Hi All,
I installed clam on CentOS 5 as below.
yum install clamav clamav-db clamd
I got them form Dag.
below are the RPMS I installed. [root@box ~]# rpm -qa |grep clam clamav-db-0.90.2-1.el4.rf clamd-0.90.2-1.el4.rf clamav-0.90.2-1.el4.rf
But, when I restart clam it gives following error.
[root@box init.d]# /etc/init.d/clamd restart Stopping Clam AntiVirus Daemon: [FAILED] Starting Clam AntiVirus Daemon: [ OK ]
[root@box init.d]# tail -f /var/log/clamav/clamd.log Wed May 16 10:46:43 2007 -> +++ Started at Wed May 16 10:46:43 2007 Wed May 16 10:46:43 2007 -> clamd daemon 0.90.2 (OS: linux-gnu, ARCH: i386, CPU: i386) Wed May 16 10:46:43 2007 -> Log file size limit disabled. Wed May 16 10:46:43 2007 -> Reading databases from /var/clamav Wed May 16 10:46:43 2007 -> ERROR: Unable to open file or directory Wed May 16 10:46:43 2007 -> +++ Started at Wed May 16 10:46:43 2007 Wed May 16 10:46:43 2007 -> clamd daemon 0.90.2 (OS: linux-gnu, ARCH: i386, CPU: i386) Wed May 16 10:46:43 2007 -> Log file size limit disabled. Wed May 16 10:46:43 2007 -> Reading databases from /var/clamav Wed May 16 10:46:43 2007 -> ERROR: Unable to open file or directory
This happens with clamav-0.90.
I am ruuning clamav-0.88 on CentOS 4.4. It works fine. below are RPMS I installed on CENTOS 4.4
[root@netmonitor ~]# rpm -qa |grep clam clamav-0.88.7-1.el4.rf clamd-0.88.7-1.el4.rf clamav-db-0.88.7-1.el4.rf
I tried a lot to solve this issue. But still have not been able to solve.
Help needed.
IF you have the same issues that others had when it first came out, then.
As I recall, there are slight differences between the older clamav /etc/clamd.conf files and the new one that must be addressed.
It is a simple google to take care of.
You might look in the /etc dir and see if a clamd.conf.rpmnew was created that has the info you need
- rh
-- Abba Communications Spokane, WA www.abbacomm.net
Thanks for your quick info.
I just disabled selinux as follows.
[root@box init.d]# setenforce 0
Then , I restarted clam as follows.
[root@box init.d]# /etc/init.d/clamd restart Stopping Clam AntiVirus Daemon: [ OK ] Starting Clam AntiVirus Daemon: Running as user clamav (UID 100, GID 101) [ OK ]
Now it is okay, But , is it a good idea to leave selinux disabled ?
And I also want to tell you that this is a fresh server. So no /etc/clamd.conf.rpmnew was saved there.
On 5/16/07, Abba Communications lists06@abbacomm.net wrote:
IF you have the same issues that others had when it first came out, then…
As I recall, there are slight differences between the older clamav /etc/clamd.conf files and the new one that must be addressed.
It is a simple google to take care of.
You might look in the /etc dir and see if a clamd.conf.rpmnew was created that has the info you need
- rh
-- Abba Communications Spokane, WA www.abbacomm.net
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
If the selinux change fixed it, great. if not.
When I install clamav, I roll my own rpms and this is what there was when I last did it and installed
-rw-rw-r-- 1 rh rh 1292773 Apr 25 07:51 clamav-0.90.2-1.centos4.i386.rpm
-rw-rw-r-- 1 rh rh 9503904 Apr 25 07:51 clamav-db-0.90.2-1.centos4.i386.rpm
-rw-rw-r-- 1 rh rh 244065 Apr 25 07:51 clamav-devel-0.90.2-1.centos4.i386.rpm
-rw-rw-r-- 1 rh rh 48998 Apr 25 07:51 clamav-server-0.90.2-1.centos4.i386.rpm
Maybe you are missing an RPM for running the latest, you only mentioned 3 of them in the original post, unless dag combines two of them into one with three total.
When I do it I usually go to http://crash.fce.vutbr.cz/crash-hat/5/clamav/ and snag a source rpm like
http://crash.fce.vutbr.cz/crash-hat/5/clamav/clamav-0.90.2-1.src.rpm
then I install it and modify the spec file very slightly on the version line only and then compile it all back together like this
rpmbuild -ba --without milter clamav.spec
a good example of what I do is at this URL.
http://qmail.jms1.net/clamav-upgrade.shtml
now remember, the older clamav and newer clamav have slightly different /etc/clamd.conf file syntax
also, it is important to remember what user(s) things run as too when hunting down issues.
- rh
-- Abba Communications Spokane, WA www.abbacomm.net
On 2007-05-16, Indunil Jayasooriya indunil75@gmail.com wrote:
Now it is okay, But , is it a good idea to leave selinux disabled ?
Nope.. Not a good idea for clamav, as that program is touching lots of rouge binaries, and it very recently had a remote hole. I think we had the same problem as you, and it was caused by the freshrpms-rpm not putting the /var/clamav where the selinux policy expected it to. We fixed it by:
# stop clamd semanage fcontext -a -t clamd_var_lib_t "/var/clamav(/.*)?" restorecon -R /var/clamav # start clamd
This tells adds a rule saying that files under /var/clamav should be labeled as clamd_var_lib_t, and then the restorecon command sets this label on all files under there.
-jf
-
Abba Communications -
Indunil Jayasooriya -
Jan-Frode Myklebust