Re: Email pid issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]





On 22/08/16 02:10, Jay Hart wrote:
Hello gents,

First time poster here!

Current system running Centos 6.8. Buddy of mine posted a few days back about me wanting to move
from Postfix 2.6.x to 2.8 to above, still under centos 6.8.  I might move over to 7, but probably
not for a while, don't have the resources presently to make this happen.

Running Centos 6.8, postfix 2.6.6, clamav 0.99.1. Basic Centos 6.8 box fully patched using stable
repos.

____ISSUE_____

Logwatch is reporting this error, which I'm going to assume has been occurring for a few years but
doesn't affect sending/receiving emails, so I haven't chased it down, now I'm looking to fix that.

1   (06498-19) ClamAV-clamd: All attempts (1) failed connecting to
/var/spool/amavisd/clamd.sock, retrying (1)

Since this is reported by "ClamAV-clamd", I am assuming this is coming from amavisd.conf.  My
logic on this is that a grep search for that particular string only shows up in the
/etc/amavisd.conf file, when its calling the scanner.  Pasted code from file below:

@av_scanners = (
['ClamAV-clamd',
  \&ask_daemon, ["CONTSCAN {}\n", "/var/spool/amavisd/clamd.sock"],
  qr/\bOK$/m, qr/\bFOUND$/m,
  qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],

Best I can determine /var/spool/amavisd/clamd.sock file exists. So, not sure what is causing this
or why, or how to fix.


and what does clamd.conf say:

cat /etc/clamd.conf | grep 'clamd.sock'


Does it match the "/var/spool/amavisd/clamd.sock" entry above?

Here is /var/spool/amavisd contents:

[run]# ls -al /var/spool/amavisd/
total 64
drwxr-x---   7 amavis amavis  4096 Aug 21 19:10 .
drwxr-xr-x. 15 root   root    4096 Mar 15  2012 ..
srwxr-x---   1 amavis amavis     0 Aug 21 19:10 amavisd.sock
srw-rw-rw-   1 amavis amavis     0 Aug 21 19:10 clamd.sock
drwxr-x---   2 amavis amavis  4096 Aug 21 19:10 db
drwxr-x---   2 amavis amavis 36864 Aug 21 19:50 quarantine
drwxr-x---   2 amavis amavis  4096 Aug 21 09:23 .razor
drwx------   2 amavis amavis  4096 Aug 21 20:42 .spamassassin
drwxr-x---   4 amavis amavis  4096 Aug 21 20:42 tmp


Seems to be owned by the right group, I rebooted at 19.10 today hence timestamp date/time.


Is the clamav user a member of the amavis group? i.e, does the user clam runs under have access to the socket?

So, my question is, what do I need to do to eliminate this error?  How can I chase it down?


Check the two most common causes above :-)

TIA,

Jay

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux