Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Hi Carlos Velasco & Reindl Harald Thanks for all your help. I guess my ClamAV is looking good now? Here's the latest output after doing some changes based on your inputs. # ls -lrt /var/run/clamav/ total 8 srw-rw. 1 clamav root 0 May 18 20:19 clamav-milter.socket -rw-rw-r--. 1 clamav clamav 5 May 18 20:19 clamav-milter.pid -rw-rw. 1 clamav clamav 5 May 18 20:19 freshclam.pid # rm -rf /var/run/clamav/* # ps -ef | grep clam clamav1725 1 0 20:19 ?00:00:00 /usr/local/sbin/clamd clamav1728 1 0 20:19 ?00:00:00 /usr/local/sbin/clamav-milter clamav1732 1 0 20:19 ?00:00:00 /usr/local/bin/freshclam -d root 1735 1464 0 20:19 pts/000:00:00 grep clam # kill -9 1725 1728 1732 1735 # ps -ef | grep clam root 6790 6708 0 17:15 pts/100:00:00 grep clam # ls -lrt /var/run/clamav/ total 0 # /etc/rc.d/rc.local # ls -lrt /var/run/clamav/ total 12 srw-rw-rw-. 1 clamav clamav 0 May 19 17:16 clamd.socket -rw-rw-r--. 1 clamav clamav 5 May 19 17:16 clamd.pid srw-rw. 1 clamav clamav 0 May 19 17:16 clamav-milter.socket -rw-rw-r--. 1 clamav clamav 5 May 19 17:16 clamav-milter.pid -rw-rw. 1 clamav clamav 5 May 19 17:16 freshclam.pid # ps -ef | grep clam clamav6798 1 0 17:16 ?00:00:00 /usr/local/sbin/clamd clamav6801 1 0 17:16 ?00:00:00 /usr/local/sbin/clamav-milter clamav6805 1 0 17:16 ?00:00:00 /usr/local/bin/freshclam -d root 6833 6708 0 17:16 pts/100:00:00 grep clam # echo PING | nc -U /var/run/clamav/clamd.socket PONG # echo VERSION | nc -U /var/run/clamav/clamd.socket ClamAV 0.99.2/23399/Fri May 19 11:58:43 2017 # ls -lrt total 34876 -rw-r--r--. 1 rootroot16067497 May 3 2016 clamav-0.99.2.tar.gz -rw-r--r--. 1 rootroot 72 May 3 2016 clamav-0.99.2.tar.gz.sig -rw-r--r--. 1 rootroot 727 Jul 5 2016 kv drwxrwxr-x. 2710001000 4096 May 16 20:13 clamav-0.99.2 # freshclam ClamAV update process started at Fri May 19 17:34:42 2017 main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer) daily.cld is up to date (version: 23399, sigs: 2074959, f-level: 63, builder: neo) bytecode.cld is up to date (version: 301, sigs: 58, f-level: 63, builder: anvilleg) # clamdscan --stream clamav-0.99.2.tar.gz.sig /home/delta/clamav-0.99.2.tar.gz.sig: OK --- SCAN SUMMARY --- Infected files: 0 Time: 0.016 sec (0 m 0 s) Thanks Kishore ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
> Thanks for the reply. Yes, its pretty clear from your config info about how > to set the permissions for the socket. But it still gets the 'root' in the > group even after setting up with the configuration you suggested. Have you tried this? MilterSocketGroup clamav > But there's no way for me to > confirm this as I don't know how to pass the commands like > PING,VERSION,SHUTDOWN etc. to the clamd that is mentioned in the clamav > documentation. So my question is how to make sure if the clamav is setup > correctly or not? You can use nc (netcat), socat or any other tool to connect to a unix socket and issue a PING, VERSION, etc. > If I do 'clamscan ', it scans it > properly. But when I do 'clamdscan ', It says permission > denied:(. That may well be because you are scanning files that are not acccesible from the clamav user which the daemon is running. Try using --stream to pass the whole file via stream to clamd. # clamdscan root.file root.file: lstat() failed: Permission denied. ERROR --- SCAN SUMMARY --- Infected files: 0 Total errors: 1 Time: 0.133 sec (0 m 0 s) # clamdscan --stream root.file root.file: OK --- SCAN SUMMARY --- Infected files: 0 Time: 0.065 sec (0 m 0 s) Regards, Carlos Velasco ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Am 19.05.2017 um 03:36 schrieb Kishore Pawar: Hi Reindl Harald Thanks for the reply. Yes, its pretty clear from your config info about how to set the permissions for the socket. But it still gets the 'root' in the group even after setting up with the configuration you suggested. I don't know if that's how the clam-milter socket permission should be. By looking at the process I see that the 'clamd' is started. If I try to run clamd again, it says the socket is in use by another program and I think that is because the clamd instance is already running. When I kill all the processes and restart clamd, then it wont complain with the 'socket in use' message. So I think the clamav setup is good. But there's no way for me to confirm this as I don't know how to pass the commands like PING,VERSION,SHUTDOWN etc. to the clamd that is mentioned in the clamav documentation. So my question is how to make sure if the clamav is setup correctly or not? If I do 'clamscan ', it scans it properly. But when I do 'clamdscan ', It says permission denied:( i have no idea about that old systems after switching to systemd many years ago but in other posts you are talking about /etc/rc.d/rc.local containing clamd related stuff get rid of that nonsense - there is pretty sure at the same time a sysvinit service in /etc/rc.d/init.d/ enabled and services *for sure* don't belong in rc.local at all - that file should be just empty on any sane setup # cat /etc/rc.d/rc.local #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. touch /var/lock/subsys/local /usr/local/sbin/clamd /usr/local/sbin/clamav-milter /usr/local/bin/freshclam -d ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Hi Reindl Harald Thanks for the reply. Yes, its pretty clear from your config info about how to set the permissions for the socket. But it still gets the 'root' in the group even after setting up with the configuration you suggested. I don't know if that's how the clam-milter socket permission should be. By looking at the process I see that the 'clamd' is started. If I try to run clamd again, it says the socket is in use by another program and I think that is because the clamd instance is already running. When I kill all the processes and restart clamd, then it wont complain with the 'socket in use' message. So I think the clamav setup is good. But there's no way for me to confirm this as I don't know how to pass the commands like PING,VERSION,SHUTDOWN etc. to the clamd that is mentioned in the clamav documentation. So my question is how to make sure if the clamav is setup correctly or not? If I do 'clamscan ', it scans it properly. But when I do 'clamdscan ', It says permission denied:(. Thanks Kishore ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Am 17.05.2017 um 17:40 schrieb Kishore Pawar: Hi Reindl Harald I am not sure what is wrong with this upgrade/installation. But, here's the configuration I was using previously and is being used currently impressing that you talk to me but quote some other stuff i responded to "where I see that the clam-miller.socket is owned by clamav:clamav, where as my latest one is owned by clamav:root. Is it causing the below error? If so how can I make sure the socket gets proper permissions?" and while it's likely not the problem becaus ethe milter is talking to clamd and not the other way when you look at my milter conf it should be *pretty clear* how to "make sure the socket gets proper permissions" _ $ cat /usr/local/etc/clamav-milter.conf | grep -v "#" MilterSocket /var/run/clamav/clamav-milter.socket User clamav PidFile /var/run/clamav/clamav-milter.pid ClamdSocket unix:/var/run/clamav/clamd.socket Whitelist /usr/local/etc/clamav-milter.whitelisted_addresses LogFile /var/log/clamav/clamav-milter.log LogTime yes LogSyslog yes _ /etc/mail/clamav-milter.conf # usermod -a -G clamilt postfix # usermod -a -G sa-milt postfix User clamilt AllowSupplementaryGroups yes MilterSocket /run/clamav-milter/clamav-milter.socket MilterSocketMode 0660 ClamdSocket unix:/run/clamd/clamd.sock FixStaleSocket yes ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Hi Reindl Harald I am not sure what is wrong with this upgrade/installation. But, here's the configuration I was using previously and is being used currently. $ date Wed May 17 10:14:47 CDT 2017 $ cat /usr/local/etc/clamd.conf | grep -v "#" LogFile /var/log/clamav/clamd.log LogTime yes LogSyslog yes PidFile /var/run/clamav/clamd.pid LocalSocket /var/run/clamav/clamd.socket FixStaleSocket yes MaxThreads 40 MaxQueue 200 VirusEvent echo "ClamAV has detected %v" | /bin/mailx -s "[ClamAV] Detected %v" root User clamav PhishingScanURLs no $ cat /usr/local/etc/clamav-milter.conf | grep -v "#" MilterSocket /var/run/clamav/clamav-milter.socket User clamav PidFile /var/run/clamav/clamav-milter.pid ClamdSocket unix:/var/run/clamav/clamd.socket Whitelist /usr/local/etc/clamav-milter.whitelisted_addresses LogFile /var/log/clamav/clamav-milter.log LogTime yes LogSyslog yes $ cat /usr/local/etc/freshclam.conf | grep -v "#" UpdateLogFile /var/log/clamav/freshclam.log LogTime yes LogSyslog yes PidFile /var/run/clamav/freshclam.pid DatabaseOwner clamav DatabaseMirror db.us.clamav.net DatabaseMirror database.clamav.net Checks 48 OnUpdateExecute echo "ClamAV has succeeded at downloading a DB update" | /bin/mailx -s "[FreshClam] Succeeded" root OnErrorExecute echo "ClamAV has failed at downloading a DB update" | /bin/mailx -s "[FreshClam] Failed" root Thanks Kishore On Tue, May 16, 2017 at 10:07 PM, Kishore Pawarwrote: > Thanks Carlos > > I see what you saying. I checked my previous sessions and I found the > below one from the 'Oct 2016' session where I see that the > clam-miller.socket is owned by clamav:clamav, where as my latest one is > owned by clamav:root. Is it causing the below error? If so how can I make > sure the socket gets proper permissions? > > ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by > another process. > > # lsof | grep clamd.socket > clamd 22795clamav5u unix 0xc000712f4880 0t0 > 335900 /var/run/clamav/clamd.socket > > > Oct2016 > # ls -lrt /var/run/clamav > total 8 > srw-r--r--. 1 clamav clamav 0 Oct 24 2016 clamav-milter.socket > -rw-rw-r--. 1 clamav clamav 5 Oct 24 2016 clamav-milter.pid > -rw-rw. 1 clamav clamav 5 Oct 24 2016 freshclam.pid > > > Latest > # ls -lrt /var/run/clamav > total 12 > srw-rw-rw-. 1 clamav clamav 0 May 16 21:40 clamd.socket > -rw-rw-r--. 1 clamav clamav 6 May 16 21:40 clamd.pid > srw-r--r--. 1 clamav root 0 May 16 21:40 clamav-milter.socket # > Not sure why it's not owned by clamav:clamav here > -rw-rw. 1 clamav clamav 6 May 16 21:40 freshclam.pid > -rw-rw-r--. 1 clamav clamav 6 May 16 21:40 clamav-milter.pid > > > Thanks > --- > > IMHO rc.local is not the best place to put this at all... > > >* # clamd status *>* ERROR: LOCAL: Socket file > /var/run/clamav/clamd.socket is in use by another *>* process. * > You are calling clamd *daemon* with a "status" argument that it doesn't > recognize. > As you are using an init system you should use a init.d/rc.d script (like > "/etc/rc.d/clamav"). That script usually accepts a "status" argument, but > clamd (daemon) does not. > > Regards, > Carlos Velasco > > On Tue, May 16, 2017 at 9:55 AM, Kishore Pawar wrote: > >> Hi Carlos Velasco >> >> Our RHEL 6.8 runs on an IBM Power 8 server(ppc64), for which we dont' >> have a ClamAV package. So I had to compile it from source. I have >> uninstalled the old version and installed the *ClamAV 0.99.2. * >> >> So I can confirm that I have only one instance running. Here's the >> detailed info. >> >> # which clamd >> /usr/local/sbin/clamd >> >> # whereis clamd >> clamd: /usr/local/sbin/clamd /usr/local/etc/clamd.conf >> >> # cat /etc/rc.d/rc.local >> #!/bin/sh >> # >> # This script will be executed *after* all the other init scripts. >> # You can put your own initialization stuff in here if you don't >> # want to do the full Sys V style init stuff. >> touch /var/lock/subsys/local >> /usr/local/sbin/clamd >> /usr/local/sbin/clamav-milter >> /usr/local/bin/freshclam -d >> >> # ps -ef | grep clamd >> clamav6776 1 0 May15 ?00:00:01 clamd >> root 10956 10925 0 09:40 pts/000:00:00 grep clamd >> >> # clamd status >> ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by >> another process. >> >> # lsof | grep clamd.socket >> clamd 6776clamav5u unix 0xc3692480 >> 0t0 72993 /var/run/clamav/clamd.socket >> >> Thanks >> Kishore >> >> >> --- >> >> >* Yes, I usually verify after running any command. So yes verified the * >> >* process is properly killed. I even rebooted it couple time. Even >> after a *>* clean reboot, the output of clamd status gives the same >> error. What is the *>* output of your clamd status? Can you share it >> please? * >> Kishore, I think you have 2 clamav installations in your machine. Maybe >> one packaged and another one compiled. >> I haven't a RHEL at hand right now, but check with
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Am 17.05.2017 um 05:07 schrieb Kishore Pawar: Thanks Carlos I see what you saying. I checked my previous sessions and I found the below one from the 'Oct 2016' session where I see that the clam-miller.socket is owned by clamav:clamav, where as my latest one is owned by clamav:root. Is it causing the below error? If so how can I make sure the socket gets proper permissions? man clamav-milter.conf on a proper configured system there is no need to start any service which does not need to listen on ports below 1024 as root to start with _ /etc/mail/clamav-milter.conf # usermod -a -G clamilt postfix # usermod -a -G sa-milt postfix User clamilt AllowSupplementaryGroups yes MilterSocket /run/clamav-milter/clamav-milter.socket MilterSocketMode 0660 ClamdSocket unix:/run/clamd/clamd.sock FixStaleSocket yes _ /etc/systemd/system/clamav-milter.service [Unit] Description=ClamAV Postfix-Milter Wants=clamd.service After=clamd.service Before=postfix.service [Service] Type=simple Environment="TMPDIR=/tmp" ExecStart=/usr/sbin/clamav-milter -c /etc/mail/clamav-milter.conf User=clamilt Group=clamilt Environment="LANG=en_GB.UTF-8" Restart=always RestartSec=1 Nice=5 PrivateTmp=yes PrivateDevices=yes PrivateNetwork=yes NoNewPrivileges=yes CapabilityBoundingSet=CAP_KILL RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 SystemCallArchitectures=x86-64 SystemCallFilter=~acct modify_ldt add_key adjtimex clock_adjtime delete_module fanotify_init finit_module get_mempolicy init_module io_destroy io_getevents iopl ioperm io_setup io_submit io_cancel kcmp kexec_load keyctl lookup_dcookie mbind migrate_pages mount move_pages open_by_handle_at perf_event_open pivot_root process_vm_readv process_vm_writev ptrace remap_file_pages request_key set_mempolicy swapoff swapon umount2 uselib vmsplice ReadOnlyDirectories=/ ReadWriteDirectories=-/run/clamav-milter ReadWriteDirectories=-/run/clamd ReadWriteDirectories=-/tmp ReadWriteDirectories=-/var/log ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Thanks Carlos I see what you saying. I checked my previous sessions and I found the below one from the 'Oct 2016' session where I see that the clam-miller.socket is owned by clamav:clamav, where as my latest one is owned by clamav:root. Is it causing the below error? If so how can I make sure the socket gets proper permissions? ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another process. # lsof | grep clamd.socket clamd 22795clamav5u unix 0xc000712f4880 0t0 335900 /var/run/clamav/clamd.socket Oct2016 # ls -lrt /var/run/clamav total 8 srw-r--r--. 1 clamav clamav 0 Oct 24 2016 clamav-milter.socket -rw-rw-r--. 1 clamav clamav 5 Oct 24 2016 clamav-milter.pid -rw-rw. 1 clamav clamav 5 Oct 24 2016 freshclam.pid Latest # ls -lrt /var/run/clamav total 12 srw-rw-rw-. 1 clamav clamav 0 May 16 21:40 clamd.socket -rw-rw-r--. 1 clamav clamav 6 May 16 21:40 clamd.pid srw-r--r--. 1 clamav root 0 May 16 21:40 clamav-milter.socket # Not sure why it's not owned by clamav:clamav here -rw-rw. 1 clamav clamav 6 May 16 21:40 freshclam.pid -rw-rw-r--. 1 clamav clamav 6 May 16 21:40 clamav-milter.pid Thanks --- IMHO rc.local is not the best place to put this at all... >* # clamd status *>* ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another *>* process. * You are calling clamd *daemon* with a "status" argument that it doesn't recognize. As you are using an init system you should use a init.d/rc.d script (like "/etc/rc.d/clamav"). That script usually accepts a "status" argument, but clamd (daemon) does not. Regards, Carlos Velasco On Tue, May 16, 2017 at 9:55 AM, Kishore Pawarwrote: > Hi Carlos Velasco > > Our RHEL 6.8 runs on an IBM Power 8 server(ppc64), for which we dont' have > a ClamAV package. So I had to compile it from source. I have uninstalled > the old version and installed the *ClamAV 0.99.2. * > > So I can confirm that I have only one instance running. Here's the > detailed info. > > # which clamd > /usr/local/sbin/clamd > > # whereis clamd > clamd: /usr/local/sbin/clamd /usr/local/etc/clamd.conf > > # cat /etc/rc.d/rc.local > #!/bin/sh > # > # This script will be executed *after* all the other init scripts. > # You can put your own initialization stuff in here if you don't > # want to do the full Sys V style init stuff. > touch /var/lock/subsys/local > /usr/local/sbin/clamd > /usr/local/sbin/clamav-milter > /usr/local/bin/freshclam -d > > # ps -ef | grep clamd > clamav6776 1 0 May15 ?00:00:01 clamd > root 10956 10925 0 09:40 pts/000:00:00 grep clamd > > # clamd status > ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by > another process. > > # lsof | grep clamd.socket > clamd 6776clamav5u unix 0xc3692480 0t0 > 72993 /var/run/clamav/clamd.socket > > Thanks > Kishore > > > --- > > >* Yes, I usually verify after running any command. So yes verified the *>* > process is properly killed. I even rebooted it couple time. Even after a * > >* clean reboot, the output of clamd status gives the same error. What is > the *>* output of your clamd status? Can you share it please? * > Kishore, I think you have 2 clamav installations in your machine. Maybe > one packaged and another one compiled. > I haven't a RHEL at hand right now, but check with any of this: > which clamd > whereis clamd > > If you see two different clamd (maybe one on /usr/local/...) that's > because you are seeing your problems, and you should fix it changing your > status script (init.d?) probably. > > Regards, > Carlos Velasco > > On Tue, May 16, 2017 at 8:08 AM, Kishore Pawar wrote: > >> Hi Reindl Harald >> >> Yes, I usually verify after running any command. So yes verified the >> process is properly killed. I even rebooted it couple time. Even after a >> clean reboot, the output of clamd status gives the same error. What is the >> output of your clamd status? Can you share it please? >> >> Thanks >> Kishore >> >> >> Am 15.05.2017 um 23:53 schrieb Kishore Pawar: >> >* Yes, I see the clamd process. I tried to kill and restart it many >> times, *>* but when I run the 'clamd status' I get the same error about >> the socket *>* file. Earlier when I was running the older version, I >> used to see the *>* complete details about the clamd status including >> the version number I was *>* running and what the latest status of that >> clamd. Now I just get the error *>* which I am not sure if it is giving >> me the right output * >> and did you verify that after kill the process is really gone? >> >> maybe it needs a "kill -s SIGKILL" instead a SIGTERM for whatever reason >> but that's all hard to say since you don't provide much informations >> without beeing explicit asked >> >> >> On Mon, May 15, 2017 at 5:18 PM, Kishore Pawar wrote: >> >>> Btw, can you please share your output of the command
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
> # cat /etc/rc.d/rc.local > #!/bin/sh > # > # This script will be executed *after* all the other init scripts. > # You can put your own initialization stuff in here if you don't > # want to do the full Sys V style init stuff. > touch /var/lock/subsys/local > /usr/local/sbin/clamd > /usr/local/sbin/clamav-milter > /usr/local/bin/freshclam -d IMHO rc.local is not the best place to put this at all... > # clamd status > ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another > process. You are calling clamd *daemon* with a "status" argument that it doesn't recognize. As you are using an init system you should use a init.d/rc.d script (like "/etc/rc.d/clamav"). That script usually accepts a "status" argument, but clamd (daemon) does not. Regards, Carlos Velasco ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Hi Carlos Velasco Our RHEL 6.8 runs on an IBM Power 8 server(ppc64), for which we dont' have a ClamAV package. So I had to compile it from source. I have uninstalled the old version and installed the *ClamAV 0.99.2. * So I can confirm that I have only one instance running. Here's the detailed info. # which clamd /usr/local/sbin/clamd # whereis clamd clamd: /usr/local/sbin/clamd /usr/local/etc/clamd.conf # cat /etc/rc.d/rc.local #!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. touch /var/lock/subsys/local /usr/local/sbin/clamd /usr/local/sbin/clamav-milter /usr/local/bin/freshclam -d # ps -ef | grep clamd clamav6776 1 0 May15 ?00:00:01 clamd root 10956 10925 0 09:40 pts/000:00:00 grep clamd # clamd status ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another process. # lsof | grep clamd.socket clamd 6776clamav5u unix 0xc3692480 0t0 72993 /var/run/clamav/clamd.socket Thanks Kishore --- >* Yes, I usually verify after running any command. So yes verified the *>* process is properly killed. I even rebooted it couple time. Even after a *>* clean reboot, the output of clamd status gives the same error. What is the * >* output of your clamd status? Can you share it please? * Kishore, I think you have 2 clamav installations in your machine. Maybe one packaged and another one compiled. I haven't a RHEL at hand right now, but check with any of this: which clamd whereis clamd If you see two different clamd (maybe one on /usr/local/...) that's because you are seeing your problems, and you should fix it changing your status script (init.d?) probably. Regards, Carlos Velasco On Tue, May 16, 2017 at 8:08 AM, Kishore Pawarwrote: > Hi Reindl Harald > > Yes, I usually verify after running any command. So yes verified the > process is properly killed. I even rebooted it couple time. Even after a > clean reboot, the output of clamd status gives the same error. What is the > output of your clamd status? Can you share it please? > > Thanks > Kishore > > > Am 15.05.2017 um 23:53 schrieb Kishore Pawar: > >* Yes, I see the clamd process. I tried to kill and restart it many > times, *>* but when I run the 'clamd status' I get the same error about > the socket *>* file. Earlier when I was running the older version, I used > to see the *>* complete details about the clamd status including the > version number I was *>* running and what the latest status of that > clamd. Now I just get the error *>* which I am not sure if it is giving > me the right output * > and did you verify that after kill the process is really gone? > > maybe it needs a "kill -s SIGKILL" instead a SIGTERM for whatever reason > but that's all hard to say since you don't provide much informations > without beeing explicit asked > > > On Mon, May 15, 2017 at 5:18 PM, Kishore Pawar wrote: > >> Btw, can you please share your output of the command 'clamd status'? >> >> Thanks >> Kishore >> >> On Mon, May 15, 2017 at 4:53 PM, Kishore Pawar wrote: >> >>> Yes, I see the clamd process. I tried to kill and restart it many >>> times, but when I run the 'clamd status' I get the same error about the >>> socket file. Earlier when I was running the older version, I used to see >>> the complete details about the clamd status including the version number I >>> was running and what the latest status of that clamd. Now I just get the >>> error which I am not sure if it is giving me the right output. >>> >>> On Mon, May 15, 2017 at 4:22 PM, Kishore Pawar >>> wrote: >>> Thanks Steve. Here's the output of lsof. # clamd status ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another process. # lsof | grep clamd.socket clamd 6776clamav5u unix 0xc3692480 0t0 72993 /var/run/clamav/clamd.socket # ps -ef | grep 6776 clamav6776 1 0 15:57 ?00:00:00 clamd root 6889 2739 0 16:20 pts/100:00:00 grep 6776 Thanks Kishore On Mon, May 15, 2017 at 12:29 PM, Kishore Pawar wrote: > Thanks Steve. Yes, I tried removing them and kill the running clamd > process and start it again but still the clamd status doesn't show > anything > other than the error. > > # clamd status > ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by > another process. > > > > There is probably another clamd running. If not, try deleting > /var/run/clamav/clamd.socket. > > Steve > > On Mon, May 15, 2017 at 11:58 AM, Kishore Pawar > wrote: > >> Hi Steve >> >> Thank you very much for
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
> Yes, I usually verify after running any command. So yes verified the > process is properly killed. I even rebooted it couple time. Even after a > clean reboot, the output of clamd status gives the same error. What is the > output of your clamd status? Can you share it please? Kishore, I think you have 2 clamav installations in your machine. Maybe one packaged and another one compiled. I haven't a RHEL at hand right now, but check with any of this: which clamd whereis clamd If you see two different clamd (maybe one on /usr/local/...) that's because you are seeing your problems, and you should fix it changing your status script (init.d?) probably. Regards, Carlos Velasco ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Hi Reindl Harald Yes, I usually verify after running any command. So yes verified the process is properly killed. I even rebooted it couple time. Even after a clean reboot, the output of clamd status gives the same error. What is the output of your clamd status? Can you share it please? Thanks Kishore Am 15.05.2017 um 23:53 schrieb Kishore Pawar: >* Yes, I see the clamd process. I tried to kill and restart it many times, *>* but when I run the 'clamd status' I get the same error about the socket *>* file. Earlier when I was running the older version, I used to see the *>* complete details about the clamd status including the version number I was * >* running and what the latest status of that clamd. Now I just get the error *>* which I am not sure if it is giving me the right output * and did you verify that after kill the process is really gone? maybe it needs a "kill -s SIGKILL" instead a SIGTERM for whatever reason but that's all hard to say since you don't provide much informations without beeing explicit asked On Mon, May 15, 2017 at 5:18 PM, Kishore Pawarwrote: > Btw, can you please share your output of the command 'clamd status'? > > Thanks > Kishore > > On Mon, May 15, 2017 at 4:53 PM, Kishore Pawar wrote: > >> Yes, I see the clamd process. I tried to kill and restart it many times, >> but when I run the 'clamd status' I get the same error about the socket >> file. Earlier when I was running the older version, I used to see the >> complete details about the clamd status including the version number I was >> running and what the latest status of that clamd. Now I just get the error >> which I am not sure if it is giving me the right output. >> >> On Mon, May 15, 2017 at 4:22 PM, Kishore Pawar wrote: >> >>> Thanks Steve. Here's the output of lsof. >>> >>> # clamd status >>> ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by >>> another process. >>> >>> # lsof | grep clamd.socket >>> clamd 6776clamav5u unix 0xc3692480 >>> 0t0 72993 /var/run/clamav/clamd.socket >>> >>> # ps -ef | grep 6776 >>> clamav6776 1 0 15:57 ?00:00:00 clamd >>> root 6889 2739 0 16:20 pts/100:00:00 grep 6776 >>> >>> Thanks >>> Kishore >>> >>> On Mon, May 15, 2017 at 12:29 PM, Kishore Pawar >>> wrote: >>> Thanks Steve. Yes, I tried removing them and kill the running clamd process and start it again but still the clamd status doesn't show anything other than the error. # clamd status ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another process. There is probably another clamd running. If not, try deleting /var/run/clamav/clamd.socket. Steve On Mon, May 15, 2017 at 11:58 AM, Kishore Pawar wrote: > Hi Steve > > Thank you very much for the reply and your suggestion. I rebuild it > with the options (--enable-llvm=no) provided by you and it seems to be ok > now. But now I am unable to stop/start the clamd and am not able to get > the > status of clamd. > > > # clamd status > ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by > another process. > > # ls -lrt /var/run/clamav/ > total 12 > srw-rw-rw-. 1 clamav clamav 0 May 15 11:29 clamd.socket > -rw-rw-r--. 1 clamav clamav 5 May 15 11:29 clamd.pid > -rw-rw. 1 clamav clamav 5 May 15 11:29 freshclam.pid > srw-r--r--. 1 clamav root 0 May 15 11:46 clamav-milter.socket > -rw-rw-r--. 1 clamav clamav 5 May 15 11:46 clamav-milter.pid > > I observed that the 'clamav-milter.socket' is started by root and not > clamav user. I am not sure if that's how it is supposed to be. If it needs > to be started by clamav, where should I do the changes? > > Thanks > Kishore > >>> >> > ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Am 15.05.2017 um 23:53 schrieb Kishore Pawar: Yes, I see the clamd process. I tried to kill and restart it many times, but when I run the 'clamd status' I get the same error about the socket file. Earlier when I was running the older version, I used to see the complete details about the clamd status including the version number I was running and what the latest status of that clamd. Now I just get the error which I am not sure if it is giving me the right output and did you verify that after kill the process is really gone? maybe it needs a "kill -s SIGKILL" instead a SIGTERM for whatever reason but that's all hard to say since you don't provide much informations without beeing explicit asked ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Btw, can you please share your output of the command 'clamd status'? Thanks Kishore On Mon, May 15, 2017 at 4:53 PM, Kishore Pawarwrote: > Yes, I see the clamd process. I tried to kill and restart it many times, > but when I run the 'clamd status' I get the same error about the socket > file. Earlier when I was running the older version, I used to see the > complete details about the clamd status including the version number I was > running and what the latest status of that clamd. Now I just get the error > which I am not sure if it is giving me the right output. > > On Mon, May 15, 2017 at 4:22 PM, Kishore Pawar wrote: > >> Thanks Steve. Here's the output of lsof. >> >> # clamd status >> ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by >> another process. >> >> # lsof | grep clamd.socket >> clamd 6776clamav5u unix 0xc3692480 0t0 >> 72993 /var/run/clamav/clamd.socket >> >> # ps -ef | grep 6776 >> clamav6776 1 0 15:57 ?00:00:00 clamd >> root 6889 2739 0 16:20 pts/100:00:00 grep 6776 >> >> Thanks >> Kishore >> >> On Mon, May 15, 2017 at 12:29 PM, Kishore Pawar >> wrote: >> >>> Thanks Steve. Yes, I tried removing them and kill the running clamd >>> process and start it again but still the clamd status doesn't show anything >>> other than the error. >>> >>> # clamd status >>> ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by >>> another process. >>> >>> >>> >>> There is probably another clamd running. If not, try deleting >>> /var/run/clamav/clamd.socket. >>> >>> Steve >>> >>> On Mon, May 15, 2017 at 11:58 AM, Kishore Pawar >>> wrote: >>> Hi Steve Thank you very much for the reply and your suggestion. I rebuild it with the options (--enable-llvm=no) provided by you and it seems to be ok now. But now I am unable to stop/start the clamd and am not able to get the status of clamd. # clamd status ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another process. # ls -lrt /var/run/clamav/ total 12 srw-rw-rw-. 1 clamav clamav 0 May 15 11:29 clamd.socket -rw-rw-r--. 1 clamav clamav 5 May 15 11:29 clamd.pid -rw-rw. 1 clamav clamav 5 May 15 11:29 freshclam.pid srw-r--r--. 1 clamav root 0 May 15 11:46 clamav-milter.socket -rw-rw-r--. 1 clamav clamav 5 May 15 11:46 clamav-milter.pid I observed that the 'clamav-milter.socket' is started by root and not clamav user. I am not sure if that's how it is supposed to be. If it needs to be started by clamav, where should I do the changes? Thanks Kishore >>> >>> >> > ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Yes, I see the clamd process. I tried to kill and restart it many times, but when I run the 'clamd status' I get the same error about the socket file. Earlier when I was running the older version, I used to see the complete details about the clamd status including the version number I was running and what the latest status of that clamd. Now I just get the error which I am not sure if it is giving me the right output. On Mon, May 15, 2017 at 4:22 PM, Kishore Pawarwrote: > Thanks Steve. Here's the output of lsof. > > # clamd status > ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by > another process. > > # lsof | grep clamd.socket > clamd 6776clamav5u unix 0xc3692480 0t0 > 72993 /var/run/clamav/clamd.socket > > # ps -ef | grep 6776 > clamav6776 1 0 15:57 ?00:00:00 clamd > root 6889 2739 0 16:20 pts/100:00:00 grep 6776 > > Thanks > Kishore > > On Mon, May 15, 2017 at 12:29 PM, Kishore Pawar wrote: > >> Thanks Steve. Yes, I tried removing them and kill the running clamd >> process and start it again but still the clamd status doesn't show anything >> other than the error. >> >> # clamd status >> ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by >> another process. >> >> >> >> There is probably another clamd running. If not, try deleting >> /var/run/clamav/clamd.socket. >> >> Steve >> >> On Mon, May 15, 2017 at 11:58 AM, Kishore Pawar >> wrote: >> >>> Hi Steve >>> >>> Thank you very much for the reply and your suggestion. I rebuild it with >>> the options (--enable-llvm=no) provided by you and it seems to be ok now. >>> But now I am unable to stop/start the clamd and am not able to get the >>> status of clamd. >>> >>> >>> # clamd status >>> ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by >>> another process. >>> >>> # ls -lrt /var/run/clamav/ >>> total 12 >>> srw-rw-rw-. 1 clamav clamav 0 May 15 11:29 clamd.socket >>> -rw-rw-r--. 1 clamav clamav 5 May 15 11:29 clamd.pid >>> -rw-rw. 1 clamav clamav 5 May 15 11:29 freshclam.pid >>> srw-r--r--. 1 clamav root 0 May 15 11:46 clamav-milter.socket >>> -rw-rw-r--. 1 clamav clamav 5 May 15 11:46 clamav-milter.pid >>> >>> I observed that the 'clamav-milter.socket' is started by root and not >>> clamav user. I am not sure if that's how it is supposed to be. If it needs >>> to be started by clamav, where should I do the changes? >>> >>> Thanks >>> Kishore >>> >> >> > ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
'kill -9 6776', verify the 6776 is gone, followed by starting clamd again should fix this. Steve On Mon, May 15, 2017 at 5:22 PM, Kishore Pawarwrote: > Thanks Steve. Here's the output of lsof. > > # clamd status > ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another > process. > > # lsof | grep clamd.socket > clamd 6776clamav5u unix 0xc3692480 0t0 > 72993 /var/run/clamav/clamd.socket > > # ps -ef | grep 6776 > clamav6776 1 0 15:57 ?00:00:00 clamd > root 6889 2739 0 16:20 pts/100:00:00 grep 6776 > > Thanks > Kishore > > > ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Am 15.05.2017 um 23:22 schrieb Kishore Pawar: Thanks Steve. Here's the output of lsof. # clamd status ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another process. # lsof | grep clamd.socket clamd 6776clamav5u unix 0xc3692480 0t0 72993 /var/run/clamav/clamd.socket # ps -ef | grep 6776 clamav6776 1 0 15:57 ?00:00:00 clamd root 6889 2739 0 16:20 pts/100:00:00 grep 6776 you pretty clear see a clamd process running here ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Thanks Steve. Here's the output of lsof. # clamd status ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another process. # lsof | grep clamd.socket clamd 6776clamav5u unix 0xc3692480 0t0 72993 /var/run/clamav/clamd.socket # ps -ef | grep 6776 clamav6776 1 0 15:57 ?00:00:00 clamd root 6889 2739 0 16:20 pts/100:00:00 grep 6776 Thanks Kishore On Mon, May 15, 2017 at 12:29 PM, Kishore Pawarwrote: > Thanks Steve. Yes, I tried removing them and kill the running clamd > process and start it again but still the clamd status doesn't show anything > other than the error. > > # clamd status > ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by > another process. > > > > There is probably another clamd running. If not, try deleting > /var/run/clamav/clamd.socket. > > Steve > > On Mon, May 15, 2017 at 11:58 AM, Kishore Pawar wrote: > >> Hi Steve >> >> Thank you very much for the reply and your suggestion. I rebuild it with >> the options (--enable-llvm=no) provided by you and it seems to be ok now. >> But now I am unable to stop/start the clamd and am not able to get the >> status of clamd. >> >> >> # clamd status >> ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by >> another process. >> >> # ls -lrt /var/run/clamav/ >> total 12 >> srw-rw-rw-. 1 clamav clamav 0 May 15 11:29 clamd.socket >> -rw-rw-r--. 1 clamav clamav 5 May 15 11:29 clamd.pid >> -rw-rw. 1 clamav clamav 5 May 15 11:29 freshclam.pid >> srw-r--r--. 1 clamav root 0 May 15 11:46 clamav-milter.socket >> -rw-rw-r--. 1 clamav clamav 5 May 15 11:46 clamav-milter.pid >> >> I observed that the 'clamav-milter.socket' is started by root and not >> clamav user. I am not sure if that's how it is supposed to be. If it needs >> to be started by clamav, where should I do the changes? >> >> Thanks >> Kishore >> > > ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
OK, try the 'lsof' command to identify what is using /var/run/clamav/clamd.socket. Steve On Mon, May 15, 2017 at 1:29 PM, Kishore Pawarwrote: > Thanks Steve. Yes, I tried removing them and kill the running clamd process > and start it again but still the clamd status doesn't show anything other > than the error. > > # clamd status > ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another > process. > > > > There is probably another clamd running. If not, try deleting > /var/run/clamav/clamd.socket. > > Steve > > On Mon, May 15, 2017 at 11:58 AM, Kishore Pawar wrote: > > > Hi Steve > > > > Thank you very much for the reply and your suggestion. I rebuild it with > > the options (--enable-llvm=no) provided by you and it seems to be ok now. > > But now I am unable to stop/start the clamd and am not able to get the > > status of clamd. > > > > > > # clamd status > > ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by > > another process. > > > > # ls -lrt /var/run/clamav/ > > total 12 > > srw-rw-rw-. 1 clamav clamav 0 May 15 11:29 clamd.socket > > -rw-rw-r--. 1 clamav clamav 5 May 15 11:29 clamd.pid > > -rw-rw. 1 clamav clamav 5 May 15 11:29 freshclam.pid > > srw-r--r--. 1 clamav root 0 May 15 11:46 clamav-milter.socket > > -rw-rw-r--. 1 clamav clamav 5 May 15 11:46 clamav-milter.pid > > > > I observed that the 'clamav-milter.socket' is started by root and not > > clamav user. I am not sure if that's how it is supposed to be. If it > needs > > to be started by clamav, where should I do the changes? > > > > Thanks > > Kishore > > > ___ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Thanks Steve. Yes, I tried removing them and kill the running clamd process and start it again but still the clamd status doesn't show anything other than the error. # clamd status ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another process. There is probably another clamd running. If not, try deleting /var/run/clamav/clamd.socket. Steve On Mon, May 15, 2017 at 11:58 AM, Kishore Pawarwrote: > Hi Steve > > Thank you very much for the reply and your suggestion. I rebuild it with > the options (--enable-llvm=no) provided by you and it seems to be ok now. > But now I am unable to stop/start the clamd and am not able to get the > status of clamd. > > > # clamd status > ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by > another process. > > # ls -lrt /var/run/clamav/ > total 12 > srw-rw-rw-. 1 clamav clamav 0 May 15 11:29 clamd.socket > -rw-rw-r--. 1 clamav clamav 5 May 15 11:29 clamd.pid > -rw-rw. 1 clamav clamav 5 May 15 11:29 freshclam.pid > srw-r--r--. 1 clamav root 0 May 15 11:46 clamav-milter.socket > -rw-rw-r--. 1 clamav clamav 5 May 15 11:46 clamav-milter.pid > > I observed that the 'clamav-milter.socket' is started by root and not > clamav user. I am not sure if that's how it is supposed to be. If it needs > to be started by clamav, where should I do the changes? > > Thanks > Kishore > ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
There is probably another clamd running. If not, try deleting /var/run/clamav/clamd.socket. Steve On Mon, May 15, 2017 at 12:58 PM, Kishore Pawarwrote: > Hi Steve > > Thank you very much for the reply and your suggestion. I rebuild it with > the options (--enable-llvm=no) provided by you and it seems to be ok now. > But now I am unable to stop/start the clamd and am not able to get the > status of clamd. > > > # clamd status > ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another > process. > > # ls -lrt /var/run/clamav/ > total 12 > srw-rw-rw-. 1 clamav clamav 0 May 15 11:29 clamd.socket > -rw-rw-r--. 1 clamav clamav 5 May 15 11:29 clamd.pid > -rw-rw. 1 clamav clamav 5 May 15 11:29 freshclam.pid > srw-r--r--. 1 clamav root 0 May 15 11:46 clamav-milter.socket > -rw-rw-r--. 1 clamav clamav 5 May 15 11:46 clamav-milter.pid > > I observed that the 'clamav-milter.socket' is started by root and not > clamav user. I am not sure if that's how it is supposed to be. If it needs > to be started by clamav, where should I do the changes? > > Thanks > Kishore > ___ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Hi Steve Thank you very much for the reply and your suggestion. I rebuild it with the options (--enable-llvm=no) provided by you and it seems to be ok now. But now I am unable to stop/start the clamd and am not able to get the status of clamd. # clamd status ERROR: LOCAL: Socket file /var/run/clamav/clamd.socket is in use by another process. # ls -lrt /var/run/clamav/ total 12 srw-rw-rw-. 1 clamav clamav 0 May 15 11:29 clamd.socket -rw-rw-r--. 1 clamav clamav 5 May 15 11:29 clamd.pid -rw-rw. 1 clamav clamav 5 May 15 11:29 freshclam.pid srw-r--r--. 1 clamav root 0 May 15 11:46 clamav-milter.socket -rw-rw-r--. 1 clamav clamav 5 May 15 11:46 clamav-milter.pid I observed that the 'clamav-milter.socket' is started by root and not clamav user. I am not sure if that's how it is supposed to be. If it needs to be started by clamav, where should I do the changes? Thanks Kishore ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
OK, thanks. Is it possible to rebuild? If so, please try to include --enable-llvm=no on your ./configure. This will use the internal bytecode interpreter rather than the llvm jit. Steve On Fri, May 12, 2017 at 6:13 PM, Kishore Pawarwrote: > Hi Steve > > I tried to run the freshclam today too but getting the same errors. The > debug output is as follows: > > # `freshclam --verbose --debug` output > LibClamAV debug: in cli_untgz() > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/COPYING > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/ > bytecode.info > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986282.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986224.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986214.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/4306157.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986236.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986221.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986310.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986216.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986233.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986222.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/4416867.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/4310114.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986231.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986212.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986321.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986187.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986328.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986259.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986249.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986318.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986219.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/4510302.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986303.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 > c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986301.cbc > LibClamAV debug: cli_untgz: Unpacking > /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297 >
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Hi Steve I tried to run the freshclam today too but getting the same errors. The debug output is as follows: # `freshclam --verbose --debug` output LibClamAV debug: in cli_untgz() LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/COPYING LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/ bytecode.info LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986282.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986224.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986214.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/4306157.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986236.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986221.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986310.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986216.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986233.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986222.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/4416867.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/4310114.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986231.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986212.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986321.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986187.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986328.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986259.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986249.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986318.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986219.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/4510302.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986303.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986301.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986292.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986289.cbc LibClamAV debug: cli_untgz: Unpacking /usr/local/share/clamav/clamav-20d22218e1780410bf11d524113297c8.tmp/clamav-f737a3544567723efec18f3185af6d41.tmp/3986188.cbc LibClamAV debug: cli_untgz: Unpacking
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
There was a bytecode signature issue a few days ago which is now fixed (not sure it is related). Did you try freshclam today? if it is still a problem, try 'fresclam --debug' to determine which signature caused the problem. Steve On Fri, May 12, 2017 at 2:25 PM, Kishore Pawarwrote: > No update till now from anyone:(. Appreciate if someone can assist me in > resolving this issue. Thanks in advance. > > On Mon, May 8, 2017 at 10:06 PM, Kishore Pawar wrote: > > > Hello Friends > > > > I am not sure if this is the right place to send the request to the > issues > > that I am facing. > > > > I had ClamAV 0.97.1 running on RHEL (2.6.32-642.6.1.el6.ppc64) on our > IBM > > Power 7 system since many years. Today I upgraded it to ClamAV 0.99.2 > > (Source code). Unfortunately the DB is no loading and giving the > following > > error. I searched online for this error but couldn't find much > information > > on ClamAV, Redhat or IBM. > > > > ERROR: During database load : freshclam: llvm/lib/Target/PowerPC/ > PPCCodeEmitter.cpp:156: > > unsigned int::PPCCodeEmitter::getMachineOpValue(const > > llvm::MachineInstr&, const llvm::MachineOperand&): Assertion > > `MovePCtoLROffset && "MovePCtoLR not seen yet?"' failed. > > ERROR: Database load killed by signal 6 > > ERROR: Failed to load new database > > > > > > > > Appreciate if someone can help me in right direction to get it up and > > running again. Let me know if you need any further information & I'll be > > glad to send it. > > > > Thanks > > Kishore > > > > > ___ > clamav-users mailing list > clamav-users@lists.clamav.net > http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
No update till now from anyone:(. Appreciate if someone can assist me in resolving this issue. Thanks in advance. On Mon, May 8, 2017 at 10:06 PM, Kishore Pawarwrote: > Hello Friends > > I am not sure if this is the right place to send the request to the issues > that I am facing. > > I had ClamAV 0.97.1 running on RHEL (2.6.32-642.6.1.el6.ppc64) on our IBM > Power 7 system since many years. Today I upgraded it to ClamAV 0.99.2 > (Source code). Unfortunately the DB is no loading and giving the following > error. I searched online for this error but couldn't find much information > on ClamAV, Redhat or IBM. > > ERROR: During database load : freshclam: > llvm/lib/Target/PowerPC/PPCCodeEmitter.cpp:156: > unsigned int::PPCCodeEmitter::getMachineOpValue(const > llvm::MachineInstr&, const llvm::MachineOperand&): Assertion > `MovePCtoLROffset && "MovePCtoLR not seen yet?"' failed. > ERROR: Database load killed by signal 6 > ERROR: Failed to load new database > > > > Appreciate if someone can help me in right direction to get it up and > running again. Let me know if you need any further information & I'll be > glad to send it. > > Thanks > Kishore > > ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] ClamAV on RHEL 6.8 (IBM Power 8 -PPC64)
Hello Friends I am not sure if this is the right place to send the request to the issues that I am facing. I had ClamAV 0.97.1 running on RHEL (2.6.32-642.6.1.el6.ppc64) on our IBM Power 7 system since many years. Today I upgraded it to ClamAV 0.99.2 (Source code). Unfortunately the DB is no loading and giving the following error. I searched online for this error but couldn't find much information on ClamAV, Redhat or IBM. ERROR: During database load : freshclam: llvm/lib/Target/PowerPC/PPCCodeEmitter.cpp:156: unsigned int::PPCCodeEmitter::getMachineOpValue(const llvm::MachineInstr&, const llvm::MachineOperand&): Assertion `MovePCtoLROffset && "MovePCtoLR not seen yet?"' failed. ERROR: Database load killed by signal 6 ERROR: Failed to load new database Appreciate if someone can help me in right direction to get it up and running again. Let me know if you need any further information & I'll be glad to send it. Thanks Kishore ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml