Thanks Carlos I see what you saying. I checked my previous sessions and I found the below one from the 'Oct 2016' session where I see that the clam-miller.socket is owned by clamav:clamav, where as my latest one is owned by clamav:root. Is it causing the below error? If so how can I make sure the socket gets proper permissions?
ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another process. # lsof | grep clamd.socket clamd 22795 clamav 5u unix 0xc0000000712f4880 0t0 335900 /var/run/clamav/clamd.socket Oct2016 # ls -lrt /var/run/clamav total 8 srw-r--r--. 1 clamav clamav 0 Oct 24 2016 clamav-milter.socket -rw-rw-r--. 1 clamav clamav 5 Oct 24 2016 clamav-milter.pid -rw-rw----. 1 clamav clamav 5 Oct 24 2016 freshclam.pid Latest # ls -lrt /var/run/clamav total 12 srw-rw-rw-. 1 clamav clamav 0 May 16 21:40 clamd.socket -rw-rw-r--. 1 clamav clamav 6 May 16 21:40 clamd.pid srw-r--r--. 1 clamav root 0 May 16 21:40 clamav-milter.socket # Not sure why it's not owned by clamav:clamav here -rw-rw----. 1 clamav clamav 6 May 16 21:40 freshclam.pid -rw-rw-r--. 1 clamav clamav 6 May 16 21:40 clamav-milter.pid Thanks ----------- IMHO rc.local is not the best place to put this at all... >* # clamd status *>* ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another *>* process. * You are calling clamd *daemon* with a "status" argument that it doesn't recognize. As you are using an init system you should use a init.d/rc.d script (like "/etc/rc.d/clamav"). That script usually accepts a "status" argument, but clamd (daemon) does not. Regards, Carlos Velasco On Tue, May 16, 2017 at 9:55 AM, Kishore Pawar <mkpa...@gmail.com> wrote: > Hi Carlos Velasco > > Our RHEL 6.8 runs on an IBM Power 8 server(ppc64), for which we dont' have > a ClamAV package. So I had to compile it from source. I have uninstalled > the old version and installed the *ClamAV 0.99.2. * > > So I can confirm that I have only one instance running. Here's the > detailed info. > > # which clamd > /usr/local/sbin/clamd > > # whereis clamd > clamd: /usr/local/sbin/clamd /usr/local/etc/clamd.conf > > # cat /etc/rc.d/rc.local > #!/bin/sh > # > # This script will be executed *after* all the other init scripts. > # You can put your own initialization stuff in here if you don't > # want to do the full Sys V style init stuff. > touch /var/lock/subsys/local > /usr/local/sbin/clamd > /usr/local/sbin/clamav-milter > /usr/local/bin/freshclam -d > > # ps -ef | grep clamd > clamav 6776 1 0 May15 ? 00:00:01 clamd > root 10956 10925 0 09:40 pts/0 00:00:00 grep clamd > > # clamd status > ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by > another process. > > # lsof | grep clamd.socket > clamd 6776 clamav 5u unix 0xc000000003692480 0t0 > 72993 /var/run/clamav/clamd.socket > > Thanks > Kishore > > > ----------- > > >* Yes, I usually verify after running any command. So yes verified the *>* > process is properly killed. I even rebooted it couple time. Even after a * > >* clean reboot, the output of clamd status gives the same error. What is > the *>* output of your clamd status? Can you share it please? * > Kishore, I think you have 2 clamav installations in your machine. Maybe > one packaged and another one compiled. > I haven't a RHEL at hand right now, but check with any of this: > which clamd > whereis clamd > > If you see two different clamd (maybe one on /usr/local/...) that's > because you are seeing your problems, and you should fix it changing your > status script (init.d?) probably. > > Regards, > Carlos Velasco > > On Tue, May 16, 2017 at 8:08 AM, Kishore Pawar <mkpa...@gmail.com> wrote: > >> Hi Reindl Harald >> >> Yes, I usually verify after running any command. So yes verified the >> process is properly killed. I even rebooted it couple time. Even after a >> clean reboot, the output of clamd status gives the same error. What is the >> output of your clamd status? Can you share it please? >> >> Thanks >> Kishore >> -------- >> >> Am 15.05.2017 um 23:53 schrieb Kishore Pawar: >> >* Yes, I see the clamd process. I tried to kill and restart it many >> times, *>* but when I run the 'clamd status' I get the same error about >> the socket *>* file. Earlier when I was running the older version, I >> used to see the *>* complete details about the clamd status including >> the version number I was *>* running and what the latest status of that >> clamd. Now I just get the error *>* which I am not sure if it is giving >> me the right output * >> and did you verify that after kill the process is really gone? >> >> maybe it needs a "kill -s SIGKILL" instead a SIGTERM for whatever reason >> but that's all hard to say since you don't provide much informations >> without beeing explicit asked >> >> >> On Mon, May 15, 2017 at 5:18 PM, Kishore Pawar <mkpa...@gmail.com> wrote: >> >>> Btw, can you please share your output of the command 'clamd status'? >>> >>> Thanks >>> Kishore >>> >>> On Mon, May 15, 2017 at 4:53 PM, Kishore Pawar <mkpa...@gmail.com> >>> wrote: >>> >>>> Yes, I see the clamd process. I tried to kill and restart it many >>>> times, but when I run the 'clamd status' I get the same error about the >>>> socket file. Earlier when I was running the older version, I used to see >>>> the complete details about the clamd status including the version number I >>>> was running and what the latest status of that clamd. Now I just get the >>>> error which I am not sure if it is giving me the right output. >>>> >>>> On Mon, May 15, 2017 at 4:22 PM, Kishore Pawar <mkpa...@gmail.com> >>>> wrote: >>>> >>>>> Thanks Steve. Here's the output of lsof. >>>>> >>>>> # clamd status >>>>> ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by >>>>> another process. >>>>> >>>>> # lsof | grep clamd.socket >>>>> clamd 6776 clamav 5u unix 0xc000000003692480 >>>>> 0t0 72993 /var/run/clamav/clamd.socket >>>>> >>>>> # ps -ef | grep 6776 >>>>> clamav 6776 1 0 15:57 ? 00:00:00 clamd >>>>> root 6889 2739 0 16:20 pts/1 00:00:00 grep 6776 >>>>> >>>>> Thanks >>>>> Kishore >>>>> >>>>> On Mon, May 15, 2017 at 12:29 PM, Kishore Pawar <mkpa...@gmail.com> >>>>> wrote: >>>>> >>>>>> Thanks Steve. Yes, I tried removing them and kill the running clamd >>>>>> process and start it again but still the clamd status doesn't show >>>>>> anything >>>>>> other than the error. >>>>>> >>>>>> # clamd status >>>>>> ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by >>>>>> another process. >>>>>> >>>>>> ---- >>>>>> >>>>>> There is probably another clamd running. If not, try deleting >>>>>> /var/run/clamav/clamd.socket. >>>>>> >>>>>> Steve >>>>>> >>>>>> On Mon, May 15, 2017 at 11:58 AM, Kishore Pawar <mkpa...@gmail.com> >>>>>> wrote: >>>>>> >>>>>>> Hi Steve >>>>>>> >>>>>>> Thank you very much for the reply and your suggestion. I rebuild it >>>>>>> with the options (--enable-llvm=no) provided by you and it seems to be >>>>>>> ok >>>>>>> now. But now I am unable to stop/start the clamd and am not able to get >>>>>>> the >>>>>>> status of clamd. >>>>>>> >>>>>>> >>>>>>> # clamd status >>>>>>> ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by >>>>>>> another process. >>>>>>> >>>>>>> # ls -lrt /var/run/clamav/ >>>>>>> total 12 >>>>>>> srw-rw-rw-. 1 clamav clamav 0 May 15 11:29 clamd.socket >>>>>>> -rw-rw-r--. 1 clamav clamav 5 May 15 11:29 clamd.pid >>>>>>> -rw-rw----. 1 clamav clamav 5 May 15 11:29 freshclam.pid >>>>>>> srw-r--r--. 1 clamav root 0 May 15 11:46 clamav-milter.socket >>>>>>> -rw-rw-r--. 1 clamav clamav 5 May 15 11:46 clamav-milter.pid >>>>>>> >>>>>>> I observed that the 'clamav-milter.socket' is started by root and >>>>>>> not clamav user. I am not sure if that's how it is supposed to be. If it >>>>>>> needs to be started by clamav, where should I do the changes? >>>>>>> >>>>>>> Thanks >>>>>>> Kishore >>>>>>> >>>>>> >>>>>> >>>>> >>>> >>> >> > _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
