Hi there, On Tue, 5 Jan 2016, James Pett wrote:
I have recently been receiving notifications from my server containing an error. The emails content is below: ... Subject: Cron <root@stomp-web> [ ! -f /etc/cron.hourly/0anacron ] && run-parts /etc/cron.daily /etc/cron.daily/freshclam: ERROR: NotifyClamd: Can't find or parse configuration file /etc/clamd.conf ... I have contacted my server administrator and they have informed me that this is an error caused by a ClamAV update ...
Can you share with us the job description of your server administrator? I'd expect any administrator I employed to fix this himself, not to lay blame at the door of some other party. It is after all likely to be an extremely simple issue.
... is this true?
Your description doesn't really give enough information to answer your first question. It seems a strange error to result from any "ClamAV update" but it isn't beyond the realms of possibility. If you're using an operating system 'distribution' it might mean that a package maintainer for the distribution screwed up. In that case I'd expect him to fix it pronto without input from me, as I'd expect legions of users to be in touch with him fairly soon, and that a newer "ClamAV update" would fix the problem. OTOH there's a lot that I don't know about your system. The message appears to be from a regularly scheduled job which is failing for some reason. Has this job been running for some time successfully and recently started failing, or is it a new addition to your server?
If this is the case how does this affect our systems and how do we stop the errors occurring? I would appreciate any help with this and will give any information needed to facilitate achieving a fix.
Whether or not it is the case, it seems likely that something is wrong, and at the very least could be expected to affect your virus database updates. For example they might fail to be applied. Depending on how much you rely on ClamAV, this could be anywhere between almost of no consequence to perfectly dreadful. Again you don't give enough information to answer the question. In short I would rarely worry about a ClamAV problem, I'd simply fix it at my leisure because ClamAV isn't exactly on any critical path. But then I build ClamAV from source and it's only one of a number of tools that I use to scan mail. I rarely use it for anything else. To enable us to give more useful help, please answer (in addition to the two questions I asked above) the following: 1. What is the name and version of the OS distribution you're using? 2. How is the OS kept up-to-date with security patches etc.? 3. What version of ClamAV are you using? 4. Is that the version of ClamAV provided by the distribution's packaging? 5. What else is hosted on this server (email, Web sites, ...)? 6. Are you using ClamAV as a mail scanner? 7. Are you using ClamAV to scan files on the server which hosts it? 8. Are you using ClamAV on the server to provide scanning services for other hosts? 9. Do you have 'root shell' access to the host via something like ssh? -- 73, Ged. _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
