Freshclam can't write to its logfile, (it used to work). After chowning the
offending files, I got another message simply stating that it could not
connect. I assume it can't find the correct clamd.sock to connect to, but I
yet have to find in which configuration file this is defined.
At the moment I fear that I've got 2 clamd (one through Amavis and one that
seemed to be there all of the sudden) daemons and that freshclam gets
confused.
How should I proceed?
Thanks for any insights you might provide me with.
Attached below is all relevant information I could find (at the bottom are
the smaller config files)
===
I'm having an issue with my ClamAV, I was using it in combination with
Amavis, but I'm afraid after updating I now have 2 services running which
both identify as ClamAV daemons, breaking the freshclam update process and
causing other errors.
This is a live server, and I don't really have an idea of where to start
looking. Attached as much information as I could collect.
Error message:
--
/etc/cron.daily/freshclam:
ERROR: Problem with internal logger (UpdateLogFile =
/var/log/clamav/freshclam.log).
ERROR: Can't open /var/log/clamav/freshclam.log in append mode (check
permissions!).
Checking out said folder: (the owner is indeed wrong)
-
cd /var/log/clamav/
-rw-r--r--. 1 clam clam 0 jun 2 03:50 clamd.log
-rw-r--r--. 1 clamav clamav 59314 mei 12 03:13 clamd.log-20130512
-rw-r--r--. 1 clamav clamav 59926 mei 19 04:41 clamd.log-20130519
-rw-r--r--. 1 clamav clamav 40383 mei 24 16:43 clamd.log-20130526
-rw-r--r--. 1 clamav clamav 3295 mei 29 11:17 clamd.log-20130602
-rw-r--r--. 1 clam clam 0 jun 2 03:50 freshclam.log
-rw-r--r--. 1 clamav clamav 6006 mei 12 03:13 freshclam.log-20130512
-rw-r--r--. 1 clamav clamav 5940 mei 19 04:41 freshclam.log-20130519
-rw-r--r--. 1 clamav clamav 3733 mei 26 03:50 freshclam.log-20130526
-rw-r--r--. 1 clamav clamav 6274 jun 2 03:50 freshclam.log-20130602
Troubleshooting attempt as per the FAQ
--
[bob@pluto ~]$ whereis freshclam
freshclam: /usr/bin/freshclam /etc/freshclam.conf
/usr/share/man/man1/freshclam.1.gz
[bob@pluto ~]$ whereis clamav
clamav: /usr/include/clamav.h /usr/share/clamav
[bob@pluto ~]$ whereis clamd
clamd: /usr/sbin/clamd /usr/sbin/clamd.amavisd /etc/clamd.d /etc/clamd.conf
/usr/share/man/man8/clamd.8.gz
===
After chown'ing the clamd.log and freshclam.log to clamav:clamav, it would
throw another error the next day.
But this doesn't treat the problem, just one of its symptoms. (as in time a
new 'bad' owned log will pop up)
===
New error message after chown'ing: (I assume it's trying to connect to the
clamd.sock, which isn't where it expects it to be)
/etc/cron.daily/freshclam:
connect(): No such file or directory
===
Contents of /etc/cron.daily/freshclam:
#!/bin/sh
### A simple update script for the clamav virus database.
### This could as well be replaced by a SysV script.
### fix log file if needed
LOG_FILE=/var/log/clamav/freshclam.log
if [ ! -f $LOG_FILE ]; then
touch $LOG_FILE
chmod 644 $LOG_FILE
chown clamav.amavis $LOG_FILE
fi
/usr/bin/freshclam \
--quiet \
--datadir=/var/lib/clamav \
--log=$LOG_FILE
Contents of related files that might provide insight:
-
/etc/clamd.conf (there's also a clamd.conf.rpmsave, clamd.conf.rpmnew)
## Example config file for the Clam AV daemon
## Please read the clamd.conf(5) manual before editing this file.
##
# Comment or remove the line below.
#Example
# Uncomment this option to enable logging.
# LogFile must be writable for the user running daemon.
# A full path is required.
# Default: disabled
LogFile /var/log/clamav/clamd.log
# By default the log file is locked for writing - the lock protects
against
# running clamd multiple times (if want to run another clamd, please
# copy the configuration file, change the LogFile variable, and run
# the daemon with --config-file option).
# This option disables log file locking.
# Default: no
#LogFileUnlock yes
# Maximum size of the log file.
# Value of 0 disables the limit.
# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes)
# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the
size
# in bytes just don't use modifiers.
# Default: 1M
LogFileMaxSize 0
# Log time with each message.
# Default: no
LogTime yes
# Also log clean files. Useful in debugging but drastically increases
the
# log size.
# Default: no
#LogClean