Re: [clamav-users] - Can't connect to UNIX, socket /var/run/clamav/clamd.ctl
On 11/01/2013 02:45 AM, Dennis Peterson wrote: On 10/31/13, 5:08 PM, Paolo De Michele wrote: hi everybody, I installed a web/mail server correctly with the suite ispconfig. between the packages I installed amavis and clamav However, the email will be populated with the object UNCECKED and the system logs I see this: Run the clamconf file and send the output to the list. Scan it yourself as you may find the problem on your own. dp ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml dennis, thank you for your reply this is my clamd.conf #Automatically Generated by clamav-base postinst #To reconfigure clamd run #dpkg-reconfigure clamav-base #Please read /usr/share/doc/clamav-base/README.Debian.gz for details LocalSocket /var/run/clamav/clamd.ctl FixStaleSocket true LocalSocketGroup clamav LocalSocketMode 666 # TemporaryDirectory is not set to its default /tmp here to make overriding # the default with environment variables TMPDIR/TMP/TEMP possible User clamav AllowSupplementaryGroups true ScanMail true ScanArchive true ArchiveBlockEncrypted false MaxDirectoryRecursion 15 FollowDirectorySymlinks false FollowFileSymlinks false ReadTimeout 180 MaxThreads 12 MaxConnectionQueueLength 15 LogSyslog false LogFacility LOG_LOCAL6 LogClean false LogVerbose false PidFile /var/run/clamav/clamd.pid DatabaseDirectory /var/lib/clamav SelfCheck 3600 Foreground false Debug false ScanPE true ScanOLE2 true ScanHTML true DetectBrokenExecutables false ExitOnOOM false LeaveTemporaryFiles false AlgorithmicDetection true ScanELF true IdleTimeout 30 PhishingSignatures true PhishingScanURLs true PhishingAlwaysBlockSSLMismatch false PhishingAlwaysBlockCloak false DetectPUA false ScanPartialMessages false HeuristicScanPrecedence false StructuredDataDetection false CommandReadTimeout 5 SendBufTimeout 200 MaxQueue 100 ExtendedDetectionInfo true OLE2BlockMacros false StreamMaxLength 25M LogFile /var/log/clamav/clamav.log LogTime true LogFileUnlock false LogFileMaxSize 0 Bytecode true BytecodeSecurity TrustSigned BytecodeTimeout 6 OfficialDatabaseOnly false CrossFilesystems true ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] - Can't connect to UNIX, socket /var/run/clamav/clamd.ctl
On 11/01/2013 10:11 AM, Paolo De Michele wrote: On 11/01/2013 02:45 AM, Dennis Peterson wrote: On 10/31/13, 5:08 PM, Paolo De Michele wrote: hi everybody, I installed a web/mail server correctly with the suite ispconfig. between the packages I installed amavis and clamav However, the email will be populated with the object UNCECKED and the system logs I see this: Run the clamconf file and send the output to the list. Scan it yourself as you may find the problem on your own. dp ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml dennis, thank you for your reply this is my clamd.conf #Automatically Generated by clamav-base postinst #To reconfigure clamd run #dpkg-reconfigure clamav-base #Please read /usr/share/doc/clamav-base/README.Debian.gz for details LocalSocket /var/run/clamav/clamd.ctl FixStaleSocket true LocalSocketGroup clamav LocalSocketMode 666 # TemporaryDirectory is not set to its default /tmp here to make overriding # the default with environment variables TMPDIR/TMP/TEMP possible User clamav AllowSupplementaryGroups true ScanMail true ScanArchive true ArchiveBlockEncrypted false MaxDirectoryRecursion 15 FollowDirectorySymlinks false FollowFileSymlinks false ReadTimeout 180 MaxThreads 12 MaxConnectionQueueLength 15 LogSyslog false LogFacility LOG_LOCAL6 LogClean false LogVerbose false PidFile /var/run/clamav/clamd.pid DatabaseDirectory /var/lib/clamav SelfCheck 3600 Foreground false Debug false ScanPE true ScanOLE2 true ScanHTML true DetectBrokenExecutables false ExitOnOOM false LeaveTemporaryFiles false AlgorithmicDetection true ScanELF true IdleTimeout 30 PhishingSignatures true PhishingScanURLs true PhishingAlwaysBlockSSLMismatch false PhishingAlwaysBlockCloak false DetectPUA false ScanPartialMessages false HeuristicScanPrecedence false StructuredDataDetection false CommandReadTimeout 5 SendBufTimeout 200 MaxQueue 100 ExtendedDetectionInfo true OLE2BlockMacros false StreamMaxLength 25M LogFile /var/log/clamav/clamav.log LogTime true LogFileUnlock false LogFileMaxSize 0 Bytecode true BytecodeSecurity TrustSigned BytecodeTimeout 6 OfficialDatabaseOnly false CrossFilesystems true in the /var/log/clamav/clamav.log I see: Thu Oct 31 02:05:03 2013 - +++ Started at Thu Oct 31 02:05:03 2013 Thu Oct 31 02:05:03 2013 - clamd daemon 0.97.8 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) Thu Oct 31 02:05:03 2013 - Log file size limited to -1 bytes. Thu Oct 31 02:05:03 2013 - Reading databases from /var/lib/clamav Thu Oct 31 02:05:03 2013 - Not loading PUA signatures. Thu Oct 31 02:05:03 2013 - Bytecode: Security mode set to TrustSigned. Thu Oct 31 02:05:11 2013 - Loaded 2865687 signatures. Thu Oct 31 02:05:12 2013 - LOCAL: Unix socket file /var/run/clamav/clamd.ctl Thu Oct 31 02:05:12 2013 - LOCAL: Setting connection queue length to 15 Thu Oct 31 02:05:12 2013 - ERROR: daemonize() failed: Cannot allocate memory Thu Oct 31 02:05:12 2013 - Socket file removed. # free -m total used free shared buffers cached Mem: 497425 71 0 8 75 -/+ buffers/cache:341155 Swap:0 0 0 this is DigitalOcean's VPS - there are problems? ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] - Can't connect to UNIX, socket /var/run/clamav/clamd.ctl
Paolo De Michele skrev den 2013-11-01 01:08: how can I fix it? freshclam -D show us the error in case its stock, delete the mirrors.dat file in databasedir maybe even delete all content of that dir except main.* and daily.* ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] - Can't connect to UNIX, socket /var/run/clamav/clamd.ctl
On Fri, Nov 1, 2013 at 5:51 AM, Paolo De Michele pa...@paolodemichele.itwrote: On 11/01/2013 10:11 AM, Paolo De Michele wrote: On 11/01/2013 02:45 AM, Dennis Peterson wrote: On 10/31/13, 5:08 PM, Paolo De Michele wrote: hi everybody, I installed a web/mail server correctly with the suite ispconfig. between the packages I installed amavis and clamav However, the email will be populated with the object UNCECKED and the system logs I see this: Run the clamconf file and send the output to the list. Scan it yourself as you may find the problem on your own. dp __**_ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/**clamav-faqhttps://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/**ml http://www.clamav.net/support/ml dennis, thank you for your reply this is my clamd.conf #Automatically Generated by clamav-base postinst #To reconfigure clamd run #dpkg-reconfigure clamav-base #Please read /usr/share/doc/clamav-base/**README.Debian.gz for details LocalSocket /var/run/clamav/clamd.ctl FixStaleSocket true LocalSocketGroup clamav LocalSocketMode 666 # TemporaryDirectory is not set to its default /tmp here to make overriding # the default with environment variables TMPDIR/TMP/TEMP possible User clamav AllowSupplementaryGroups true ScanMail true ScanArchive true ArchiveBlockEncrypted false MaxDirectoryRecursion 15 FollowDirectorySymlinks false FollowFileSymlinks false ReadTimeout 180 MaxThreads 12 MaxConnectionQueueLength 15 LogSyslog false LogFacility LOG_LOCAL6 LogClean false LogVerbose false PidFile /var/run/clamav/clamd.pid DatabaseDirectory /var/lib/clamav SelfCheck 3600 Foreground false Debug false ScanPE true ScanOLE2 true ScanHTML true DetectBrokenExecutables false ExitOnOOM false LeaveTemporaryFiles false AlgorithmicDetection true ScanELF true IdleTimeout 30 PhishingSignatures true PhishingScanURLs true PhishingAlwaysBlockSSLMismatch false PhishingAlwaysBlockCloak false DetectPUA false ScanPartialMessages false HeuristicScanPrecedence false StructuredDataDetection false CommandReadTimeout 5 SendBufTimeout 200 MaxQueue 100 ExtendedDetectionInfo true OLE2BlockMacros false StreamMaxLength 25M LogFile /var/log/clamav/clamav.log LogTime true LogFileUnlock false LogFileMaxSize 0 Bytecode true BytecodeSecurity TrustSigned BytecodeTimeout 6 OfficialDatabaseOnly false CrossFilesystems true in the /var/log/clamav/clamav.log I see: Thu Oct 31 02:05:03 2013 - +++ Started at Thu Oct 31 02:05:03 2013 Thu Oct 31 02:05:03 2013 - clamd daemon 0.97.8 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) Thu Oct 31 02:05:03 2013 - Log file size limited to -1 bytes. Thu Oct 31 02:05:03 2013 - Reading databases from /var/lib/clamav Thu Oct 31 02:05:03 2013 - Not loading PUA signatures. Thu Oct 31 02:05:03 2013 - Bytecode: Security mode set to TrustSigned. Thu Oct 31 02:05:11 2013 - Loaded 2865687 signatures. Thu Oct 31 02:05:12 2013 - LOCAL: Unix socket file /var/run/clamav/clamd.ctl Thu Oct 31 02:05:12 2013 - LOCAL: Setting connection queue length to 15 Thu Oct 31 02:05:12 2013 - ERROR: daemonize() failed: Cannot allocate memory Thu Oct 31 02:05:12 2013 - Socket file removed. # free -m total used free shared buffers cached Mem: 497425 71 0 8 75 -/+ buffers/cache:341155 Swap:0 0 0 It looks like you need more memory. Here's the relevant line from your log file: Thu Oct 31 02:05:12 2013 - ERROR: daemonize() failed: Cannot allocate memory And indeed your `free -m` output shows that you're out of memory and you don't have any swap installed. Adding more memory would fix your problem. Thanks, Shawn ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] - Can't connect to UNIX, socket /var/run/clamav/clamd.ctl
On 11/01/2013 02:26 PM, Shawn Webb wrote: On Fri, Nov 1, 2013 at 5:51 AM, Paolo De Michele pa...@paolodemichele.itwrote: On 11/01/2013 10:11 AM, Paolo De Michele wrote: On 11/01/2013 02:45 AM, Dennis Peterson wrote: On 10/31/13, 5:08 PM, Paolo De Michele wrote: hi everybody, I installed a web/mail server correctly with the suite ispconfig. between the packages I installed amavis and clamav However, the email will be populated with the object UNCECKED and the system logs I see this: Run the clamconf file and send the output to the list. Scan it yourself as you may find the problem on your own. dp __**_ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/**clamav-faqhttps://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/**ml http://www.clamav.net/support/ml dennis, thank you for your reply this is my clamd.conf #Automatically Generated by clamav-base postinst #To reconfigure clamd run #dpkg-reconfigure clamav-base #Please read /usr/share/doc/clamav-base/**README.Debian.gz for details LocalSocket /var/run/clamav/clamd.ctl FixStaleSocket true LocalSocketGroup clamav LocalSocketMode 666 # TemporaryDirectory is not set to its default /tmp here to make overriding # the default with environment variables TMPDIR/TMP/TEMP possible User clamav AllowSupplementaryGroups true ScanMail true ScanArchive true ArchiveBlockEncrypted false MaxDirectoryRecursion 15 FollowDirectorySymlinks false FollowFileSymlinks false ReadTimeout 180 MaxThreads 12 MaxConnectionQueueLength 15 LogSyslog false LogFacility LOG_LOCAL6 LogClean false LogVerbose false PidFile /var/run/clamav/clamd.pid DatabaseDirectory /var/lib/clamav SelfCheck 3600 Foreground false Debug false ScanPE true ScanOLE2 true ScanHTML true DetectBrokenExecutables false ExitOnOOM false LeaveTemporaryFiles false AlgorithmicDetection true ScanELF true IdleTimeout 30 PhishingSignatures true PhishingScanURLs true PhishingAlwaysBlockSSLMismatch false PhishingAlwaysBlockCloak false DetectPUA false ScanPartialMessages false HeuristicScanPrecedence false StructuredDataDetection false CommandReadTimeout 5 SendBufTimeout 200 MaxQueue 100 ExtendedDetectionInfo true OLE2BlockMacros false StreamMaxLength 25M LogFile /var/log/clamav/clamav.log LogTime true LogFileUnlock false LogFileMaxSize 0 Bytecode true BytecodeSecurity TrustSigned BytecodeTimeout 6 OfficialDatabaseOnly false CrossFilesystems true in the /var/log/clamav/clamav.log I see: Thu Oct 31 02:05:03 2013 - +++ Started at Thu Oct 31 02:05:03 2013 Thu Oct 31 02:05:03 2013 - clamd daemon 0.97.8 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) Thu Oct 31 02:05:03 2013 - Log file size limited to -1 bytes. Thu Oct 31 02:05:03 2013 - Reading databases from /var/lib/clamav Thu Oct 31 02:05:03 2013 - Not loading PUA signatures. Thu Oct 31 02:05:03 2013 - Bytecode: Security mode set to TrustSigned. Thu Oct 31 02:05:11 2013 - Loaded 2865687 signatures. Thu Oct 31 02:05:12 2013 - LOCAL: Unix socket file /var/run/clamav/clamd.ctl Thu Oct 31 02:05:12 2013 - LOCAL: Setting connection queue length to 15 Thu Oct 31 02:05:12 2013 - ERROR: daemonize() failed: Cannot allocate memory Thu Oct 31 02:05:12 2013 - Socket file removed. # free -m total used free shared buffers cached Mem: 497425 71 0 8 75 -/+ buffers/cache:341155 Swap:0 0 0 It looks like you need more memory. Here's the relevant line from your log file: Thu Oct 31 02:05:12 2013 - ERROR: daemonize() failed: Cannot allocate memory And indeed your `free -m` output shows that you're out of memory and you don't have any swap installed. Adding more memory would fix your problem. Thanks, Shawn hi Shawn, thank you for your reply I asked my provider if they can attivarmi swap. if there is a way by configuring clamav to force it? ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] - Can't connect to UNIX, socket /var/run/clamav/clamd.ctl
On 11/01/2013 04:48 PM, Paolo De Michele wrote: On 11/01/2013 02:26 PM, Shawn Webb wrote: On Fri, Nov 1, 2013 at 5:51 AM, Paolo De Michelepa...@paolodemichele.itwrote: On 11/01/2013 10:11 AM, Paolo De Michele wrote: On 11/01/2013 02:45 AM, Dennis Peterson wrote: On 10/31/13, 5:08 PM, Paolo De Michele wrote: hi everybody, I installed a web/mail server correctly with the suite ispconfig. between the packages I installed amavis and clamav However, the email will be populated with the object UNCECKED and the system logs I see this: Run the clamconf file and send the output to the list. Scan it yourself as you may find the problem on your own. dp __**_ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/**clamav-faqhttps://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/**ml http://www.clamav.net/support/ml dennis, thank you for your reply this is my clamd.conf #Automatically Generated by clamav-base postinst #To reconfigure clamd run #dpkg-reconfigure clamav-base #Please read /usr/share/doc/clamav-base/**README.Debian.gz for details LocalSocket /var/run/clamav/clamd.ctl FixStaleSocket true LocalSocketGroup clamav LocalSocketMode 666 # TemporaryDirectory is not set to its default /tmp here to make overriding # the default with environment variables TMPDIR/TMP/TEMP possible User clamav AllowSupplementaryGroups true ScanMail true ScanArchive true ArchiveBlockEncrypted false MaxDirectoryRecursion 15 FollowDirectorySymlinks false FollowFileSymlinks false ReadTimeout 180 MaxThreads 12 MaxConnectionQueueLength 15 LogSyslog false LogFacility LOG_LOCAL6 LogClean false LogVerbose false PidFile /var/run/clamav/clamd.pid DatabaseDirectory /var/lib/clamav SelfCheck 3600 Foreground false Debug false ScanPE true ScanOLE2 true ScanHTML true DetectBrokenExecutables false ExitOnOOM false LeaveTemporaryFiles false AlgorithmicDetection true ScanELF true IdleTimeout 30 PhishingSignatures true PhishingScanURLs true PhishingAlwaysBlockSSLMismatch false PhishingAlwaysBlockCloak false DetectPUA false ScanPartialMessages false HeuristicScanPrecedence false StructuredDataDetection false CommandReadTimeout 5 SendBufTimeout 200 MaxQueue 100 ExtendedDetectionInfo true OLE2BlockMacros false StreamMaxLength 25M LogFile /var/log/clamav/clamav.log LogTime true LogFileUnlock false LogFileMaxSize 0 Bytecode true BytecodeSecurity TrustSigned BytecodeTimeout 6 OfficialDatabaseOnly false CrossFilesystems true in the /var/log/clamav/clamav.log I see: Thu Oct 31 02:05:03 2013 - +++ Started at Thu Oct 31 02:05:03 2013 Thu Oct 31 02:05:03 2013 - clamd daemon 0.97.8 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) Thu Oct 31 02:05:03 2013 - Log file size limited to -1 bytes. Thu Oct 31 02:05:03 2013 - Reading databases from /var/lib/clamav Thu Oct 31 02:05:03 2013 - Not loading PUA signatures. Thu Oct 31 02:05:03 2013 - Bytecode: Security mode set to TrustSigned. Thu Oct 31 02:05:11 2013 - Loaded 2865687 signatures. Thu Oct 31 02:05:12 2013 - LOCAL: Unix socket file /var/run/clamav/clamd.ctl Thu Oct 31 02:05:12 2013 - LOCAL: Setting connection queue length to 15 Thu Oct 31 02:05:12 2013 - ERROR: daemonize() failed: Cannot allocate memory Thu Oct 31 02:05:12 2013 - Socket file removed. # free -m total used free shared buffers cached Mem: 497425 71 0 8 75 -/+ buffers/cache:341155 Swap:0 0 0 It looks like you need more memory. Here's the relevant line from your log file: Thu Oct 31 02:05:12 2013 - ERROR: daemonize() failed: Cannot allocate memory And indeed your `free -m` output shows that you're out of memory and you don't have any swap installed. Adding more memory would fix your problem. Thanks, Shawn hi Shawn, thank you for your reply I asked my provider if they can attivarmi swap. if there is a way by configuring clamav to force it? the support reply: While it is possible, due to the nature of SSD storage we do not support swap space on droplets. honestly, I do not think that increasing my VPS to 1gb of ram solve the situation how can I fix it? thanks in advance regards ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] - Can't connect to UNIX, socket /var/run/clamav/clamd.ctl
Paolo De Michele skrev den 2013-11-01 16:59: honestly, I do not think that increasing my VPS to 1gb of ram solve the situation hmp how can I fix it? try another vps ? btw swap can be on a swap file, not just a special swap partion other then that you can try resolve clamd to max 1 threads, so it uses less ram, there is pĆ³ssible other ways of reduce ram usage, but unless some create a ticket for this it will not be solved ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] - Can't connect to UNIX, socket /var/run/clamav/clamd.ctl
Paolo De Michele wrote: the support reply: While it is possible, due to the nature of SSD storage we do not support swap space on droplets. honestly, I do not think that increasing my VPS to 1gb of ram solve the situation how can I fix it? If you won't add RAM, and your hosting provider won't add swap, you'll have to look into cutting down on the number of definitions ClamAV uses so it doesn't use as much memory. There was a thread on this in a very similar situation not too long ago, check the list archives. Content scanning is resource-intensive. -kgd ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
[clamav-users] - Can't connect to UNIX, socket /var/run/clamav/clamd.ctl
hi everybody, I installed a web/mail server correctly with the suite ispconfig. between the packages I installed amavis and clamav However, the email will be populated with the object UNCECKED and the system logs I see this: Oct 29 16:28:51 urano amavis[2410]: (02410-01) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory Oct 29 16:28:52 urano amavis[2410]: (02410-01) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory Oct 29 16:28:52 urano amavis[2410]: (02410-01) (!)ClamAV-clamd: All attempts (1) failed connecting to /var/run/clamav/clamd.ctl, retrying (2) Oct 29 16:28:58 urano amavis[2410]: (02410-01) (!)connect to /var/run/clamav/clamd.ctl failed, attempt #1: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory Oct 29 16:28:58 urano amavis[2410]: (02410-01) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/run/clamav/clamd.ctl (All attempts (1) failed connecting to /var/run/clamav/clamd.ctl) at (eval 113) line 603.\n Oct 29 16:28:58 urano amavis[2410]: (02410-01) (!)WARN: all primary virus scanners failed, considering backups Oct 29 16:29:04 urano amavis[2410]: (02410-01) (!)ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan KILLED, signal 9 (0009) at (eval 113) line 899. Oct 29 16:29:04 urano amavis[2410]: (02410-01) (!!)AV: ALL VIRUS SCANNERS FAILED the clamav version is 0.97.8 the os installed is debian wheezy x64 how can I fix it? thanks in advance best regards ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml
Re: [clamav-users] - Can't connect to UNIX, socket /var/run/clamav/clamd.ctl
On 10/31/13, 5:08 PM, Paolo De Michele wrote: hi everybody, I installed a web/mail server correctly with the suite ispconfig. between the packages I installed amavis and clamav However, the email will be populated with the object UNCECKED and the system logs I see this: Run the clamconf file and send the output to the list. Scan it yourself as you may find the problem on your own. dp ___ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/support/ml