Topic: Clamav install bug?

[psoren]

Hi

I have just installed clamav on a fresh install with the "knuddi" script from Swerts Knudsen, and i got this error:

[root@perserver amavis-ng]# service clamd start
Starting clamd: ERROR: Can't open/parse the config file /etc/clamd.conf
                                                           [ FAILED ]

I renamed the file /etc/clamav.conf to clamd.conf and then it works. But the Q is where is the problem coming from, i can't tell can anyone else?

Per

[Thomas]

I am getting the same error message.  Did you find a fix?

[smeghead]

When clam 0.80 is installed it is configured to use /etc/clamd.conf not /etc/clamav.conf.

The old folder location of /etc/e-smith/templates/etc/clamav.conf folder is setup instead of the new /etc/e-smith/templates/etc/clamd.conf folder that is required for this 0.80 build.

What is we need is for the clam rpms to be rebuilt to use clamav.conf or for the install script within the rpm to setup the new folder structure not the old one.

A workaround is to copy the /etc/e-smith/templates/etc/clamav.conf folder to /etc/e-smith/templates/etc/clamd.conf and then to expand the clamd.conf file:

/sbin/e-smith/expand-template /etc/clamd.conf

The default freshclam conf file has an Example directive in it which prevents freshclam from executing properly until it is removed; just expand this template as well:

/sbin/e-smith/expand-template /etc/freshclam.conf

then these commands should work and antivirus scanning will be available

freshclam -v
service clamd start

Test this out before going live but it should be OK as it just a collection of the stuff I did to make it work.

I have updated jespers script with these mods if anyone wants to test this for me (my test server is down at the moment) - I will post it in here and those that want can copy and paste; my changes are commented:


#!/bin/sh

#############################################################################
#
# This Antivirus installation script has been developed
# by Jesper Knudsen at http://sme.swerts-knudsen.dk
#
# It installs ClamAv and Amavis-ng and ensures that the virus database is
# kept updated on an hourly basis
#
# Revision History:
#
# Aug 29, 2004:         Initial revision history.
#############################################################################


clear
echo "========================================================"
echo "= Antivirus Installation Script                        ="
echo "=                                                      ="
echo "= This script will install Antivirus on your system    ="
echo "= provide you with a server-manager panel for          ="
echo "= configuration.                                       ="
echo "=                                                      ="
echo "= No express or implied warranties are provided and its="
echo "= usage is at your own risk.                           ="
echo "=                                                      ="
echo "= If you feel confortable with the above then press    ="
echo "= enter if not pres Ctrl+C to abort the installation   ="
echo "= script.                                              ="
echo "=                                                      ="
echo "========================================================"
read x
clear
echo "Checking for existing installations.... Please wait!"

#prepare a download directory in /root
cd /root
mkdir antivirus_install
cd antivirus_install

rpm -qa > rpmlist

IS_SME60=pic rpmlist | grep -c SMEServer-6.0

if [ $IS_SME60 -eq 1 ]
then
echo "Installing ClamAntivirus on SME 6.0....."
else
echo "This installation only supports SME 6.0.x - Exiting..."
cd /root
rm -rf antivirus_install
exit
fi

# is this an update of an older installation?
IS_UPDATE=grep -c clamav- rpmlist

if [ $IS_UPDATE -ne 0 ]
then
clear
echo "========================================================"
echo "= Clam Antivirus Already Installed !!                  ="
echo "=                                                      ="
echo "= This script will now try upgrade from an older       ="
echo "= installation. If you did not install from an older   ="
echo "= version of a script from sme.swerts-knudsen.dk       ="
echo "= this might break your installation!!!                ="
echo "=                                                      ="
echo "= If you feel confortable with the above then press    ="
echo "= enter if not pres Ctrl+C to abort the installation   ="
echo "= script.                                              ="
echo "=                                                      ="
echo "========================================================"
read x
clear

AV=cat rpmlist | grep e-smith-antivirus
if [ cat rpmlist | grep -c e-smith-antivirus -ne 0 ]
then
echo "Upgrade ClamAV failed - e-smith-antivirus from pagefault.org installed."
echo "uninstall e-smith-antivirus first by rpm -e $AV"
cd /root
rm -rf antivirus_install
exit
fi

if [ cat rpmlist | grep -c sme-antivirus -ne 0 ]
then
FILE=grep sme-antivirus rpmlist
echo "$FILE being uninstalled to prepare for upgrade...."
rpm -e $FILE
fi

# then remove the old ClamAV  files
FILE=grep clamav- rpmlist
echo "$FILE being uninstalled to prepare for upgrade...."
service clamd stop
rpm -e $FILE

if [ rpm -qa | grep -c clamav- -ne 0 ]
then
echo "Unistall of ClamAV failed - You need to uninstall manually - sorry"
cd /root
rm -rf antivirus_install
exit
else
echo "Uninstall of ClamAV successful..."
fi

# remove the old log as its not compatible
rm /var/log/clamav/freshclam.log

fi #IS_UPDATE


# determine download server....

mkdir downloadtest
cd downloadtest

PRIMARY=http://mirror.contribs.org/smeserver/contribs/swerts-knudsen/AntiVirus
SECONDARY=http://sme.swerts-knudsen.dk/downloads/AntiVirus

wget -q --timeout=4 $PRIMARY
if [ -f index.html ]
then
# download from primary site OK
SITE=$PRIMARY
else
wget -q --timeout=4 $SECONDARY
if [ -f index.html ]
then
# download from mirror site
SITE=$SECONDARY
fi
fi
echo "Downloading RPMs from $SITE"
cd ..
rm -rf downloadtest

#First download the ClamAV
wget $SITE/clamav-es-libs-0.80-es01.i386.rpm
wget $SITE/clamav-es-0.80-es01.i386.rpm

#Then get all the perl modules if they are not already installed

if [ pic rpmlist | grep perl-DateManip | wc -l -eq 0 ]
then
wget $SITE/perl-DateManip-5.40-15.i386.rpm
fi
if [ pic rpmlist | grep perl-Archive-Tar-1.1 | wc -l -eq 0 ]
then
wget $SITE/perl-Archive-Tar-1.10-1.noarch.rpm
fi
if [ pic rpmlist | grep perl-Archive-Zip-1.1 | wc -l -eq 0 ]
then
wget $SITE/perl-Archive-Zip-1.12-1.noarch.rpm
fi
if [ pic rpmlist | grep perl-Compress-Zlib-1.3 | wc -l -eq 0 ]
then
wget $SITE/perl-Compress-Zlib-1.33-1.i386.rpm
fi
if [ pic rpmlist | grep perl-Config-IniFiles | wc -l -eq 0 ]
then
wget $SITE/perl-Config-IniFiles-2.38-1.i386.rpm
fi
if [ pic rpmlist | grep perl-Convert-TNEF | wc -l -eq 0 ]
then
wget $SITE/perl-Convert-TNEF-0.17-1.i386.rpm
fi
if [ pic rpmlist | grep perl-Convert-UUlib-1 | wc -l -eq 0 ]
then
wget $SITE/perl-Convert-UUlib-1.03-1.i386.rpm
fi
if [ pic rpmlist | grep perl-File-MMagic | wc -l -eq 0 ]
then
wget $SITE/perl-File-MMagic-1.22-1.i386.rpm
fi
if [ pic rpmlist | grep perl-IO-stringy | wc -l -eq 0 ]
then
wget $SITE/perl-IO-stringy-2.108-1.i386.rpm
fi
if [ pic rpmlist | grep perl-MIME-tools | wc -l -eq 0 ]
then
wget $SITE/perl-MIME-tools-5.411a-1.i386.rpm
fi
if [ pic rpmlist | grep perl-MailTools-1.61 | wc -l -eq 0 ]
then
wget $SITE/perl-MailTools-1.61-1.i386.rpm
fi
if [ pic rpmlist | grep perl-libnet | wc -l -eq 0 ]
then
wget $SITE/perl-libnet-1.13-1.i386.rpm
fi
if [ pic rpmlist | grep maildrop | wc -l -eq 0 ]
then
wget $SITE/maildrop-1.3.0-1.7.0.i386.rpm
fi

#Then Amavis-ng
if [ pic rpmlist | grep amavis-ng | wc -l -eq 0 ]
then
wget $SITE/amavis-ng-0.1.6.4-03dc.noarch.rpm
fi

# now the re-inserts module
if [ pic rpmlist | grep qmail-bsmtp-0 | wc -l -eq 0 ]
then
wget $SITE/qmail-bsmtp-0.1-1.noarch.rpm
fi

#Then all the packaging tools
if [ pic rpmlist | grep arc-5 | wc -l -eq 0 ]
then
wget $SITE/arc-5.21e-4.i386.rpm
fi
if [ pic rpmlist | grep lha | wc -l -eq 0 ]
then
wget $SITE/lha-1.14i-4.2rm.i386.rpm
fi
if [ pic rpmlist | grep unarj | wc -l -eq 0 ]
then
wget $SITE/unarj-2.43-6.1rm.i386.rpm
fi
if [ pic rpmlist | grep unrar | wc -l -eq 0 ]
then
wget $SITE/unrar-2.71-1.1rm.i386.rpm
fi
if [ pic rpmlist | grep zoo | wc -l -eq 0 ]
then
wget $SITE/zoo-2.10-4.1rm.i386.rpm
fi

# now get the AntiVirus panel
wget $SITE/sme-antivirus-1.0.1-1.noarch.rpm

# delete the old Clam Cron job
if [ -e /etc/cron.d/freshclam.cron ]
then
rm -f /etc/cron.d/freshclam.cron
fi

#Now when downloaded lets install
rpm -Uvh *.rpm

######################### Changed by smeghead ######################

cp -R /etc/e-smith/templates/etc/clamav.conf  /etc/e-smith/templates/etc/clamd.conf
/sbin/e-smith/expand-template /etc/clamd.conf
/sbin/e-smith/expand-template /etc/freshclam.conf

####################### End changes by smeghead ####################

#if it was an upgrade then we need to restart
service clamd start

#update the virus database
echo "Updating the Clam Virus database - Please wait...."
/usr/bin/freshclam --quiet -l /var/log/clamav/freshclam.log

# ensure that the first log file has been created
#touch /var/log/amavis-ng/amavis-ng.log
chown qmailq:qmail /var/log/amavis-ng
#chown qmailq:qmail /var/log/amavis-ng/amavis-ng.log*

# Now notify Swerts-Knudsen that you have installed - only so that I can enhance
# the scripts that are most in use

ERR=wget -q -t 1 -T 2 --delete-after http://sme.swerts-knudsen.dk/cgi-bin/egometer?Antivirus_Script

cd /root
# rm -rf antivirus_install

if [ $IS_UPDATE -ne 0 ]
then
echo "Update of Antivirus has successfully completed."
else
echo "Installation of Antivirus has successfully completed."
fi

[smeghead]

oops, that example directive is actually in the clamd.conf file

doh!

[psoren]

oops, that example directive is actually in the clamd.conf file

doh!

OK, i made it work by making a symlink called clamd.conf wich points to clamav.conf. But i will try your way later, it sounds more "correct". So i guess i don't need to do "freshclam -v" from reading your last post?

Thanks
Per

[Knuddi]

I noticed this error and have updated not only the clamav RPM buat also the sme-antivirus RPM. The standard install script should upgrade both without issues. Make sure to go into the server manager panel and press Save after installations.

Sorry for this little bummer.

[smeghead]

Yo Knuddi

Forgot to mention that particularlyon my server I am running a newer version of perl-libnet.  Might pay to use at least 1.17-1 or higher for your installs.

HTH

[Knuddi]

Thanks for the hint - both the AntiVirus and Spamfilter scripts have been upgraded to 1.18-8

[psoren]

Well..

A new problem occurs now.
The file /etc/rc.d/init.d/clamd refers to clamav.conf instead of clamd.conf.  

Per  

[compdoc]

Is this related?

Fresh install of 6.0.1-01, ran the Update script (http://no.longer.valid/phpwiki/index.php/Latest%20version%20of%20update%20scripts) which installs Clam Antivirus and SpamAssassin, etc etc.

All incoming mail is being quarantined, with an error message: Cannot connect to /var/lib/clamav/clamd.sock

The /var/lib/clamav/ directory is empty.

As is the /var/run/clamav directory, which should contain clamd.pid

This all a problem with clam 0.80 ?

[mrjhb3]

A new problem occurs now.
The file /etc/rc.d/init.d/clamd refers to clamav.conf instead of clamd.conf.  

I can also confirm that this is an issue.

I changed this line:

[ -f /etc/clamav.conf ] || exit 0
to this
[ -f /etc/clamd.conf ] || exit 0

Fresh install of 6.0.1-01, ran the Update script (http://no.longer.valid/phpwiki/index.php/Latest%20version%20of%20update%20scripts) which installs Clam Antivirus and SpamAssassin, etc etc.

All incoming mail is being quarantined, with an error message: Cannot connect to /var/lib/clamav/clamd.sock

The /var/lib/clamav/ directory is empty.

As is the /var/run/clamav directory, which should contain clamd.pid

I had this initial issue as well on a fresh install.  Looking in /var/log/clamav/clamd.log is was seeing this:

Wed Oct 27 21:23:39 2004 -> clamd daemon 0.80 (OS: linux-gnu, ARCH: i386, CPU: i686)
Wed Oct 27 21:23:39 2004 -> Log file size limit disabled.
Wed Oct 27 21:23:39 2004 -> Verbose logging activated.
Wed Oct 27 21:23:39 2004 -> Running as user qmailq (UID 404, GID 401)
Wed Oct 27 21:23:39 2004 -> Reading databases from /usr/share/clamav
Wed Oct 27 21:23:41 2004 -> Protecting against 25798 viruses.
Wed Oct 27 21:23:41 2004 -> ERROR: Socket file /var/lib/clamav/clamd.sock is in use by another process.

I did a service clamd stop, then a service clamd start
and now I am getting this in the log:

Wed Oct 27 21:28:12 2004 -> clamd daemon 0.80 (OS: linux-gnu, ARCH: i386, CPU: i686)
Wed Oct 27 21:28:12 2004 -> Log file size limit disabled.
Wed Oct 27 21:28:12 2004 -> Verbose logging activated.
Wed Oct 27 21:28:12 2004 -> Running as user qmailq (UID 404, GID 401)
Wed Oct 27 21:28:12 2004 -> Reading databases from /usr/share/clamav
Wed Oct 27 21:28:13 2004 -> Protecting against 25798 viruses.
Wed Oct 27 21:28:13 2004 -> Unix socket file /var/lib/clamav/clamd.sock
Wed Oct 27 21:28:13 2004 -> Setting connection queue length to 15
Wed Oct 27 21:28:13 2004 -> Listening daemon: PID: 2619
Wed Oct 27 21:28:13 2004 -> Archive: Archived file size limit set to 10485760 bytes.
Wed Oct 27 21:28:13 2004 -> Archive: Recursion level limit set to 5.
Wed Oct 27 21:28:13 2004 -> Archive: Files limit set to 1000.
Wed Oct 27 21:28:13 2004 -> WARNING: Archive: Compression ratio limit disabled.
Wed Oct 27 21:28:13 2004 -> Archive support enabled.
Wed Oct 27 21:28:13 2004 -> Archive: RAR support disabled.
Wed Oct 27 21:28:13 2004 -> Portable Executable support enabled.
Wed Oct 27 21:28:13 2004 -> Mail files support enabled.
Wed Oct 27 21:28:13 2004 -> OLE2 support enabled.
Wed Oct 27 21:28:13 2004 -> HTML support enabled.
Wed Oct 27 21:28:13 2004 -> Self checking every 1800 seconds.

It all looks good now, but I am going to re-install and test this again.

JB

[compdoc]

I made the change you suggested, and it does work now, but when making a change in the server-manager anti-virus panel, I get this error:

Error occurred while updating system configuration

However, logging back into Server-Manager, it does seem to have kept the changes...

[Knuddi]

I do not understand why you get errors in the server manager panel - did you upgrade to 1.0.2? I all cases there was apparently yet another place where the clamav->clamd.conf should be changed. I have fixed this in the next release of the sme-antivirus RPM but will hold a day or two for some more tests to be conducted. Meanwhile the file:

/etc/rc.d/init.d/clamd

should be changed from:

[ -f /etc/clamav.conf ] || exit 0

to this
[ -f /etc/clamd.conf ] || exit 0

[compdoc]

"package sme-antivirus-1.0.2-1 is already installed"

The error occurs when I change scan incoming mail or scan outgoing mail to yes or no. Also when changing Scheduled filesystem scanning.

Then emails start being quarantined again...

Think its pretty much any change except releasing/deleting quarantined mail that causes the Operation status report error...

[compdoc]

And no errors logged in /var/log/clamav/clamd.log