On Mon, May 24, 2004 at 03:50:34PM -0700, Harrell, Roger wrote: > > >> I've been trying to get clamav installed for a while now. I've been > > having > > >> trouble with clamd. It is installed and running, but clamdscan fails. I > > was > > >> not getting logging until recently. I just got the logging working and > am > > >> now getting: > > >> @4000000040b2314c215aac64 ERROR: Can't open /dev/stderr in append mode. > > >> @4000000040b2314d23a6afa4 ERROR: Problem with internal logger. Please > check > > >> the permissions on the /dev/stderr file. > > >Well, what are the permissions, and what user is clamav running as (i.e., > >does that user have r/w perms on /dev/stderr)? > > clamd running as gqscanq. /dev/stderr is lrwxrwxrwx. > > Roger > > > ------------------------------------------------------- > This SF.Net email is sponsored by: Oracle 10g > Get certified on the hottest thing ever to hit the market... Oracle 10g. > Take an Oracle 10g class now, and we'll give you the exam FREE. > http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click > _______________________________________________ > Clamav-users mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/clamav-users If you walk through the following steps, your trouble should be repaired. As you have not shared your full clamav and procmail configuration, I will be as comprehensive as possible.
Adjust /etc/clamav.conf as follows (keep commented lines commented out). I have
skipped lines that do not pertain to your trouble:
LogFile /tmp/clamd.log
# LogFileUnlock
LogTime
LogClean
LogSyslog
LogVerbose
# for now anyway
PidFile /var/run/clamav/clamd.pid
TemporaryDirectory /tmp
# /var/run/clamav/clamd.socket
LocalSocket /tmp/clamd
FixStaleSocket
User clamav
# or whatever, but user must exist with ownership of clamav and permissions accordingly
# Done.
NOW, adjust /etc/procmailrc (system-wide) or ~/.procmailrc (user-specific) accordingly:
:0 fw
| /usr/local/bin/clamassassin
:0:
* ^X-Virus-Status: Infected
# I use "Infected," but check /usr/local/bin/clamassassin. You can adjust that script
to insert what language you prefer.
mail.virus
# above line may also be a file such as "/var/spool/mail/infected" or whatever you
want. This depends on personal pref and whether or not you want user/sender
notification. Note: sender notification is of little value today.
LAST but not least, adjust /tmp/clamd.log to the following permissions:
rw-r-----
Kill clamd and restart.
Run tail -f /var/log/messages
If you don't have read permission to do this, you will have to sudo or su to view this
(of course, this I assume you know).
I hope this helps.
Regards,
--
John Lalla
Santa Barbara CA
.~. _
/v\ -o)
no gates... /( )\ /\\ running GNU/Linux
no windows! ^^^^^ _\_v free at last!
"Only those who attempt the absurd can achieve the impossible."
"Those who would trade liberty for security deserve neither."
- Benjamin Franklin
pgpDrHDwHdUoq.pgp
Description: PGP signature
