[CentOS] Centos 7.2.1511 with sendmail and a problem with clamav

Thu Sep 29 23:56:48 UTC 2016
Gregory P. Ennis <PoMec at PoMec.Net>

Everyone,

I am putting together a new CentOS 7 mail server for our organization
and am having some difficulty getting clamav to work with the clamav-
milter for sendmail.

I have set /etc/clamd.d/scan.conf to use clamscan as the user as well
as root as the user and the status command of systemctl results in the
same error messages :


● clamd at scan.service - Generic clamav scanner daemon
   Loaded: loaded (/usr/lib/systemd/system/clamd at scan.service; enabled;
vendor preset: disabled)
   Active: failed (Result: start-limit) since Thu 2016-09-29 17:53:11
CDT; 1min 38s ago
  Process: 1891 ExecStart=/usr/sbin/clamd -c /etc/clamd.d/scan.conf --
foreground=yes (code=exited, status=1/FAILURE)
 Main PID: 1891 (code=exited, status=1/FAILURE)

Sep 29 17:53:11 IrGw3.EcCare.com systemd[1]: Unit clamd at scan.service
entered failed state.
Sep 29 17:53:11 IrGw3.EcCare.com systemd[1]: clamd at scan.service failed.
Sep 29 17:53:11 IrGw3.EcCare.com systemd[1]: clamd at scan.service holdoff
time over, scheduling restart.
Sep 29 17:53:11 IrGw3.EcCare.com systemd[1]: start request repeated too
quickly for clamd at scan.service
Sep 29 17:53:11 IrGw3.EcCare.com systemd[1]: Failed to start Generic
clamav scanner daemon.
Sep 29 17:53:11 IrGw3.EcCare.com systemd[1]: Unit clamd at scan.service
entered failed state.
Sep 29 17:53:11 IrGw3.EcCare.com systemd[1]: clamd at scan.service failed.

I have tried running :
/usr/sbin/clamd -c /etc/clamd.d/scan.conf --foreground=yes

with the foreground set to yes and no and with the user set in
scan.conf as clamscan or root and it works fine.

I have not been able to figure out what is happening with the command :

systemctl start clamd at scan 

The same error messages occur at boot with this command as well as on
the command line.

Do any of you have suggestions.

Thanks much,

Greg Ennis
-----------------------------------------------------------------------

I think I have found the problem, but would still like some
suggestions.

I had set the log file in scan.conf to be /var/log/clamd.scan having
the user and group name of clamscan and protections of -rw-rw-rw-

When I removed the log file entry line item in scan.conf everything
worked properly.  Only problem is that all the clamd log entries are
going in the message file.

If anyone has other suggestions I would appreciate it.

Thanks,


Greg Ennis