Moderators: ScalixSupport, admin
ScalixSupport wrote:When you made the change to /etc/group , did you restart clamav ?
Cheers
Dave
Code: Select all
ps aux | grep clamd | grep -v grep
Code: Select all
clamav 4057 0.0 5.6 85300 29124 ? Ssl Apr01 2:35 clamd
Valerion wrote:If you need to get this working urgently you can edit /var/opt/scalix/sys/omvscan.cfg and change CLAMAV_ENGINE to use clamscan instead of clamdscan until you can get clamdscan to work. However, it will use more memory and be slower that way.
What user does clamd run as?Code: Select all
ps aux | grep clamd | grep -v grep
Mine showsCode: Select all
clamav 4057 0.0 5.6 85300 29124 ? Ssl Apr01 2:35 clamd
indicating that it's being run by user clamav.
Code: Select all
[root@vs5 ~]# omstat -a
PC Monitor Started NON-STOP 0
Directory Relay Server Started 22:40:06
Notification Server Started 22:40:06 0
Shared memory daemon Started NON-STOP
Notification Monitor Started NON-STOP
Session Monitor Started NON-STOP
Container Access Monitor Started NON-STOP
Item Structure Server Stopped
Database Monitor Started 22:40:06
Licence Monitor Daemon Started NON-STOP
LDAP Daemon Started 22:40:06
Queue Manager Started NON-STOP
Item Delete Daemon Started NON-STOP
IMAP Server Daemon Started 22:40:06
SMTP Relay Started 22:40:06
Mime Browser Controller Started 22:40:06
[root@vs5 ~]# omstat -s
Service Router Aborted 22:40:06 0
Local Delivery Started 22:40:06 0
Internet Mail Gateway Started 22:40:06 0
Local Client Interface Enabled 22:40:06 0
Remote Client Interface Enabled 22:40:06 1
Test Server Started 22:40:06 0
Request Server Started 22:40:06 0
Print Server Started 22:40:06 0
Bulletin Board Server Started 22:40:06 0
Background Search Service Started 22:40:06 0
CDA Server Aborted 22:40:06 0
POP3 interface Started 22:40:06 0
Omscan Server Started 22:40:06 0
Archiver Started 22:40:06 0
[root@vs5 ~]# cat /etc/group
root:x:0:root
bin:x:1:root,bin,daemon
daemon:x:2:root,bin,daemon
sys:x:3:root,bin,adm
adm:x:4:root,adm,daemon
tty:x:5:
disk:x:6:root
lp:x:7:daemon,lp
mem:x:8:
kmem:x:9:
wheel:x:10:root
mail:x:12:mail
news:x:13:news
uucp:x:14:uucp
man:x:15:
games:x:20:
gopher:x:30:
dip:x:40:
ftp:x:50:
lock:x:54:
nobody:x:99:
users:x:100:
dbus:x:81:
floppy:x:19:
vcsa:x:69:
rpm:x:37:
utmp:x:22:
haldaemon:x:68:
slocate:x:21:
pcap:x:77:
nscd:x:28:
named:x:25:
netdump:x:34:
sshd:x:74:
rpc:x:32:
mailnull:x:47:
smmsp:x:51:
rpcuser:x:29:
nfsnobody:x:65534:
apache:x:48:
squid:x:23:
webalizer:x:67:
tomcat:x:91:
xfs:x:43:
ntp:x:38:
gdm:x:42:
dovecot:x:97:
mysql:x:27:
screen:x:84:
scalix:x:101:clamav
sxadmin:x:500:
clamav:x:102:
[root@vs5 ~]# clamdscan /var/opt/scalix/data/0000001/*
/var/opt/scalix/data/0000001/000010g: Access denied. ERROR
/var/opt/scalix/data/0000001/000010i: Access denied. ERROR
/var/opt/scalix/data/0000001/000010j: Access denied. ERROR
/var/opt/scalix/data/0000001/000010k: Access denied. ERROR
/var/opt/scalix/data/0000001/000010l: Access denied. ERROR
/var/opt/scalix/data/0000001/000010m: Access denied. ERROR
/var/opt/scalix/data/0000001/000010n: Access denied. ERROR
/var/opt/scalix/data/0000001/000010o: Access denied. ERROR
/var/opt/scalix/data/0000001/000010p: Access denied. ERROR
/var/opt/scalix/data/0000001/000010q: Access denied. ERROR
/var/opt/scalix/data/0000001/000010s: Access denied. ERROR
/var/opt/scalix/data/0000001/000010t: Access denied. ERROR
/var/opt/scalix/data/0000001/000010u: Access denied. ERROR
/var/opt/scalix/data/0000001/0000120: Access denied. ERROR
/var/opt/scalix/data/0000001/0000121: Access denied. ERROR
/var/opt/scalix/data/0000001/0000122: Access denied. ERROR
/var/opt/scalix/data/0000001/0000123: Access denied. ERROR
/var/opt/scalix/data/0000001/0000125: Access denied. ERROR
/var/opt/scalix/data/0000001/0000126: Access denied. ERROR
/var/opt/scalix/data/0000001/0000127: Access denied. ERROR
----------- SCAN SUMMARY -----------
Infected files: 0
Time: 0.004 sec (0 m 0 s)
[root@vs5 ~]# clamscan /var/opt/scalix/data/0000001/*
/var/opt/scalix/data/0000001/000010g: OK
/var/opt/scalix/data/0000001/000010i: OK
/var/opt/scalix/data/0000001/000010j: OK
/var/opt/scalix/data/0000001/000010k: OK
/var/opt/scalix/data/0000001/000010l: OK
/var/opt/scalix/data/0000001/000010m: OK
/var/opt/scalix/data/0000001/000010n: OK
/var/opt/scalix/data/0000001/000010o: OK
/var/opt/scalix/data/0000001/000010p: OK
/var/opt/scalix/data/0000001/000010q: OK
/var/opt/scalix/data/0000001/000010s: OK
/var/opt/scalix/data/0000001/000010t: OK
/var/opt/scalix/data/0000001/000010u: OK
/var/opt/scalix/data/0000001/0000120: OK
/var/opt/scalix/data/0000001/0000121: OK
/var/opt/scalix/data/0000001/0000122: OK
/var/opt/scalix/data/0000001/0000123: OK
/var/opt/scalix/data/0000001/0000125: OK
/var/opt/scalix/data/0000001/0000126: OK
/var/opt/scalix/data/0000001/0000127: OK
----------- SCAN SUMMARY -----------
Known viruses: 48899
Engine version: 0.88
Scanned directories: 0
Scanned files: 20
Infected files: 0
Data scanned: 0.02 MB
Time: 0.815 sec (0 m 0 s)
[root@vs5 ~]# cat /var/opt/scalix/logs/fatal
SERIOUS ERROR CDA Server (CDA Server ) Wed Apr 5 22:40:06 2006
[OM 28664] There is already a CDA server process running
Pid of logging process: 2790
ERROR Service Router(Service Router) Wed Apr 5 22:40:07 2006
[OM 5181] Reply timed out or invalid - Mapper protocol problem.
Command sent: <none - expect greeting reply>
Reply received: 503 "ClamAV" cannot scan Scalix-owned file Access denied. ERROR
Pid of logging process: 2783
ERROR Service Router(Service Router) Wed Apr 5 22:40:07 2006
[OM 5181] Reply timed out or invalid - Mapper protocol problem.
Command sent: QUIT Please Close This Session
Reply received: 220 Virus Scanning Client Ready
Pid of logging process: 2783
ERROR Service Router(Service Router) Wed Apr 5 22:40:07 2006
[OM 5183] A Mapper error has been detected.
Pid of logging process: 2783
SERIOUS ERROR Service Router(Service Router) Wed Apr 5 22:40:07 2006
[OM 5183] A Mapper error has been detected.
Pid of logging process: 2783
ScalixSupport wrote:Please can you run the command:and post the results.Code: Select all
id clamav
Cheers
Dave
Code: Select all
[root@vs5 ~]# id clamav
uid=101(clamav) gid=102(clamav) groups=102(clamav),101(scalix)
ScalixSupport wrote:Can you show me the permissions on one of the files that clam is having a problem with.
Cheers
Dave
Code: Select all
[root@vs5 ~]# ls -l /var/opt/scalix/data/0000001/000010g
-rw-rw---- 1 scalix scalix 3072 Apr 5 21:22 /var/opt/scalix/data/0000001/000010g
Code: Select all
# yum install clamav clamav-server clamav-update
ScalixSupport wrote:Are you able to clamdscan a file in the /tmp directory ?
Cheers
Dave
Code: Select all
[root@vs5 /]# clamdscan /tmp/*
/tmp/myserver.net: OK
/tmp/debug.log: OK
/tmp/gconfd-root: Access denied. ERROR
/tmp/hsperfdata_root/2944: Unable to open file or directory ERROR
/tmp/lst6914: OK
ERROR: Not supported file type (/tmp/mapping-root)
/tmp/ominstall.log: OK
/tmp/ominstall.Olog: OK
/tmp/texconfig.Qn5963: Access denied. ERROR
/tmp/texconfig.X22857: Access denied. ERROR
/tmp/tmp.NMyzW29650: Access denied. ERROR
/tmp/tmp.XNGIEE3720: Access denied. ERROR
----------- SCAN SUMMARY -----------
Infected files: 0
Time: 0.004 sec (0 m 0 s)
Users browsing this forum: No registered users and 15 guests