Clamd Does Not Create Socket

Support for security such as Firewalls and securing linux
Post Reply
Quantum`
Posts: 26
Joined: 2015/05/15 18:50:42

Clamd Does Not Create Socket

Post by Quantum` » 2017/11/09 20:22:55

It's baack...

Installed clamd and set in /etc/clamd.d/clamd.conf:

Code: Select all

LocalSocket /run/clamd.scan/clamd.sock
LocalSocketGroup virusgroup
LocalSocketMode 660
FixStaleSocket yes
Restart clamd@clamd and,
"ERROR: LOCAL: Socket file /run/clamd.scan/clamd.sock could not be bound: No such file or directory"

Indeed there is no /run/clamd.scan directory, much less the socket under it. And then, oh no, it can't find it! Of course clamav-milter can't find it.

I can create the directory all day long and then the socket appears, but next reboot the directory is gone of course.

User avatar
TrevorH
Forum Moderator
Posts: 31324
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Clamd Does Not Create Socket

Post by TrevorH » 2017/11/09 21:35:11

You'll need to use a file in /etc/tmpfiles.d to create it on each boot as /run is volatile. I suspect clamd already ships such a file and you should probably just use the directory it expects you to use... /usr/lib/tmpfiles.d/clamd.scan.conf is owned by clamav-scanner-0.99.2-8.el7.noarch so start by looking in that.
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

NedSlider
Forum Moderator
Posts: 2897
Joined: 2005/10/28 13:11:50
Location: UK

Re: Clamd Does Not Create Socket

Post by NedSlider » 2017/11/12 12:35:32

The usual location for the socket file is under /var/run/ (which is a link to /run).

The most common error is that the user:group under which clamd is running does not have write access to the location the socket supposed to reside.

In your case, check the permissions on /run/clamd.scan/ to make sure the user:group that clamd is running as has the correct permissions on that directory to create and access the socket file.

pjsr2
Posts: 595
Joined: 2014/03/27 20:11:07

Re: Clamd Does Not Create Socket

Post by pjsr2 » 2017/11/12 20:14:11

The following configuration works for me, without any specials for creating the /run/clamd.scan directory, so it looks like clamd is creating the clamd.scan directory for you:

Code: Select all

prompt> grep -e User -e Socket /etc/clamd.conf
LocalSocket /var/run/clamd.scan/clamd.sock
#LocalSocketGroup virusgroup
#LocalSocketMode 660
#FixStaleSocket yes
#TCPSocket 3310
User clamscan

prompt> ls -ld /var/run/clamd.scan/
drwx--x---. 2 clamscan clamscan 60 Nov 12 20:46 /var/run/clamd/scan/

prompt> sudo ls -l /var/run/clamd.scan/
total 0
srw-rw-rw-. 1 clamscan clamscan 0 Nov 12 20:46 clamd.sock

prompt> ps -o user,cmd -C clamd
USER     CMD
clamscan /usr/sbin/clamd -c /etc/clamd.scan.conf --foreground=yes

User avatar
TrevorH
Forum Moderator
Posts: 31324
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Clamd Does Not Create Socket

Post by TrevorH » 2017/11/12 21:14:24

[/var]/run/clamd.scan is created by /usr/lib/tmpfiles.d/clamd.scan.conf which is provided by the clamav-scanner-0.99.2-8.el7.noarch package from EPEL. It either needs a reboot to take effect or it needs systemd-tmpfiles --create /usr/lib/tmpfiles.d/clamd.scan.conf run to do it without a reboot post-install.

Edit: checked the rpm postscript and it runs that already:

Code: Select all

postinstall scriptlet (using /bin/sh):
/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/clamd.scan.conf || :
CentOS 6 died in November 2020 - migrate to a new version!
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 is dead, do not use it.
Full time Geek, part time moderator. Use the FAQ Luke

Quantum`
Posts: 26
Joined: 2015/05/15 18:50:42

Re: Clamd Does Not Create Socket

Post by Quantum` » 2017/11/15 17:02:20

TrevorH wrote:You'll need to use a file in /etc/tmpfiles.d to create it on each boot as /run is volatile. I suspect clamd already ships such a file and you should probably just use the directory it expects you to use... /usr/lib/tmpfiles.d/clamd.scan.conf is owned by clamav-scanner-0.99.2-8.el7.noarch so start by looking in that.
Hmm, I don't have any of these files, and clamav-scanner is not installed. So clamav-scanner must not be a dependency of clamav for some reason.

NedSlider wrote:The usual location for the socket file is under /var/run/ (which is a link to /run).

The most common error is that the user:group under which clamd is running does not have write access to the location the socket supposed to reside.

In your case, check the permissions on /run/clamd.scan/ to make sure the user:group that clamd is running as has the correct permissions on that directory to create and access the socket file.
Yes usually when I have to specify a legacy location like /bin, /sbin, /var/mail, or /var/run, I just enter the actual location instead. This shouldn't matter.

As /run gets cleaned out on every boot, clamd must write a new clamd.scan directory and socket file. /run is 755, but I run clamd as root so it can run fanotify_init. So it has permissions to create the directory and socket.

pjsr2 wrote:The following configuration works for me, without any specials for creating the /run/clamd.scan directory, so it looks like clamd is creating the clamd.scan directory for you:
Yes I have those settings too. (Except User clamscan) It is just not creating the /run subdirectory or socket.

TrevorH wrote:[/var]/run/clamd.scan is created by /usr/lib/tmpfiles.d/clamd.scan.conf which is provided by the clamav-scanner-0.99.2-8.el7.noarch package from EPEL. It either needs a reboot to take effect or it needs systemd-tmpfiles --create /usr/lib/tmpfiles.d/clamd.scan.conf run to do it without a reboot post-install.

Edit: checked the rpm postscript and it runs that already:

Code: Select all

postinstall scriptlet (using /bin/sh):
/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/clamd.scan.conf || :
And I don't have the /usr/lib/tmpfiles.d directory either. Apparently I need to install clamav-scanner, which I didn't know about. This seems to be a flaw in the clamav dependencies.

Thanks all, I'll try it.

pjsr2
Posts: 595
Joined: 2014/03/27 20:11:07

Re: Clamd Does Not Create Socket

Post by pjsr2 » 2017/11/16 10:29:00

Apparently I need to install clamav-scanner, which I didn't know about. This seems to be a flaw in the clamav dependencies.
The way the packages are organized, you have to start with the installation of the clamav-scanner package, which through its dependencies installs clamav-server. The direction of the package dependency relations is not obvious from the names of the packages.

Post Reply

Return to “CentOS 7 - Security Support”