On 7/6/10 11:59 PM, JD wrote:
On 07/06/2010 05:57 PM, Dennis Peterson wrote:
Now that we see you have a discrepancy we need to know where it is. run
clamconf |less then look through the output to find the two lines above. The
output includes the configuration of clamd, freshclam, and clamav-milter. If
it makes no sense then run "clamconf >/tmp/clamconf.txt" and post it
(clamconf.txt) here. The clamconf.txt file will be in your /tmp directory.
Then check the permissions on /var/tmp to see if your clam user can write to it.
dp
OK.
clamconf.txt attached
Serious problems here. Let's look first at your as-built configuration. This is
from your config.
This is how it was built.
Build information
-----------------
--sysconfdir=/etc
--with-dbdir=/var/clamav
--with-user=clamav
--enable-milter
The builder expects the clamd.conf and freshclam.conf files will be placed in
/etc. The builder expects your database directory is /var/clamav. This is at
odds with your clamd.conf and freshclam.conf files. More importantly, your
clamd.conf and freshclam.conf files are at odds with each other. The conf files
have the last word on where the database directory is provided your executables
can find the conf files. They will look in /etc. If the conf files are not
there, the binaries will default to the builder's locations. It's probably a
good thing if the builder and the conf files agree on this location.
That location also needs to be written to by the clamav user which is defined as
"clamav" above. Your job is to make sure that user exists on your system.
Software settings
-----------------
Version: 0.96.1
Optional features supported: MEMPOOL IPv6 CLAMUKO AUTOIT_EA06 BZIP2 RAR
Database directory: /var/lib/clamav
WARNING: freshclam.conf and clamd.conf point to different database directories
This tells us that your database directory should be /var/lib/clamav and that
freshclam.conf and clamd.conf don't agree on this. As noted, this is not where
the builder thinks it should be. You can resolve this, or accept responsibility
by setting it in the conf files. Make sure the conf files agree, and that user
clamav has read/write permission to the directory, and owns all the files there.
Config file: clamd.conf
-----------------------
LogFile = "/var/log/clamav/clamd.log"
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory = "/var/tmp"
DatabaseDirectory = "/var/clamav"
LocalSocket = "/var/run/clamav/clamd.sock"
Event = "/bin/echo "VIRUS ALERT: %v" >> /var/log/VIRUSES.log"
Lots of directories here. All need to be writable by user clamav but likely are
not. Some may be. They all need to exist. Notice the location of the
TemporaryDirectory - that answers your earlier question. The Event definition
requires write access by clamav to /var/log/ unless a writable file
"VIRUSES.log" already exists. If it does not then you need to create it and
ensure user clamav can write to it.
Config file: freshclam.conf
---------------------------
PidFile = "/var/run/freshclam.pid"
DatabaseDirectory = "/var/lib/clamav"
UpdateLogFile = "/var/log/freshclam.log"
NotifyClamd = "/path/to/clamd.conf"
Notice the PidFile is in a different directory than is defined for clamd. Pick a
location and stay with it. Notice too the DatabaseDirectory is not the same as
for clamd. These need to be the same, read/writable by user clamav.
The NotifyClamd path does not point to your clamd.conf file "/etc/clamd.conf".
Freshclam uses this information to discover the socket info needed to
communicate with clamd.
I don't know if you are using clamav-milter so haven't commented on that, but
the clamav-milter.conf file is where the disabled database directory alert came
from.
You're pretty close to wrapping this up.
dp
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml
