TrevorH wrote:You'll need to use a file in /etc/tmpfiles.d to create it on each boot as /run is volatile. I suspect clamd already ships such a file and you should probably just use the directory it expects you to use... /usr/lib/tmpfiles.d/clamd.scan.conf is owned by clamav-scanner-0.99.2-8.el7.noarch so start by looking in that.
Hmm, I don't have any of these files, and clamav-scanner is not installed. So clamav-scanner must not be a dependency of clamav for some reason.
NedSlider wrote:The usual location for the socket file is under /var/run/ (which is a link to /run).
The most common error is that the user:group under which clamd is running does not have write access to the location the socket supposed to reside.
In your case, check the permissions on /run/clamd.scan/ to make sure the user:group that clamd is running as has the correct permissions on that directory to create and access the socket file.
Yes usually when I have to specify a legacy location like /bin, /sbin, /var/mail, or /var/run, I just enter the actual location instead. This shouldn't matter.
As /run gets cleaned out on every boot, clamd must write a new clamd.scan directory and socket file. /run is 755, but I run clamd as root so it can run fanotify_init. So it has permissions to create the directory and socket.
pjsr2 wrote:The following configuration works for me, without any specials for creating the /run/clamd.scan directory, so it looks like clamd is creating the clamd.scan directory for you:
Yes I have those settings too. (Except User clamscan) It is just not creating the /run subdirectory or socket.
[/var]/run/clamd.scan is created by /usr/lib/tmpfiles.d/clamd.scan.conf which is provided by the clamav-scanner-0.99.2-8.el7.noarch package from EPEL. It either needs a reboot to take effect or it needs systemd-tmpfiles --create /usr/lib/tmpfiles.d/clamd.scan.conf
run to do it without a reboot post-install.
Edit: checked the rpm postscript and it runs that already:
Code: Select all
postinstall scriptlet (using /bin/sh):
/bin/systemd-tmpfiles --create /usr/lib/tmpfiles.d/clamd.scan.conf || :
And I don't have the /usr/lib/tmpfiles.d directory either. Apparently I need to install clamav-scanner, which I didn't know about. This seems to be a flaw in the clamav dependencies.
Thanks all, I'll try it.