Problems installing clamd.service on OpenSUSE 13.2 on Dell server

I am new to OpenSUSE. I’ve installed 13.2 on an old Dell PowerEdge 1900 Server (64-bit).

sam14:/home/keith # uname -a
Linux sam14 3.16.7-7-desktop #1 SMP PREEMPT Wed Dec 17 18:00:44 UTC 2014 (762f27a) x86_64 x86_64 x86_64 GNU/Linux

I was attempting to follow the instructions from this tutorial: http://www.server180.com/2014/12/how-to-install-amavisd.html

I was able to get amavisd-new installed, although the tutorial shows to edit the "/etc/init.d/amavis init script" - there is no such file on my system!

I am also confused by several of the instructions for installing clamav.

First, the tutorial says to load “clamav-db”, but I find no package for that. I was able to load clamav and run freshclam, however systemctl reports:

sam14:/home/keith # systemctl status clamd.service
clamd.service - Clamav antivirus Deamon
   Loaded: loaded (/usr/lib/systemd/system/clamd.service; enabled)
   Active: failed (Result: exit-code) since Wed 2015-01-21 22:38:10 EST; 12h ago
  Process: 2146 ExecStart=/usr/sbin/clamd (code=exited, status=1/FAILURE)

Jan 21 22:37:53 sam14 clamd[2146]: Reading databases from /var/lib/clamav
Jan 21 22:37:53 sam14 clamd[2146]: Not loading PUA signatures.
Jan 21 22:37:53 sam14 clamd[2146]: Bytecode: Security mode set to "TrustSigned".
Jan 21 22:38:08 sam14 clamd[2146]: Loaded 3731127 signatures.
Jan 21 22:38:10 sam14 clamd[2146]: TCP: Bound to [127.0.0.1]:3310
Jan 21 22:38:10 sam14 clamd[2146]: TCP: Setting connection queue length to 200
Jan 21 22:38:10 sam14 clamd[2146]: LOCAL: Socket file /var/run/clamav/clamd-socket could not be bound: No such file or directory
Jan 21 22:38:10 sam14 clamd[2146]: Can't unlink the socket file /var/run/clamav/clamd-socket
Jan 21 22:38:10 sam14 clamd[2146]: ERROR: LOCAL: Socket file /var/run/clamav/clamd-socket could not be bound: No such file or directory
Jan 21 22:38:10 sam14 clamd[2146]: ERROR: Can't unlink the socket file /var/run/clamav/clamd-socket
sam14:/home/keith # 

The tutorial gives instructions to create a symlink:

mkdir -p /var/run/clamav
ln -s /var/lib/clamav/clamd-socket /var/run/clamav/clamd

but that hasn’t worked for me, and I see that systemctl says it is looking for /var/run/clamav/clamd-socket, not /var/lib/clamav/clamd-socket nor /var/run/clamav/clamd !

After my first failed attempt, I deleted the symlink, then

touch /var/run/clamav/clamd-socket

and rebooted the machine to test if the system would actually remove the contents of /var/run/clamav/ as stated in the tutorial (because “/run is now a tmpfs”) but I see that is not true- that directory is not emptied on reboot.

Here’s one line from mount output:

tmpfs on /run type tmpfs (rw,nosuid,nodev,mode=755)

So I am confused how much of my problem is due to my lack of understanding and how much might be due to invalid tutorial statements. Can someone help straighten me out on this?

Thanks,
Keith Ostertag
Harrisburg, PA USA

This tuturial seems to be for previous version of openSUSE. Did you try to simply install clamav and start it? You may need to reboot to make sure directory in /run is created (do not know whether package does it during installation).

Most of the Postfix + Amavis tutorials I’ve seen online are totally ass and for 13.1 + 13.2 also useless.

You can enable Amavis+Clamd scanning on Postfix on openSUSE by using the yast mail configuration tool - simply checkmark Enable virus scanning (AMaViS) and bang you’re done.

Thanks for responding.

Well, the tutorial says it is for OpenSUSE 13.2…

But yes, I used zypper to remove clamav, then deleted the /var/run/clamav directory in order to start fresh. I then used zypper to re-install clamav and ran freshclam. Here is the process:

sam14:/home/keith # freshclam
ClamAV update process started at Thu Jan 22 12:39:08 2015
main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)
Downloading daily-19961.cdiff [100%]
Downloading daily-19962.cdiff [100%]
daily.cld updated (version: 19962, sigs: 1312856, f-level: 63, builder: neo)
bytecode.cld is up to date (version: 245, sigs: 43, f-level: 63, builder: dgoddard)
Database updated (3737124 signatures) from database.clamav.net (IP: 64.6.100.177)
WARNING: Clamd was NOT notified: Can't connect to clamd through /var/run/clamav/clamd-socket: No such file or directory

So I did:

sam14:/home/keith #  mkdir -p /var/run/clamav
sam14:/home/keith # freshclam
ClamAV update process started at Thu Jan 22 12:41:18 2015
main.cvd is up to date (version: 55, sigs: 2424225, f-level: 60, builder: neo)
daily.cld is up to date (version: 19962, sigs: 1312856, f-level: 63, builder: neo)
bytecode.cld is up to date (version: 245, sigs: 43, f-level: 63, builder: dgoddard)

sam14:/home/keith # systemctl enable clamd.service
sam14:/home/keith # systemctl start clamd.service
Job for clamd.service failed. See "systemctl status clamd.service" and "journalctl -xn" for details.

sam14:/home/keith # systemctl status clamd
clamd.service - Clamav antivirus Deamon
   Loaded: loaded (/usr/lib/systemd/system/clamd.service; enabled)
   Active: failed (Result: exit-code) since Thu 2015-01-22 12:43:39 EST; 17s ago
  Process: 14516 ExecStart=/usr/sbin/clamd (code=exited, status=1/FAILURE)

So then I tried:

sam14:/home/keith # touch /var/run/clamav/clamd-socket

sam14:/home/keith # systemctl enable clamd.service
sam14:/home/keith # systemctl start clamd.service
Job for clamd.service failed. See "systemctl status clamd.service" and "journalctl -xn" for details.
sam14:/home/keith # systemctl status clamd.service
clamd.service - Clamav antivirus Deamon
   Loaded: loaded (/usr/lib/systemd/system/clamd.service; enabled)
   Active: failed (Result: exit-code) since Thu 2015-01-22 12:45:13 EST; 13s ago
  Process: 14592 ExecStart=/usr/sbin/clamd (code=exited, status=1/FAILURE)

Jan 22 12:45:01 sam14 clamd[14592]: Not loading PUA signatures.
Jan 22 12:45:01 sam14 clamd[14592]: Bytecode: Security mode set to "TrustSigned".
Jan 22 12:45:11 sam14 clamd[14592]: Loaded 3731565 signatures.
Jan 22 12:45:13 sam14 clamd[14592]: TCP: Bound to [127.0.0.1]:3310
Jan 22 12:45:13 sam14 clamd[14592]: TCP: Setting connection queue length to 200
Jan 22 12:45:13 sam14 clamd[14592]: LOCAL: Removing stale socket file /var/run/clamav/clamd-socket
Jan 22 12:45:13 sam14 clamd[14592]: LOCAL: Socket file /var/run/clamav/clamd-socket could not be removed: Permission denied
Jan 22 12:45:13 sam14 clamd[14592]: Can't unlink the socket file /var/run/clamav/clamd-socket
Jan 22 12:45:13 sam14 clamd[14592]: ERROR: LOCAL: Socket file /var/run/clamav/clamd-socket could not be removed: Permission denied
Jan 22 12:45:13 sam14 clamd[14592]: ERROR: Can't unlink the socket file /var/run/clamav/clamd-socket
sam14:/home/keith # 

What do those permission denied messages suggest?

I tried changing permissons on that file:

sam14:/home/keith # ls -ahl /var/run/clamav/clamd-socket 
-rw-r--r-- 1 root root 0 Jan 22 12:44 /var/run/clamav/clamd-socket

sam14:/home/keith # chmod 777 /var/run/clamav/clamd-socket

sam14:/home/keith # ls -ahl /var/run/clamav/clamd-socket 
-rwxrwxrwx 1 root root 0 Jan 22 12:44 /var/run/clamav/clamd-socket

sam14:/home/keith # systemctl enable clamd.service
sam14:/home/keith # systemctl start clamd.service
Job for clamd.service failed. See "systemctl status clamd.service" and "journalctl -xn" for details.

sam14:/home/keith # systemctl status clamd.service
clamd.service - Clamav antivirus Deamon
   Loaded: loaded (/usr/lib/systemd/system/clamd.service; enabled)
   Active: failed (Result: exit-code) since Thu 2015-01-22 12:59:28 EST; 8s ago
  Process: 15474 ExecStart=/usr/sbin/clamd (code=exited, status=1/FAILURE)

Jan 22 12:59:16 sam14 clamd[15474]: Not loading PUA signatures.
Jan 22 12:59:16 sam14 clamd[15474]: Bytecode: Security mode set to "TrustSigned".
Jan 22 12:59:26 sam14 clamd[15474]: Loaded 3731565 signatures.
Jan 22 12:59:28 sam14 clamd[15474]: TCP: Bound to [127.0.0.1]:3310
Jan 22 12:59:28 sam14 clamd[15474]: TCP: Setting connection queue length to 200
Jan 22 12:59:28 sam14 clamd[15474]: LOCAL: Removing stale socket file /var/run/clamav/clamd-socket
Jan 22 12:59:28 sam14 clamd[15474]: LOCAL: Socket file /var/run/clamav/clamd-socket could not be removed: Permission denied
Jan 22 12:59:28 sam14 clamd[15474]: Can't unlink the socket file /var/run/clamav/clamd-socket
Jan 22 12:59:28 sam14 clamd[15474]: ERROR: LOCAL: Socket file /var/run/clamav/clamd-socket could not be removed: Permission denied
Jan 22 12:59:28 sam14 clamd[15474]: ERROR: Can't unlink the socket file /var/run/clamav/clamd-socket
sam14:/home/keith # ls -ahl /var/run/clamav/
total 0
drwxr-xr-x  2 root root   60 Jan 22 12:44 .
drwxr-xr-x 37 root root 1000 Jan 22 12:40 ..
-rwxrwxrwx  1 root root    0 Jan 22 12:44 clamd-socket

Ideas?

Thanks,
Keith

Uninstall ClamAV, remove the file you created with touch, install ClamAV, systemctl start clamd and run freshclam.

The reason it wasn’t able to connect to the socket was because clamd wasn’t running - clamd creates the socket when you start it.

OK, thanks for this!

However, after checkmarking Enable virus scanning in YAST, re-installing clamav through zypper, and going through the procedure again I still get the same errors:

sam14:/home/keith # mkdir -p /var/run/clamav
sam14:/home/keith # ln -s /var/lib/clamav/clamd-socket /var/run/clamav/clamd

sam14:/home/keith # systemctl enable clamd.service
sam14:/home/keith # systemctl start clamd.service
Job for clamd.service failed. See "systemctl status clamd.service" and "journalctl -xn" for details.
sam14:/home/keith # systemctl status clamd.service
clamd.service - Clamav antivirus Deamon
   Loaded: loaded (/usr/lib/systemd/system/clamd.service; enabled)
   Active: failed (Result: exit-code) since Thu 2015-01-22 13:21:09 EST; 10s ago
  Process: 3066 ExecStart=/usr/sbin/clamd (code=exited, status=1/FAILURE)

Jan 22 13:20:57 sam14 clamd[3066]: Reading databases from /var/lib/clamav
Jan 22 13:20:57 sam14 clamd[3066]: Not loading PUA signatures.
Jan 22 13:20:57 sam14 clamd[3066]: Bytecode: Security mode set to "TrustSigned".
Jan 22 13:21:07 sam14 clamd[3066]: Loaded 3731565 signatures.
Jan 22 13:21:09 sam14 clamd[3066]: TCP: Bound to [127.0.0.1]:3310
Jan 22 13:21:09 sam14 clamd[3066]: TCP: Setting connection queue length to 200
Jan 22 13:21:09 sam14 clamd[3066]: LOCAL: Socket file /var/run/clamav/clamd-socket could not be bound: Permission denied
Jan 22 13:21:09 sam14 clamd[3066]: Can't unlink the socket file /var/run/clamav/clamd-socket
Jan 22 13:21:09 sam14 clamd[3066]: ERROR: LOCAL: Socket file /var/run/clamav/clamd-socket could not be bound: Permission denied
Jan 22 13:21:09 sam14 clamd[3066]: ERROR: Can't unlink the socket file /var/run/clamav/clamd-socket
sam14:/home/keith # 

I don’t have Postfix setup properly/completely yet, would that impact this?

Keith

You didn’t remove the socket you created wth touch earlier - the existence of this file prevents clamd from creating the socket itself.

Just remove it as root.

Thank you for helping me out. Actualy I did remove that file and the directory.

But to recheck, I just did it again- I used zypper to remove clamav, deleted the /var/run/clamav directory, then used YAST to confirm that virus checking was enabled and load clamav. This time I did not manually create any directories or files suggested by that tutorial- I let YAST do it all.

I then enabled and started the clamd.service as before.

I get the same errors, though this time I see that installing via YAST created the directory /var/run/clam-socket/. I see no file named clam-socket. The directory still exists after reboot.

When I used YAST this last time after having removed clamav with zypper, I first confirmed the Virus checking was enabled, and YAST complained that clamav was not yet loaded but suggested I could load clamav manually, which I then did via YAST. So I wonder if I have a sequence problem? Postfix is still not yet properly configured.

Keith

To test this, I did a fresh 13.2 install, installed yast2-mail + amavisd-new and postfix.

Then started up yast mail, checkmarked Amavis and next next ok ok. Went to shell, ran freshclam and then systemctl start clamd. Works fine

bytecode.cvd updated (version: 245, sigs: 43, f-level: 63, builder: dgoddard)Database updated (3737181 signatures) from database.clamav.net (IP: 130.133.110.67)
WARNING: Clamd was NOT notified: Can't connect to clamd through /var/run/clamav/clamd-socket: No such file or directory
linux-nuau:/home/miuku # systemctl start clamd
linux-nuau:/home/miuku # systemctl status clamd
clamd.service - Clamav antivirus Deamon
   Loaded: loaded (/usr/lib/systemd/system/clamd.service; disabled)
   Active: active (running) since Thu 2015-01-22 22:28:55 EET; 13s ago
  Process: 8363 ExecStart=/usr/sbin/clamd (code=exited, status=0/SUCCESS)
 Main PID: 8365 (clamd)
   CGroup: /system.slice/clamd.service
           └─8365 /usr/sbin/clamd

OK, thank you for going through that efffort! It confirms that none of the steps in that tutorial are necessary.

I may have some things loaded which are inteferring, or I may be having a problem with sequence.

You don’t mention at what point you installed clamav. Did you download and install clamav before or after postfix? Can you say the exact order in which you loaded the programs?

Thanks, and I may need to do a fresh install myself.

Keith

Thanks again Miuku](https://forums.opensuse.org/member.php/68162-Miuku).

I did a fresh install, and it now works just as you’ve shown- checkmark allow virus scanning in YAST, run freshclam, then start clamd.

I guess I had something loaded that was interferring.

I also now see that both Amavis and clamd are installed by default.

A good lesson to not simply/blindly follow online tutorials!

Keith

[QUOTE=keithostertag;2690716]I am new to OpenSUSE. I’ve installed 13.2 on an old Dell PowerEdge 1900 Server (64-bit).

sam14:/home/keith # uname -a
Linux sam14 3.16.7-7-desktop #1 SMP PREEMPT Wed Dec 17 18:00:44 UTC 2014 (762f27a) x86_64 x86_64 x86_64 GNU/Linux

I was attempting to follow the instructions from this tutorial: http://www.server180.com/2014/12/how-to-install-amavisd.html

I was able to get amavisd-new installed, although the tutorial shows to edit the "/etc/init.d/amavis init script" - there is no such file on my system!

I am also confused by several of the instructions for installing clamav.

First, the tutorial says to load “clamav-db”, but I find no package for that. I was able to load clamav and run freshclam, however systemctl reports:

sam14:/home/keith # systemctl status clamd.service
clamd.service - Clamav antivirus Deamon
   Loaded: loaded (/usr/lib/systemd/system/clamd.service; enabled)
   Active: failed (Result: exit-code) since Wed 2015-01-21 22:38:10 EST; 12h ago
  Process: 2146 ExecStart=/usr/sbin/clamd (code=exited, status=1/FAILURE)

Jan 21 22:37:53 sam14 clamd[2146]: Reading databases from /var/lib/clamav
Jan 21 22:37:53 sam14 clamd[2146]: Not loading PUA signatures.
Jan 21 22:37:53 sam14 clamd[2146]: Bytecode: Security mode set to "TrustSigned".
Jan 21 22:38:08 sam14 clamd[2146]: Loaded 3731127 signatures.
Jan 21 22:38:10 sam14 clamd[2146]: TCP: Bound to [127.0.0.1]:3310
Jan 21 22:38:10 sam14 clamd[2146]: TCP: Setting connection queue length to 200
Jan 21 22:38:10 sam14 clamd[2146]: LOCAL: Socket file /var/run/clamav/clamd-socket could not be bound: No such file or directory
Jan 21 22:38:10 sam14 clamd[2146]: Can't unlink the socket file /var/run/clamav/clamd-socket
Jan 21 22:38:10 sam14 clamd[2146]: ERROR: LOCAL: Socket file /var/run/clamav/clamd-socket could not be bound: No such file or directory
Jan 21 22:38:10 sam14 clamd[2146]: ERROR: Can't unlink the socket file /var/run/clamav/clamd-socket
sam14:/home/keith # 

==================================================================================================================================
Step 1: Open /etc/clamd.conf in a text editor
Step 2: Comment out the line
LocalSocket /var/run/clamav/clamd-socket
sothat it looks like:
#LocalSocket /var/run/clamav/clamd-socket
step3: run in shell:
systemctl start clamd.service
step4:run in shell:
freshclam

Your problem will be solved.