[clamav-users] Unable to run clamd in /opt/directory

P K pkopensrc at gmail.com
Fri Nov 13 05:46:13 UTC 2015 

Here is output:

sudo -u clamav /usr/bin/clamconf -c /opt/
Checking configuration files in /opt/

Config file: clamd.conf
-----------------------
LogFile = "/var/log/clamav/clamav.log"
StatsHostID = "auto"
StatsEnabled disabled
StatsPEDisabled = "yes"
StatsTimeout = "10"
LogFileUnlock disabled
LogFileMaxSize = "4294967295"
LogTime = "yes"
LogClean disabled
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate = "yes"
ExtendedDetectionInfo = "yes"
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory disabled
DatabaseDirectory = "/var/lib/clamav"
OfficialDatabaseOnly disabled
LocalSocket = "/var/run/clamav/clamd.ctl"
LocalSocketGroup = "clamav"
LocalSocketMode = "666"
FixStaleSocket = "yes"
TCPSocket disabled
TCPAddr disabled
MaxConnectionQueueLength = "15"
StreamMaxLength = "26214400"
StreamMinPort = "1024"
StreamMaxPort = "2048"
MaxThreads = "12"
ReadTimeout = "180"
CommandReadTimeout = "5"
SendBufTimeout = "200"
MaxQueue = "100"
IdleTimeout = "30"
ExcludePath disabled
MaxDirectoryRecursion = "15"
FollowDirectorySymlinks disabled
FollowFileSymlinks disabled
CrossFilesystems = "yes"
SelfCheck = "3600"
DisableCache disabled
VirusEvent disabled
ExitOnOOM disabled
AllowAllMatchScan = "yes"
Foreground = "yes"
Debug disabled
LeaveTemporaryFiles disabled
User = "clamav"
AllowSupplementaryGroups disabled
Bytecode = "yes"
BytecodeSecurity = "TrustSigned"
BytecodeTimeout = "60000"
BytecodeUnsigned disabled
BytecodeMode = "Auto"
DetectPUA disabled
ExcludePUA disabled
IncludePUA disabled
AlgorithmicDetection = "yes"
ScanPE = "yes"
ScanELF = "yes"
DetectBrokenExecutables disabled
ScanMail = "yes"
ScanPartialMessages disabled
PhishingSignatures = "yes"
PhishingScanURLs = "yes"
PhishingAlwaysBlockCloak disabled
PhishingAlwaysBlockSSLMismatch disabled
PartitionIntersection disabled
HeuristicScanPrecedence disabled
StructuredDataDetection disabled
StructuredMinCreditCardCount = "3"
StructuredMinSSNCount = "3"
StructuredSSNFormatNormal = "yes"
StructuredSSNFormatStripped disabled
ScanHTML = "yes"
ScanOLE2 = "yes"
OLE2BlockMacros disabled
ScanPDF = "yes"
ScanSWF = "yes"
ScanArchive = "yes"
ArchiveBlockEncrypted disabled
ForceToDisk disabled
MaxScanSize = "104857600"
MaxFileSize = "104857600"
MaxRecursion = "10"
MaxFiles = "10000"
MaxEmbeddedPE = "10485760"
MaxHTMLNormalize = "10485760"
MaxHTMLNoTags = "2097152"
MaxScriptNormalize = "5242880"
MaxZipTypeRcg = "1048576"
MaxPartitions = "50"
MaxIconsPE = "100"
ScanOnAccess disabled
OnAccessIncludePath disabled
OnAccessExcludePath disabled
OnAccessExcludeUID disabled
OnAccessMaxFileSize = "5242880"
DevACOnly disabled
DevACDepth disabled
DevPerformance disabled
DevLiblog disabled
DisableCertCheck disabled

freshclam.conf not found

clamav-milter.conf not found

Software settings
-----------------
Version: 0.98.7
Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06
BZIP2 LIBXML2 ICONV JIT

Database information
--------------------
Database directory: /var/lib/clamav
bytecode.cld: version 270, sigs: 46, built on Mon Nov  2 23:24:36 2015
main.cvd: version 55, sigs: 2424225, built on Tue Sep 17 20:27:28 2013
daily.cld: version 21060, sigs: 1675532, built on Thu Nov 12 23:05:33 2015
Total number of signatures: 4099803

Platform information
--------------------
uname: Linux 3.2.0-23-generic #36-Ubuntu SMP Tue Apr 10 20:39:51 UTC 2012
x86_64
OS: linux-gnu, ARCH: x86_64, CPU: x86_64
Full OS version: Ubuntu 12.04 LTS
zlib version: 1.2.3.4 (1.2.3.4), compile flags: a9
Triple: x86_64-pc-linux-gnu
CPU: i686, Little-endian
platform id: 0x0a2150500804060301040603

Build information
-----------------
GNU C: 4.6.3 (4.6.3)
GNU C++: 4.6.3 (4.6.3)
CPPFLAGS: -D_FORTIFY_SOURCE=2
CFLAGS: -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat
-Wformat-security -Werror=format-security -Wall
CXXFLAGS: -g -O2 -fstack-protector --param=ssp-buffer-size=4 -Wformat
-Wformat-security -Werror=format-security -Wall
LDFLAGS: -Wl,-Bsymbolic-functions -Wl,-z,relro
Configure: 'CFLAGS=-g -O2 -fstack-protector --param=ssp-buffer-size=4
-Wformat -Wformat-security -Werror=format-security -Wall'
'CPPFLAGS=-D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fstack-protector
--param=ssp-buffer-size=4 -Wformat -Wformat-security
-Werror=format-security -Wall' 'LDFLAGS=-Wl,-Bsymbolic-functions
-Wl,-z,relro' '--build=x86_64-linux-gnu' '--prefix=/usr'
'--mandir=/usr/share/man' '--infodir=/usr/share/info' '--disable-clamav'
'--with-dbdir=/var/lib/clamav' '--sysconfdir=/etc/clamav' '--enable-milter'
'--disable-clamuko' '--with-gnu-ld' '--enable-dns-fix' '--disable-unrar'
'--libdir=/usr/lib' '--with-system-tommath' '--without-included-ltdl'
'build_alias=x86_64-linux-gnu'
sizeof(void*) = 8
Engine flevel: 80, dconf: 80


sudo -u clamav /usr/sbin/clamd -c /opt/clamd.conf
ERROR: Can't open/parse the config file /opt/clamd.conf

On Sat, Nov 7, 2015 at 12:05 AM, Dennis Peterson <dennispe at inetnw.com>
wrote:

> What do you get if you run sudo -u clam_user_name /usr/bin/clamconf -c
> /opt/ -n where clam-user-name is the name in the clamd.conf that you chose.
>
> Please note the clamconf -c option takes a directory name, not a file name.
>
> dp
>
>
> On 11/6/15 2:53 AM, P K wrote:
>
>> Hi,
>>
>> I tried both suggested and its working fine but unable to run clamd with
>> /opt/clamd.conf.
>>
>> Even i tried running with root user and seeing error.
>>
>> opt directory is with 0777 permission.
>>
>> Strange behaviour.
>>
>> On Fri, Nov 6, 2015 at 11:45 AM, Deyan Chepishev <dchepishev at gmail.com>
>> wrote:
>>
>> Hi,
>>>
>>> This is probably caused by permissions of the /opt which do not allow the
>>> user which clamd is running as, to access this directory.
>>>
>>> In such cases, you can try option:
>>>
>>> clamdscan --stream
>>>
>>> In this case, if the user executing clamdscan has permissions over the
>>> directory, clamdscan reads the files and streams them to clamd using the
>>> clamd socket.
>>> If you do not use this option, behavior is selected automatically, which
>>> for scans where clamd and clamdscan are started on the same machine, is
>>> clamd to try to directly scan the directory, which causes troubles if his
>>> user do not have permissions to traverse the directory/files.
>>>
>>>
>>> Regards,
>>> Deyan
>>>
>>>
>>>
>>> Dennis Peterson wrote:
>>>
>>> What are the directory permissions/extended permissions for /opt?
>>>>
>>>> Did you try sudo -u clamdUserName cat /opt/clamd.conf to see if the
>>>> clamd
>>>> user
>>>> has permission to access the file?
>>>>
>>>> dp
>>>>
>>>> On 11/4/15 6:15 AM, P K wrote:
>>>>
>>>> Hi Guys,
>>>>>
>>>>> I am seeing config file parse error when using config file inside /opt/
>>>>> directory.
>>>>>
>>>>> Curious why unable to run clamd config in /opt directory.   In other
>>>>> system
>>>>> with 0.98.6  its working fine.
>>>>>
>>>>> Below are output:
>>>>>
>>>>> sudo /usr/sbin/clamd --version -c ./clamd.conf
>>>>> ClamAV 0.98.7
>>>>>
>>>>>
>>>>> pk at pk-x:~$ ls -ltr /opt/clamd.conf
>>>>> -rw-r--r-- 1 root root 1981 Nov  4 19:07 /opt/clamd.conf
>>>>>
>>>>> pk at pk-x:~$ ls -ltr ./clamd.conf
>>>>> -rw-r--r-- 1 root root 1981 Nov  4 19:07 ./clamd.conf
>>>>>
>>>>> pk at pk-x:~$ sudo /usr/sbin/clamd -c /opt/clamd.conf
>>>>> *ERROR: Can't open/parse the config file /opt/clamd.conf*
>>>>>
>>>>> pk at pk-x:~$ sudo /usr/sbin/clamd -c ./clamd.conf
>>>>> Limits: Global size limit set to 104857600 bytes.
>>>>> Limits: File size limit set to 26214400 bytes.
>>>>> Limits: Recursion level limit set to 10.
>>>>> _______________________________________________
>>>>> Help us build a comprehensive ClamAV guide:
>>>>> https://github.com/vrtadmin/clamav-faq
>>>>>
>>>>> http://www.clamav.net/contact.html#ml
>>>>>
>>>>> _______________________________________________
>>>> Help us build a comprehensive ClamAV guide:
>>>> https://github.com/vrtadmin/clamav-faq
>>>>
>>>> http://www.clamav.net/contact.html#ml
>>>>
>>>> _______________________________________________
>>> Help us build a comprehensive ClamAV guide:
>>> https://github.com/vrtadmin/clamav-faq
>>>
>>> http://www.clamav.net/contact.html#ml
>>>
>>> _______________________________________________
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>>
>> http://www.clamav.net/contact.html#ml
>>
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>

More information about the clamav-users mailing list