[Mimedefang] Problem using ClamAV

[Aniruddha Barua]

Hi Philip,

If SELINUX is enabled in your system, try after disabling it, also the little annoyance might go away.


--Aniruddha Barua.


>________________________________
>From: Philip Prindeville <philipp_subx at redfish-solutions.com>
>To: mimedefang at lists.roaringpenguin.com
>Cc: enrico.scholz at informatik.tu-chemnitz.de
>Sent: Sunday, November 13, 2011 1:45 AM
>Subject: [Mimedefang] Problem using ClamAV
>
>I'm running mimedefang 2.72 on Fedora 15.  I've installed the packaged clamav:
>
>[root at mail clamav-server-0.97.3]# rpm -qa clamav\*
>clamav-0.97.3-1500.fc15.x86_64
>clamav-lib-0.97.3-1500.fc15.x86_64
>clamav-update-0.97.3-1500.fc15.x86_64
>clamav-server-sysvinit-0.97.3-1500.fc15.noarch
>clamav-data-empty-0.97.3-1500.fc15.noarch
>clamav-filesystem-0.97.3-1500.fc15.noarch
>clamav-server-0.97.3-1500.fc15.x86_64
>[root at mail clamav-server-0.97.3]#
>
>And configured it, having copied over the sample config file:
>
>[root at mail clamav-server-0.97.3]# egrep '^(User|LocalSocket|PidFile|LogFile) ' /etc/clamd.d/default.conf
>LogFile /var/log/clamd.default
>PidFile /var/run/clamd.default/clamd.pid
>LocalSocket /var/run/clamd.default/clamd.sock
>User defang
>[root at mail clamav-server-0.97.3]#
>
>
>And tweaked mimedefang:
>
>[root at mail clamav-server-0.97.3]# grep '^\$ClamdSock' /usr/bin/mimedefang.pl
>$ClamdSock  = '/var/run/clamd.default/clamd.sock';
>[root at mail clamav-server-0.97.3]#
>
>Started clamd and mimedefang:
>
>[root at mail clamav-server-0.97.3]# ls -lRd /var/run/clamd.default /var/run/clamd.default/*
>drwxr-xr-x. 2 defang defang 80 Nov 11 18:49 /var/run/clamd.default
>-rw-rw-r--. 1 defang defang  5 Nov 11 18:49 /var/run/clamd.default/clamd.pid
>srw-rw-rw-. 1 defang defang  0 Nov 11 18:49 /var/run/clamd.default/clamd.sock
>[root at mail clamav-server-0.97.3]#
>
>But here's what I see:
>
>Nov 11 20:50:15 localhost mimedefang.pl[24747]: pAC3o9T3024771: Could not connect to clamd daemon at /var/run/clamd.default/clamd.sock (Permission denied)
>Nov 11 20:50:15 localhost mimedefang.pl[24747]: pAC3o9T3024771: Problem running virus scanner: code=999, category=cannot-execute, action=tempfail
>Nov 11 20:50:15 localhost mimedefang.pl[24747]: pAC3o9T3024771: filter: pAC3o9T3024771:  tempfail=1
>Nov 11 20:50:15 localhost mimedefang[24764]: pAC3o9T3024771: Tempfailing because filter instructed us to
>Nov 11 20:50:15 localhost sendmail[24771]: pAC3o9T3024771: Milter: data, reject=451 4.3.0 Problem running virus-scanner
>
>
>Seems to be here:
>
>    # PING/PONG test to make sure clamd is alive
>    $sock = IO::Socket::UNIX->new(Peer => $clamd_sock);
>
>    if (!defined($sock)) {
>        # md_syslog('err', "Could not connect to clamd daemon at $clamd_sock");
>        md_syslog('err', "Could not connect to clamd daemon at $clamd_sock ($!)");
>        return (wantarray ? (999, 'cannot-execute', 'tempfail') : 999);
>    }
>
>
>that the failure is happening.
>
>Also, a minor annoyance, seeing:
>
>ERROR: Problem with internal logger (UpdateLogFile = /var/log/freshclam.log).
>ERROR: Can't open /var/log/freshclam.log in append mode (check permissions!).
>
>from cron.
>
>[root at mail clamav-server-0.97.3]# ls -l /var/log/freshclam.log
>-rw-rw-r--. 1 root clamupdate 746 Nov 11 11:17 /var/log/freshclam.log
>[root at mail clamav-server-0.97.3]#
>
>so the file is being written to... not sure why I'm seeing this message either.
>
>Any pointers appreciated.  I already read:
>
>http://72.14.189.113/howto/mimedefang/clamav/
>
>but it's either out-of-date or I'm missing something Fedora specific.
>
>I also noticed that there's no "clamav" id created on my system by default.
>
>-Philip
>_______________________________________________
>NOTE: If there is a disclaimer or other legal boilerplate in the above
>message, it is NULL AND VOID.  You may ignore it.
>
>Visit http://www.mimedefang.org and http://www.roaringpenguin.com
>MIMEDefang mailing list MIMEDefang at lists.roaringpenguin.com
>http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
>
>
>