[clamav-users] problem with clamav upgrade

ratatouille ratatouille at bitclusive.de
Wed Dec 11 15:45:18 UTC 2019 

"G.W. Haywood via clamav-users" <clamav-users at lists.clamav.net> schrieb am 11.12.19 um 15:23:43 Uhr:

> > On a centos7 I did a yum update today and new version of clamav
> > was installed.
> >
> > ps aux |grep clam
> > amavis    6683  0.0 20.9 1016312 814072 ?      Ssl  15:14   0:00 /usr/sbin/clamd -c /etc/clamd.d/amavisd.conf
> >
> > # freshclam
> > Wed Dec 11 15:52:45 2019 -> ClamAV update process started at Wed Dec 11 15:52:45 2019
> > Wed Dec 11 15:52:45 2019 -> ^Your ClamAV installation is OUTDATED!
> > Wed Dec 11 15:52:45 2019 -> ^Local version: 0.101.5 Recommended version: 0.102.1  
> 
> Did you not just tell me in another thread (failed to write to") that
> you compiled ClamAV from source?  In that case, why would you want to
> allow 'yum update' to install an older version of ClamAV?

That was on another server running an a bit outdated openSUSE-OS.

> > What is going wrong here? Should clamd be running after amavis is started?  
> 
> I know nothing about Amavis, nor about its possible uses with clamd,
> but I am a little surprised that any clamd configuration file should
> be called 'amavisd.conf'.  That seems to me to be very confusing.

On Centos7

cat /etc/clamd.d/amavisd.conf

# Use system logger.
LogSyslog yes

# Specify the type of syslog messages - please refer to 'man syslog'
# for facility names.
LogFacility LOG_MAIL

# This option allows you to save a process identifier of the listening
# daemon (main thread).
PidFile /var/run/clamd.amavisd/clamd.pid

# Remove stale socket after unclean shutdown.
# Default: disabled
FixStaleSocket yes

# Run as a selected user (clamd must be started by root).
User amavis

# Path to a local socket file the daemon will listen on.
LocalSocket /var/run/clamd.amavisd/clamd.sock

> If you intend to use clamd routinely, I would expect it to be started
> at boot by one of the boot scripts designed for that purpose.  There
> are several different approaches to this, you need to find out which
> approach is used in your system and make sure that it is working.

My understanding is amavisd is looking for clamd.sock 

 ['ClamAV-clamd',
   \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamd.amavisd/clamd.sock"],
   qr/\bOK$/m, qr/\bFOUND$/m,
   qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ]

# systemctl list-unit-files | grep clam
clamd at .service                                disabled

# systemctl start clamd at .service
Failed to start clamd at .service: Unit name clamd at .service is missing the instance name.
See system logs and 'systemctl status clamd at .service' for details.

# ll /var/run/clamd.amavisd
-rw-rw-r-- 1 amavis amavis 5 11. Dez 15:14 clamd.pid
srw-rw-rw- 1 amavis amavis 0 11. Dez 15:14 clamd.sock

I am not looking through this clamav-stuff.

  Andreas

More information about the clamav-users mailing list