Re: [Clamav-users] Re: no socket
On 4/13/05, Kurt Albershardt [EMAIL PROTECTED] wrote: Why does it return a status of 'started' when I query it? That's the OS scripts doing that, not clamd itself. I'd suggest that the most likely issue is permissions - check that the user you're running it as has the correct permissions (ie owner with read/write) for the log directory and files AND the database directory and files. -- Please keep list traffic on the list. Rob MacGregor Whoever fights monsters should see to it that in the process he doesn't become a monster. Friedrich Nietzsche ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Re: no socket
René Berber wrote: Kurt Albershardt wrote: I'm not able to see a socket created, either when I use /var/tmp/clamav or when I configure as /var/run/clamav/clamd.sock (after creating the clamav directory and changing permissions appropriately.) Try: lsof -p `pidof clamd` lsof -p `pidof clamd` lsof: no process ID specified And since there's no socket or pid created (despite options calling for such) I don't see anything in ps: # /etc/init.d/clamd status * status: started # ps -fade|grep clam clamav7046 1 0 Apr11 ?00:00:00 /usr/bin/freshclam -d -c 2 -l /var/log/clam-update.log root 19482 18678 0 11:48 pts/000:00:00 grep clam first look at the log, it should be in /var/log/clamd.log but it could be somewhere else (even syslog or disabled) depending on your clamd.conf (LogFile ..., LogSyslog ... LogVerbose). Just a zero-length log file from clamd, and freshclam logs in two different places depending on whether it's called from clamd or from the cron job. Cron job logs where the config file specifies, but when clamd calls freshclam on startup, it uses clam-update.log (which I don't find mentioned in any of the config files or in the startup script--is it hardcoded?) # ls -l /var/log total 10135 -rw-r--r-- 1 clamav clamav 5117 Apr 12 11:52 clam-update.log -rw-r--r-- 1 clamav clamav0 Apr 11 20:21 clamd.log drwxr-xr-x 2 rootroot 48 Nov 2 23:21 cups -rw-rw 1 portage portage 229815 Apr 12 11:45 emerge.log -rw-r--r-- 1 clamav clamav 39 Apr 11 20:18 freshclam.log From freshclam.log: UpdateLogFile /var/log/freshclam.log From clamd.conf: LogFile /var/log/clamd.log LogTime #LogSyslog PidFile /var/run/clamd.pid LocalSocket /tmp/clamd FixStaleSocket BTW, when starting/stopping clamd, I see a notification for freshclam only: # /etc/init.d/clamd start [ ok ]ing freshclam... # /etc/init.d/clamd stop [ ok ]ing freshclam... ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Re: no socket
Kurt Albershardt wrote:
[snip]
lsof -p `pidof clamd`
lsof: no process ID specified
Clamd is not running.
[snip]
Just a zero-length log file from clamd, and freshclam logs in two
different places depending on whether it's called from clamd or from the
cron job. Cron job logs where the config file specifies, but when clamd
calls freshclam on startup, it uses clam-update.log (which I don't find
mentioned in any of the config files or in the startup script--is it
hardcoded?)
No. But that's the name used in the manual, freshclam.log is the default in the
configuration file... probably a previous installation used the instructions on
the manual.
Was clamav installed using emerge?
The first thing to check is Rob's suggestion, you may have a second clamav
installation perhaps in /usr/local/{bin, sbin, etc}.
# ls -l /var/log
total 10135
-rw-r--r-- 1 clamav clamav 5117 Apr 12 11:52 clam-update.log
-rw-r--r-- 1 clamav clamav0 Apr 11 20:21 clamd.log
drwxr-xr-x 2 rootroot 48 Nov 2 23:21 cups
-rw-rw 1 portage portage 229815 Apr 12 11:45 emerge.log
-rw-r--r-- 1 clamav clamav 39 Apr 11 20:18 freshclam.log
From freshclam.log:
UpdateLogFile /var/log/freshclam.log
What about /etc/freshclam.conf?
From clamd.conf:
LogFile /var/log/clamd.log
LogTime
#LogSyslog
PidFile /var/run/clamd.pid
LocalSocket /tmp/clamd
FixStaleSocket
Looks OK, but the startup script is not starting clamd, so you'll have to check
that script.
BTW, when starting/stopping clamd, I see a notification for freshclam only:
# /etc/init.d/clamd start
[ ok ]ing freshclam...
# /etc/init.d/clamd stop
[ ok ]ing freshclam...
This confirms that freshclam is run as a daemon by that script, that's what you
saw with ps. You'll have to disable the cron job.
To see what happens with clamd try to duplicate what the script does to start
it.
--
René Berber
___
http://lurker.clamav.net/list/clamav-users.html
Re: [Clamav-users] Re: no socket
On Apr 11, 2005, at 22:20, Kurt Albershardt wrote: 0.83 on Gentoo Linux I'm not able to see a socket created, either when I use /var/tmp/clamav or when I configure as /var/run/clamav/clamd.sock (after creating the clamav directory and changing permissions appropriately.) Works fine on an old RH8 box, I've diffed the clamd.conf files and there is nothing notably different. Where to look? Is there a verbose startup mode for the daemon? try using: lsof -c command here are actual examples. daleenterprise:~ root# lsof -c clamd COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME clamd 443 mailtransport cwd VDIR 14,2 96002 / (/dev/disk0s3) clamd 443 mailtransport0u unix 0x039134f0 0t0 /var/clamav/clamd.sock clamd 443 mailtransport1w VCHR3,2 0t0 54212356 /dev/null clamd 443 mailtransport2w VCHR3,2 0t0 54212356 /dev/null clamd 443 mailtransport3r 0x032d8688 file struct, ty=0x3, op=0x3167f4 clamd 443 mailtransport4w VREG 14,280335 7190019 /private/var/log/mailtransport/clamd.log clamd 443 mailtransport5w VCHR3,2 0t0 54212356 /dev/null daleenterprise:~ root# lsof -c freshclam COMMAND PID USER FD TYPE DEVICE SIZE/OFFNODE NAME freshclam 357 mailtransport cwd VDIR 14,2 512 2255453 /usr/share/clamav freshclam 357 mailtransport0r 0x032d86f4 file struct, ty=0x3, op=0x3167f4 freshclam 357 mailtransport3w VREG 14,217155 7190022 /private/var/log/mailtransport/freshclam.log daleenterprise:~ root# -- Dale ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Re: no socket
Rob MacGregor wrote: On Apr 12, 2005 5:01 PM, Kurt Albershardt [EMAIL PROTECTED] wrote: And since there's no socket or pid created (despite options calling for such) I don't see anything in ps: # /etc/init.d/clamd status * status: started # ps -fade|grep clam clamav7046 1 0 Apr11 ?00:00:00 /usr/bin/freshclam -d -c 2 -l /var/log/clam-update.log root 19482 18678 0 11:48 pts/000:00:00 grep clam Which says that clamd isn't starting. Why does it return a status of 'started' when I query it? And that suggests you've got multiple installations of clamav on your system, which is quite probably the cause of your problems. No, just one install. ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Re: no socket
René Berber wrote: From freshclam.log: UpdateLogFile /var/log/freshclam.log What about /etc/freshclam.conf? Sorry--fumblefingered that one. It was from /etc/freshclam.conf of course. when starting/stopping clamd, I see a notification for freshclam only: # /etc/init.d/clamd start [ ok ]ing freshclam... # /etc/init.d/clamd stop [ ok ]ing freshclam... This confirms that freshclam is run as a daemon by that script, that's what you saw with ps. You'll have to disable the cron job. Thanks, that helps. ___ http://lurker.clamav.net/list/clamav-users.html
[Clamav-users] Re: no socket
Kurt Albershardt wrote: 0.83 on Gentoo Linux I'm not able to see a socket created, either when I use /var/tmp/clamav or when I configure as /var/run/clamav/clamd.sock (after creating the clamav directory and changing permissions appropriately.) Works fine on an old RH8 box, I've diffed the clamd.conf files and there is nothing notably different. Try: lsof -p `pidof clamd` Where to look? Is there a verbose startup mode for the daemon? Yes, but first look at the log, it should be in /var/log/clamd.log but it could be somewhere else (even syslog or disabled) depending on your clamd.conf (LogFile ..., LogSyslog ... LogVerbose). And the answer to your question is (you probably guessed it already) option LogVerbose. -- René Berber ___ http://lurker.clamav.net/list/clamav-users.html
