Re: [clamav-users] Question regarding freshclam log entry
J Doe wrote: I note though that man 5 freshclam.conf states that clamd is *NOT* set to update by default, however when I installed the package on Ubuntu 16.04.03 LTS, it has put in 3600 for an update frequency. Between freshclam and clamd there are three options here that operate indpendently: NotifyClamd -> freshclam configuration, tells freshclam where to find the clamd configuration file to look for the clamd socket Checks -> freshclam configuration, tells freshclam how often to check for new signatures SelfCheck -> clamd configuration, tells clamd how often to check and see if the signature files have been updated That said, if freshclam does not notify clamd by default, does that mean if I don’t get the socket problem sorted out that clamd (and more importantly clamav-milter), will still use the most recently downloaded signatures when scanning ? Or does clamd and clamav-milter have to receive an update message via the socket to use the most recent signatures? No; the notification is just a way to get clamd aware of the new signatures faster. Otherwise it will pick them up on its own refresh (SelfCheck). -kgd ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Question regarding freshclam log entry
Hi Noel, > On Feb 22, 2018, at 10:23 AM, Noel Jones wrote: > >> On 2/22/2018 8:29 AM, J Doe wrote: >> >>> Hello, >>> >>> I recently installed ClamAV 0.99.3 on a Ubuntu 16.04.03 LTS server and >>> utilize it as a milter for Postfix v. 3.1.0. >>> >>> When freshclam runs according to its’ cron job and successfully downloads >>> an update, it leaves the following note in the freshclam log: >>> >>> WARNING: clamd was NOT notified: Can’t connect to clamd through >>> /var/spool/postfix/var/run/clamav/clamd.sock >>> >>> My initial thought was a simple permissions error, so I checked the >>> permissions to the clamd.sock socket: >>> >>> drwxr-xr-xclamav clamav/var/spool/postfix/var/run/clamav >>> srw-rw-rwclamav clamav/var/spool/postfix/var/run/clamd.sock > > This path doesn't match the error message above. > >>> >>> $ sudo -u clamav namei -m /var/spool/postfix/var/run/clamav/clamd.sock > > Yet this path does. > >>> I’m pretty sure this is a minor mistake on my part; can anyone suggest a >>> solution ? > > Check your paths in clamd.conf and freshclam.conf carefully. It's > likely they don't match. > > -- Noel Jones Oops. You’re right - those paths did not match. /etc/clamav/freshclam.conf is set to read clamd’s configuration file when a update is successfully downloaded for the signature database. When I check the path in /etc/clamav/clamd.conf it points to the correct path to the socket: /var/spool/postfix/var/run/clamav/clamd.sock I verified that freshclam runs as clamav via ps aux, so performing the namei test again works: $ sudo -u clamav namei -m /var/spool/postfix/var/run/clamav/clamd.sock The file permissions on the socket are: drwxr-xr-xclamav clamav /var/spool/postfix/var/run/clamav/ srw-rw-rwclamav clamav /var/spool/postfix/var/run/clamav/clamd.sock I note though that man 5 freshclam.conf states that clamd is *NOT* set to update by default, however when I installed the package on Ubuntu 16.04.03 LTS, it has put in 3600 for an update frequency. That said, if freshclam does not notify clamd by default, does that mean if I don’t get the socket problem sorted out that clamd (and more importantly clamav-milter), will still use the most recently downloaded signatures when scanning ? Or does clamd and clamav-milter have to receive an update message via the socket to use the most recent signatures ? Thanks, - J ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Question regarding freshclam log entry
On 2/22/2018 8:29 AM, J Doe wrote: > >> Hello, >> >> I recently installed ClamAV 0.99.3 on a Ubuntu 16.04.03 LTS server and >> utilize it as a milter for Postfix v. 3.1.0. >> >> When freshclam runs according to its’ cron job and successfully downloads an >> update, it leaves the following note in the freshclam log: >> >> WARNING: clamd was NOT notified: Can’t connect to clamd through >> /var/spool/postfix/var/run/clamav/clamd.sock >> >> My initial thought was a simple permissions error, so I checked the >> permissions to the clamd.sock socket: >> >> drwxr-xr-xclamav clamav/var/spool/postfix/var/run/clamav >> srw-rw-rwclamav clamav/var/spool/postfix/var/run/clamd.sock This path doesn't match the error message above. >> >> $ sudo -u clamav namei -m /var/spool/postfix/var/run/clamav/clamd.sock Yet this path does. >> I’m pretty sure this is a minor mistake on my part; can anyone suggest a >> solution ? Check your paths in clamd.conf and freshclam.conf carefully. It's likely they don't match. -- Noel Jones ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
Re: [clamav-users] Question regarding freshclam log entry
> Hello, > > I recently installed ClamAV 0.99.3 on a Ubuntu 16.04.03 LTS server and > utilize it as a milter for Postfix v. 3.1.0. > > When freshclam runs according to its’ cron job and successfully downloads an > update, it leaves the following note in the freshclam log: > > WARNING: clamd was NOT notified: Can’t connect to clamd through > /var/spool/postfix/var/run/clamav/clamd.sock > > My initial thought was a simple permissions error, so I checked the > permissions to the clamd.sock socket: > > drwxr-xr-xclamav clamav/var/spool/postfix/var/run/clamav > srw-rw-rwclamav clamav/var/spool/postfix/var/run/clamd.sock > > $ sudo -u clamav namei -m /var/spool/postfix/var/run/clamav/clamd.sock > > ...which successfully accesses the socket. > > Some Googling showed some results but mostly related to older versions of > clamd (a couple of years back). > > I’m pretty sure this is a minor mistake on my part; can anyone suggest a > solution ? > > Thanks, > > - J Hello, Just wondering if anyone has any advice regarding this issue. Thanks, - J ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
[clamav-users] Question regarding freshclam log entry
Hello, I recently installed ClamAV 0.99.3 on a Ubuntu 16.04.03 LTS server and utilize it as a milter for Postfix v. 3.1.0. When freshclam runs according to its’ cron job and successfully downloads an update, it leaves the following note in the freshclam log: WARNING: clamd was NOT notified: Can’t connect to clamd through /var/spool/postfix/var/run/clamav/clamd.sock My initial thought was a simple permissions error, so I checked the permissions to the clamd.sock socket: drwxr-xr-xclamav clamav/var/spool/postfix/var/run/clamav srw-rw-rwclamav clamav/var/spool/postfix/var/run/clamd.sock $ sudo -u clamav namei -m /var/spool/postfix/var/run/clamav/clamd.sock ...which successfully accesses the socket. Some Googling showed some results but mostly related to older versions of clamd (a couple of years back). I’m pretty sure this is a minor mistake on my part; can anyone suggest a solution ? Thanks, - J ___ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
