[clamav-users] clamav-milter with sendmail on Fedora 28: init failed to open, to error state, initialization failed, temp failing commands

Robert Kudyba rkudyba at fordham.edu
Mon Jul 16 12:30:49 EDT 2018


/var/run/clamd.scan/clamd.sock
srw-rw-rw- 1 clamscan clamscan 0 Jul 16 10:57 /var/run/clamd.scan/clamd.sock

On Mon, Jul 16, 2018, 12:27 PM Micah Snyder (micasnyd) <micasnyd at cisco.com>
wrote:

> What are your current user/group ownership and permissions on:
>  /var/run/clamd.scan/clamd.sock ?
>
> Regards,
> Micah
>
>
> Micah Snyder
> ClamAV Development
> Talos
> Cisco Systems, Inc.
>
>
> On Jul 16, 2018, at 12:19 PM, Robert Kudyba <rkudyba at fordham.edu> wrote:
>
> I set:
> MilterSocketGroup clamscan
> User clamscan
>
> Still getting the permission denied.
>
> Note the process:
> clamscan 30407  1.4  4.6 1406020 1150544 ?     Ssl  10:57   1:08
> /usr/sbin/clamd -c /etc/clamd.d/scan.conf
>
> And I added most of the clamav-related users to the closely name groups:
> clamilt:x:123:clamav,clamscan
> clamav:x:124:clamscan,clamilt
> clamupdate:x:125:
> clamscan:x:126:clamilt,clamav
> virusgroup:x:127:clamupdate,clamscan,clamilt
>
>
> On Mon, Jul 16, 2018 at 11:50 AM, Micah Snyder (micasnyd) <
> micasnyd at cisco.com> wrote:
>
>> Hi Robert,
>>
>> clamav-milter is a separate process that interacts with clamd.  What user
>> are you running clamav-milter under?  It seems as thought clamav-milter
>> doesn't have permission to access the clamd socket file to interact with
>> clamd.
>>
>> Regarding multiple socket options:
>>
>> You are correct in that the ClamdSocket option in the milter config file
>> may be used multiple times in case you have multiple clamd instances set
>> up.  However, each clamd instance will only listen on 1 socket, so you must
>> select either 1 TCP or 1 Unix/Local.
>>
>> Cheers,
>> Micah
>>
>> Micah Snyder
>> ClamAV Development
>> Talos
>> Cisco Systems, Inc.
>>
>>
>> On Jul 16, 2018, at 11:06 AM, Robert Kudyba <rkudyba at fordham.edu> wrote:
>>
>> Thanks Micah, now getting a different error:
>> Jul 16 10:59:23 storm clamav-milter[32079]: ClamAV: Unable to remove
>> /var/run/clamd.scan/clamd.sock: Permission denied
>> Jul 16 10:59:23 storm clamav-milter[32079]: ERROR: Failed to create
>> socket /var/run/clamd.scan/clamd.sock
>> Jul 16 10:59:23 storm clamav-milter[32079]: ClamAV: Unable to create
>> listening socket on conn /var/run/clamd.scan/clamd.sock
>>
>> ls -l /var/run/clamd.scan/clamd.sock
>> srw-rw-rw- 1 clamscan clamscan 0 Jul 16 10:57
>> /var/run/clamd.scan/clamd.sock
>>
>> In the /etc/mail/clamav-milter.conf I have:
>> MilterSocket /var/run/clamd.scan/clamd.sock
>> ClamdSocket unix:/var/run/clamd.scan/clamd.sock
>>
>> Clamd is running, note as the user clamscan:
>> ps -auwx | grep clam
>> clamupd+  2252  0.0  0.0  50740  3832 ?        Ss   Jul11   0:38
>> /usr/bin/freshclam -d -c 4
>> root     17462  0.0  0.0 119104  3264 ?        Ss   09:00   0:00
>> /bin/bash /usr/share/clamav/freshclam-sleep
>> clamscan 30407  0.0  4.6 1406020 1141612 ?     Ssl  10:57   0:00
>> /usr/sbin/clamd -c /etc/clamd.d/scan.conf
>>
>> The last few lines of /var/log/clamav-milter.log has:
>> Mon Jul 16 10:30:15 2018 -> Failed to establish a connection to clamd
>> Mon Jul 16 10:30:15 2018 -> Probe for slot 1 returned: failed
>> Mon Jul 16 10:30:15 2018 -> Failed to establish a connection to clamd
>> Mon Jul 16 10:30:15 2018 -> Probe for slot 2 returned: failed
>> Mon Jul 16 10:30:15 2018 -> Probe for slot 3 returned: success
>>
>> You wrote: "You should use only 1 ( TCP _or_ Unix/Local ) socket for
>> clamd"
>> But in the clamav-milter.conf it says:
>> # This option can be repeated several times with different sockets or even
>> # with the same socket: clamd servers will be selected in a round-robin
>> # fashion.
>>
>> Anyways, seems to be a permission problem. Is clamav-milter trying to
>> restart clamd based on the logs above??
>>
>> On Fri, Jul 13, 2018 at 9:06 AM, Micah Snyder (micasnyd) <
>> micasnyd at cisco.com> wrote:
>>
>>> It looks to me like you have 2 types of sockets set up in your milter
>>> config, and only 1 type of socket set up in your clamd config:
>>>
>>>
>>> ClamdSocket tcp:localhost:3310
>>> ClamdSocket unix:/var/run/clamd.scan/clamd.sock
>>>
>>> Lines in /etc/clamd.d/scan.conf
>>>
>>> TCPSocket 3310
>>> TCPAddr 127.0.0.1
>>>
>>> You should use only 1 ( TCP _or_ Unix/Local ) socket for clamd.  We
>>> recommend using Unix/Local sockets.
>>>
>>>
>>> Micah Snyder
>>> ClamAV Development
>>> Talos
>>> Cisco Systems, Inc.
>>>
>>>
>>> On Jul 10, 2018, at 5:12 PM, Robert Kudyba <rkudyba at fordham.edu> wrote:
>>>
>>>
>>> ClamdSocket tcp:localhost:3310
>>> ClamdSocket unix:/var/run/clamd.scan/clamd.sock
>>>
>>> Lines in /etc/clamd.d/scan.conf
>>>
>>> TCPSocket 3310
>>> TCPAddr 127.0.0.1
>>>
>>>
>>>
>>> _______________________________________________
>>> clamav-users mailing list
>>> clamav-users at lists.clamav.net
>>>
>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.clamav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=unhaF4uJnMs3AVEXQaA4Mffu_38QO9gp0_R1MQ-vQbQ&s=WuF3C5NO_kof-zA6OSL5C7p8pwYXzTfQq5aoMOg0GSM&e=
>>>
>>>
>>> Help us build a comprehensive ClamAV guide:
>>>
>>> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=unhaF4uJnMs3AVEXQaA4Mffu_38QO9gp0_R1MQ-vQbQ&s=iUmHiP0ZFNaK22hm6e5QIA7sGao0Gh0ztdSLV2Qhg9U&e=
>>>
>>>
>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=unhaF4uJnMs3AVEXQaA4Mffu_38QO9gp0_R1MQ-vQbQ&s=d-9aIaJVTefoOJR2YIGYgVGiD73p8LHdsXg3uY8WeNs&e=
>>>
>>>
>> _______________________________________________
>> clamav-users mailing list
>> clamav-users at lists.clamav.net
>> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>> <https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.clamav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwMFAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=sEj6BTig-WzjS1ciLt-7MaTBzf3bsr431mDsH8E8F8Y&s=Ma8bUEpcbTMKCnB7TgSZsHpftktY7mN4GyaRSRuGeAM&e=>
>>
>>
>> Help us build a comprehensive ClamAV guide:
>> https://github.com/vrtadmin/clamav-faq
>> <https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwMFAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=sEj6BTig-WzjS1ciLt-7MaTBzf3bsr431mDsH8E8F8Y&s=LFgCSVxCUoPCAzoz-OGuKanF9QiOaVZtcQJLe6dqK4M&e=>
>>
>> http://www.clamav.net/contact.html#ml
>> <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwMFAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=sEj6BTig-WzjS1ciLt-7MaTBzf3bsr431mDsH8E8F8Y&s=Z6mWTROA1JWmTp_MmK4QtVnYdendm-5iJ-oMDSN4JA4&e=>
>>
>>
>>
>> _______________________________________________
>> clamav-users mailing list
>> clamav-users at lists.clamav.net
>>
>> https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.clamav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=r2bNshHrUVxKD_COhef4PEadqcNLeu05lE_qjKrOO4A&s=vLMXaWC6wZVrusx9eRcsYvAEaOKtX8MW2pspqOsv4rI&e=
>>
>>
>> Help us build a comprehensive ClamAV guide:
>>
>> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=r2bNshHrUVxKD_COhef4PEadqcNLeu05lE_qjKrOO4A&s=TTzeifPhHyRt8cSdV4LPAqwaMatyW6sDC0-PAMjdS4k&e=
>>
>>
>> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=r2bNshHrUVxKD_COhef4PEadqcNLeu05lE_qjKrOO4A&s=2wZ9N-vkiLPuzmJ4H7B2UD642faHuWMGzogtZx4SAdU&e=
>>
>>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
> http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>
>
> _______________________________________________
> clamav-users mailing list
> clamav-users at lists.clamav.net
>
> https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.clamav.net_cgi-2Dbin_mailman_listinfo_clamav-2Dusers&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=sEj6BTig-WzjS1ciLt-7MaTBzf3bsr431mDsH8E8F8Y&s=Ma8bUEpcbTMKCnB7TgSZsHpftktY7mN4GyaRSRuGeAM&e=
>
>
> Help us build a comprehensive ClamAV guide:
>
> https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_vrtadmin_clamav-2Dfaq&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=sEj6BTig-WzjS1ciLt-7MaTBzf3bsr431mDsH8E8F8Y&s=LFgCSVxCUoPCAzoz-OGuKanF9QiOaVZtcQJLe6dqK4M&e=
>
>
> https://urldefense.proofpoint.com/v2/url?u=http-3A__www.clamav.net_contact.html-23ml&d=DwICAg&c=aqMfXOEvEJQh2iQMCb7Wy8l0sPnURkcqADc2guUW8IM&r=X0jL9y0sL4r4iU_qVtR3lLNo4tOL1ry_m7-psV3GejY&m=sEj6BTig-WzjS1ciLt-7MaTBzf3bsr431mDsH8E8F8Y&s=Z6mWTROA1JWmTp_MmK4QtVnYdendm-5iJ-oMDSN4JA4&e=
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20180716/4c307505/attachment.html>


More information about the clamav-users mailing list