-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 The Disc Shop wrote: > > > [EMAIL PROTECTED] wrote: > >>> >>> OK, so: clamscan is detecting the virus, but clamdscan is not? >>> Please confirm. >>> >>> When was the last time you restarted clamd? Perhaps it's not >>> reloading the virus database whenever freshclam downloads a new >>> update. Can you post your freshclam config as well (without blank >>> lines and comments) >>> >>> > > the following works > > clamscan --database=/var/lib/clamav abc > abc: Worm.Sober.U FOUND > > ----------- SCAN SUMMARY ----------- > Known viruses: 41292 > Engine version: 0.87.1 > Scanned directories: 0 > Scanned files: 1 > Infected files: 1 > Data scanned: 0.18 MB > Time: 4.826 sec (0 m 4 s) > > This doesn't work > > clamdscan --config-file=/usr/local/etc/clamd.conf abc > /var/spool/virtual/thediscshop.com.au/accounts: Access denied. ERROR > > ----------- SCAN SUMMARY ----------- > Infected files: 0 > Time: 0.000 sec (0 m 0 s) > > Note: Both commands were run as root > > I also just checked the clamd.log and it had the following > > WARNING: Socket file /tmp/clamd exists. Unclean shutdown? Removing... > ERROR: Socket file /tmp/clamd could not be removed: Operation not > permitted > > so i manually removed it > > but now I get this > ERROR: Can't save PID in file /var/run/clamd.pid > and later > +++ Started at Wed Nov 30 16:45:53 2005 > clamd daemon 0.87.1 (OS: linux-gnu, ARCH: i386, CPU: i686) > Log file size limited to 1048576 bytes. > Running as user clamav (UID 505, GID 506) > Reading databases from /var/lib/clamav > Protecting against 41292 viruses. > ERROR: Socket file /tmp/clamd is in use by another process. > SelfCheck: Database status OK. > > the freshclamd.conf minus blanklines and comments looks like this > > DatabaseDirectory /var/lib/clamav > > UpdateLogFile /var/log/freshclam.log > > LogVerbose > > LogSyslog > > PidFile /var/run/freshclam.pid > > DatabaseMirror database.clamav.net > > > > _______________________________________________ > http://lurker.clamav.net/list/clamav-users.html
Oooh, Sounds like a BAD install or upgrade. Check the permissions on the /var/lib/clamav directory, /tmp/clamd file and the /var/run/clamd ... etc. Or try setting the user to root for clamav.... The problem is clamd and freshclam now default to clamav:clamav for user and group when running. This user does not have the permissions needed to create/overwrite files built by previous versions of clamd that ran as root. James -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDjjYCkNLDmnu1kSkRA2VQAJ9LgKQP5Z7KCjw9zhJYA9NK68CLMACePXNG Vt2//Fj0/bdX6KtBxNZEPyA= =afoz -----END PGP SIGNATURE----- -- Scanned by ClamAV - http://www.clamav.net _______________________________________________ http://lurker.clamav.net/list/clamav-users.html