigs: 72593, f-level: 38, builder: ccordes)
service clamd status clamd: unrecognized service
It has to be something stupid that I've missed. Can someone kick me in the right direction? Thanks
the following setup is here working. I'm using the clamav packages from "RPMforge RPM Repository for Red Hat Enterprise 5".
1) # rpm -qa | grep clam clamav-0.94.2-1.el5.rf clamav-milter-0.94.2-1.el5.rf # for mail clamav-db-0.94.2-1.el5.rf clamd-0.94.2-1.el5.rf
2) /etc/clamd.conf LogFile /var/log/clamav/clamd.log LogFileMaxSize 0 PidFile /var/run/clamav/clamd.pid TemporaryDirectory /var/tmp DatabaseDirectory /var/clamav LocalSocket /var/clamav/clamd.socket FixStaleSocket yes MaxConnectionQueueLength 30 MaxThreads 50 ReadTimeout 120 SelfCheck 3600 User clamav AllowSupplementaryGroups yes ScanPE yes ScanELF yes DetectBrokenExecutables yes ScanOLE2 yes ScanPDF yes ScanMail yes PhishingSignatures yes ScanHTML yes ScanArchive yes ArchiveBlockEncrypted no
3) /var/log/clamav/clamd.log [...] Loaded ClamAV 0.94.2/8959/Fri Feb 6 06:58:05 2009 ClamAV: Protecting against 951007 viruses Database correctly reloaded (951007 signatures) Database correctly reloaded (951007 viruses)
4) /var/log/freshclam.log [...] Current working dir is /var/clamav Max retries == 3 ClamAV update process started at Fri Feb 6 10:12:01 2009 Using IPv6 aware code Querying current.cvd.clamav.net TTL: 900 Software version from DNS: 0.94.2 main.cvd version from DNS: 49 Connecting via <MYSERVER> main.cvd is up to date (version: 49, sigs: 437972, f-level: 35, builder: sven) daily.cvd version from DNS: 8959 Connecting via <MYSERVER> daily.cld is up to date (version: 8959, sigs: 75562, f-level: 38, builder: ccordes)
regards Olaf
Anne Wilson wrote:
Since my power problems that resulted in a re-install I have a problem which I've failed to locate up to now. The logs show
daily.cld updated (version: 8950, sigs: 72593, f-level: 38, builder: ccordes) Database updated (510565 signatures) from db.gb.clamav.net (IP: 163.1.3.8) WARNING: Clamd was NOT notified: Can't connect to clamd through /tmp/clamd.socket
I've been through the config files, but obviously there is something in the setup that I've failed to do. Scans are running every night, but
service clamd status clamd: unrecognized service
It's possible chkconfig doesn't know about 'clamd' and fails to start on boot.
The scanning of the filesystem is probably driven by scripts.
As root try
/sbin/chkconfig clamd on
then check the service again.
I know next to nothing about clamAV.
Anne Wilson napsal(a):
Since my power problems that resulted in a re-install I have a problem which I've failed to locate up to now. The logs show
daily.cld updated (version: 8950, sigs: 72593, f-level: 38, builder: ccordes) Database updated (510565 signatures) from db.gb.clamav.net (IP: 163.1.3.8) WARNING: Clamd was NOT notified: Can't connect to clamd through /tmp/clamd.socket
I've been through the config files, but obviously there is something in the setup that I've failed to do. Scans are running every night, but
service clamd status clamd: unrecognized service
It has to be something stupid that I've missed. Can someone kick me in the right direction? Thanks
Anne
Hi, it seems to me to misconfiguration problem.
In the first email you wrote:
WARNING: Clamd was NOT notified: Can't connect to clamd through/tmp/clamd.socket
The second one reads:
LocalSocket /var/clamav/clamd.socket
Regards, David Hrbáč
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of David Hrbác Sent: Friday, February 06, 2009 4:59 AM To: CentOS mailing list Subject: Re: [CentOS] clamAV problem
Anne Wilson napsal(a):
Since my power problems that resulted in a re-install I
have a problem which
I've failed to locate up to now. The logs show
daily.cld updated (version: 8950, sigs: 72593, f-level:
38, builder: ccordes)
Database updated (510565 signatures) fromdb.gb.clamav.net (IP: 163.1.3.8)
WARNING: Clamd was NOT notified: Can't connect to clamd through/tmp/clamd.socket
I've been through the config files, but obviously there is
something in the
setup that I've failed to do. Scans are running every night, but
service clamd status clamd: unrecognized service
It has to be something stupid that I've missed. Can
someone kick me in the
right direction? Thanks
Anne
Hi, it seems to me to misconfiguration problem.
In the first email you wrote:
WARNING: Clamd was NOT notified: Can't connect to clamd through/tmp/clamd.socket
The second one reads:
LocalSocket /var/clamav/clamd.socket
Regards, David Hrbáč
------ And then "touch /var/clamd.socket" for the Socket file to get there or on restart it will get there automatically.
JohnStanley
Anne Wilson wrote on Fri, 6 Feb 2009 07:50:58 +0000:
WARNING: Clamd was NOT notified: Can't connect to clamd through /tmp/clamd.socket
well, is it started, does the socket exist?
Kai
On Friday 06 February 2009 10:31, Kai Schaetzl wrote:
Anne Wilson wrote on Fri, 6 Feb 2009 07:50:58 +0000:
WARNING: Clamd was NOT notified: Can't connect to clamd through /tmp/clamd.socket
well, is it started, does the socket exist?
Kai
First, thanks and apologies to all who responded. I've been away a few days and there's always a lot of catching up to be done when I get back.
Checking Olaf's list, I realised that clamav was installed and I had falsely believed that clamd would be installed at the same time. Since there was an old config and log file, I hadn't noticed.
I've now installed it, chkconfig'd it, touched the socket, and I'll wait to see what is reported in the morning.
Thanks again
Anne
On Wednesday 11 February 2009 15:09:33 Anne Wilson wrote:
On Friday 06 February 2009 10:31, Kai Schaetzl wrote:
Anne Wilson wrote on Fri, 6 Feb 2009 07:50:58 +0000:
WARNING: Clamd was NOT notified: Can't connect to clamd through /tmp/clamd.socket
well, is it started, does the socket exist?
Kai
First, thanks and apologies to all who responded. I've been away a few days and there's always a lot of catching up to be done when I get back.
Checking Olaf's list, I realised that clamav was installed and I had falsely believed that clamd would be installed at the same time. Since there was an old config and log file, I hadn't noticed.
I've now installed it, chkconfig'd it, touched the socket, and I'll wait to see what is reported in the morning.
All is still not well. Freshclam still tells me
WARNING: Clamd was NOT notified: Can't connect to clamd through ~/tmp/clamd.socket
Is this relative to root, or where?
Anne
Anne Wilson wrote on Sat, 14 Feb 2009 12:39:49 +0000:
Freshclam still tells me
No, it's a new message!
WARNING: Clamd was NOT notified: Can't connect to clamd through ~/tmp/clamd.socket
that is userhomedir/tmp/clamd.socket
Kai
On Saturday 14 February 2009 15:31:34 Kai Schaetzl wrote:
Anne Wilson wrote on Sat, 14 Feb 2009 12:39:49 +0000:
Freshclam still tells me
No, it's a new message!
WARNING: Clamd was NOT notified: Can't connect to clamd through ~/tmp/clamd.socket
that is userhomedir/tmp/clamd.socket
Kai, I'm lost. That's what I touch'd, so it does exist.
Anne
Anne Wilson wrote:
On Saturday 14 February 2009 15:31:34 Kai Schaetzl wrote:
Anne Wilson wrote on Sat, 14 Feb 2009 12:39:49 +0000:
Freshclam still tells me
No, it's a new message!
WARNING: Clamd was NOT notified: Can't connect to clamd through ~/tmp/clamd.socket
that is userhomedir/tmp/clamd.socket
Kai, I'm lost. That's what I touch'd, so it does exist.
A "socket" cannot be created by touch(1), afaik. Just start clamd, which should create the socket wherever its config file said to put it. Or if there is not socket, find out why clamd did not create it.
Anne Wilson wrote on Sat, 14 Feb 2009 16:12:47 +0000:
that is userhomedir/tmp/clamd.socket
Kai, I'm lost. That's what I touch'd, so it does exist.
Read again, this is "userhomedir/tmp/clamd.socket" and not "/tmp/clamd.socket". clamd does not use the socket "userhomedir/tmp/clamd.socket" unless you tell it to do so. And freshclam does not try to signal to that socket unless it cannot find the correct clamd.conf or has some other problem that you created. Find out why your freshclam is trying the wrong socket. If you installed clamav from rpmforge, it works out of the box. There is nothing needed to be touched, remove that touched file! Check your clamd.conf that the correct socket gets used, check freshclam.conf that the correct clamd.conf is read and start clamd. There's nothing else to do. And if you don't need clamd, there's no need to install it or signal to it. So, tell it not to signal.
Kai
On Saturday 14 February 2009 17:35:32 Kai Schaetzl wrote:
Anne Wilson wrote on Sat, 14 Feb 2009 16:12:47 +0000:
that is userhomedir/tmp/clamd.socket
Kai, I'm lost. That's what I touch'd, so it does exist.
Read again, this is "userhomedir/tmp/clamd.socket" and not "/tmp/clamd.socket". clamd does not use the socket "userhomedir/tmp/clamd.socket" unless you tell it to do so. And freshclam does not try to signal to that socket unless it cannot find the correct clamd.conf or has some other problem that you created. Find out why your freshclam is trying the wrong socket. If you installed clamav from rpmforge, it works out of the box.
I am, and the problem is that it didn't work out of the box. It didn't when I installed it before, either, although I did eventually get it sorted.
There is nothing needed to be touched, remove that touched file! Check your clamd.conf that the correct socket gets used, check freshclam.conf that the correct clamd.conf is read and start clamd. There's nothing else to do. And if you don't need clamd, there's no need to install it or signal to it. So, tell it not to signal.
OK, I understand a bit more about it now, but I really don't think that I need it. Getting to grips with what you do and don't need of related packages can be quite a job.
Anne
On Saturday 14 February 2009 17:35:32 Kai Schaetzl wrote:
Anne Wilson wrote on Sat, 14 Feb 2009 16:12:47 +0000:
that is userhomedir/tmp/clamd.socket
Kai, I'm lost. That's what I touch'd, so it does exist.
Read again, this is "userhomedir/tmp/clamd.socket" and not "/tmp/clamd.socket". clamd does not use the socket "userhomedir/tmp/clamd.socket" unless you tell it to do so. And freshclam does not try to signal to that socket unless it cannot find the correct clamd.conf or has some other problem that you created. Find out why your freshclam is trying the wrong socket. If you installed clamav from rpmforge, it works out of the box. There is nothing needed to be touched, remove that touched file! Check your clamd.conf that the correct socket gets used, check freshclam.conf that the correct clamd.conf is read and start clamd. There's nothing else to do. And if you don't need clamd, there's no need to install it or signal to it. So, tell it not to signal.
"Clamd successfully notified about the update."
I hate being beaten! :-) I simply removed the line that mentioned a local socket. So simple, and so easily missed. Yes, it probably wasn't enabled by default, but by misunderstanding.
Thanks to all who helped.
Anne
Anne
-
Agile Aspect -
Anne Wilson -
David Hrbáč -
John -
Kai Schaetzl -
Olaf Mueller -
Paul Bijnens