Salix Forums

I've several problems with clamav:

1) The package i installed from sourcery claimed to be 0.98.5 but when i ran clamav it laments to be outdated, specifically to be version 0.98.4 instead of 0.98.5. I could correct this installing the package from slackbuild.org.

2) There is a rc.clamav file in /etc/rc.d which starts clamd (the clamav daemon) and the freshclam daemon (which provides, controlled by a cronjob or by its own conf file, the newest signature files and databases). There is, like suggested a user clamav uid=210 and a group clamav gid=210. I made myself belong to the group clamav (otherwise Claws-Mail laments).

On boot i'm prompted with the following errors.

When clamd is started:

Code: Select all

Timeout reached while waiting for return value
Could not receive return value from daemon process

Now that has the ugly consequence that the bootup hangs here, no X gets started. When i hit Ctrl+z i can break and i'll reach the login window.

Curiously, when i start from within X in a terminal 'service start clamav' that works. There are also some minor problems with the logfiles. But to get solved the above problem is the first, and most important step.

The rc.clamav file in /etc/rc.d/ looks like this. May be someone more knowledged here can see, if there is some error/problem in it:

Code: Select all

#!/bin/sh
# Start/stop/restart clamav.
# $Id: rc.clamav,v 1.1 2007/02/14 10:29:03 root Exp root $
# Author: Eric Hameleers <alien@slackware.com>
# ---------------------------------------------------------------------------
# Slightly modified by Robby Workman <rworkman@slackbuilds.org>
# to replace backticks ( s/`command`/$(command)/ )

# Set to '1' if you want milter support:
MILTER=0

# Start clamav:
clamav_start() {
  if [ -x /usr/sbin/clamd ]; then
    echo -n "Starting clamd daemon:  /usr/sbin/clamd "
    mkdir -p /var/run/clamav/
    chown clamav:clamav /var/run/clamav/
    chmod 771 /var/run/clamav/
    /usr/sbin/clamd
    echo "."
    # Give clamd a chance to create the socket
    sleep 1
    echo -n "Starting freshclam daemon:  /usr/bin/freshclam -d -l /var/log/clamav/freshclam.log "
    /usr/bin/freshclam -d -l /var/log/clamav/freshclam.log
    echo "."
    if [ "$MILTER" == "1" ]; then
      echo -n "Starting clamav-milter daemon:  /usr/sbin/clamav-milter -dblo --max-children=2 local:/var/run/clamav/clmilter.sock "
      /usr/sbin/clamav-milter -dblo --max-children=2 local:/var/run/clamav/clmilter.sock
      echo "."
    fi
  fi
}

# Stop clamav:
clamav_stop() {
  kill $(cat /var/run/clamav/clamd.pid)
  #killall freshclam
  kill $(cat /var/run/clamav/freshclam.pid)
  [ "$MILTER" == "1" ] && killall clamav-milter
}

# Restart clamav:
clamav_restart() {
  clamav_stop
  sleep 1
  clamav_start
}

case "$1" in
'start')
  clamav_start
  ;;
'stop')
  clamav_stop
  ;;
'restart')
  clamav_restart
  ;;
*)
  echo "usage $0 start|stop|restart"
esac

Another question: Should the rc.clamav file be executable or not? And, the owner should be root but for the group: should it be root to or clamav?

Thanks a lot in advance for your patience.

jsfarinet wrote:1) The package i installed from sourcery claimed to be 0.98.5 but when i ran clamav it laments to be outdated, specifically to be version 0.98.4 instead of 0.98.5.

Slackbuild change log indicates that clamav was update from version 0.98.4 to 0.98.5 on November 29th. You posted on November 26 that clamav installation failed because of missing dependency libmilter, which you reported to be fixed on December 1st by installing the sendmail package as suggested by gapn. Based on this I pretty confident that you have the 0.95.4 version installed although sourcey is giving a false impression that the 0.95,5 package is installed. You can check this by using spkg -l in a terminal.

Code: Select all

$ $ sudo spkg -l clamav
clamav-0.98.4-x86_64-1_SB

jsfarinet wrote: I could correct this installing the package from slackbuild.org.

Before reinstalling, you will need to clear the working directory. In sourcery you and do this by going to the Edit menu and clicking on preferences, then select the "Working Directory" and clicck on the "Clear working directory" button.

As for how to configure clamav, I;m afraid I can;t help there,

laprjns wrote:
jsfarinet wrote:1) The package i installed from sourcery claimed to be 0.98.5 but when i ran clamav it laments to be outdated, specifically to be version 0.98.4 instead of 0.98.5.
Slackbuild change log indicates that clamav was update from version 0.98.4 to 0.98.5 on November 29th. You posted on November 26 that clamav installation failed because of missing dependency libmilter, which you reported to be fixed on December 1st by installing the sendmail package as suggested by gapn. Based on this I pretty confident that you have the 0.95.4 version installed although sourcey is giving a false impression that the 0.95,5 package is installed. You can check this by using spkg -l in a terminal.
Code: Select all
$ $ sudo spkg -l clamav
clamav-0.98.4-x86_64-1_SB

The msg did not come from sourcery but instead it was an internal msg of clamav.

laprjns wrote:
jsfarinet wrote: I could correct this installing the package from slackbuild.org.
Before reinstalling, you will need to clear the working directory. In sourcery you and do this by going to the Edit menu and clicking on preferences, then select the "Working Directory" and clicck on the "Clear working directory" button.

As for how to configure clamav, I;m afraid I can;t help there,

May be, it's there, i missed something. Thanks for the hint re "working directory" !

In any case, the problem disappeared, when i used (and installed) the package from slackbuild.org (may be someone could try out, if the problem is repeatable (?) ).

Thanks in any case for helping!

jsfarinet wrote:May be, it's there, i missed something. Thanks for the hint re "working directory"

I think it might have been a problem with you installing the previous version and right after that having a version bump in SBo. If you refreshed the package cache in sourcery and reinstalled the package, you should have received the updated version as well.

jsfarinet wrote: In any case, the problem disappeared, when i used (and installed) the package from slackbuild.org (may be someone could try out, if the problem is repeatable (?) ).

Does that mean that the following problem has disappeared?

jsfarinet wrote: When clamd is started:
Code: Select all
Timeout reached while waiting for return value
Could not receive return value from daemon process

gapan wrote:. . .
Does that mean that the following problem has disappeared?
jsfarinet wrote: When clamd is started:
Code: Select all
Timeout reached while waiting for return value
Could not receive return value from daemon process

No, unfortunately not. That problem remained.

I played e a bit around the problem: When i kill all clam related processes and then, in a root terminal i do all the commands from rc.clamav by hand there is no return value error at all.

Btw, the rc.* files in rc.d on boot are run by root, correct (or is that already within the userspace?)?

jsfarinet wrote:Another question: Should the rc.clamav file be executable or not?

I'm not sure too. But let us take a pragmatic comparison with the situation in /etc/rc.d. In /etc/rc.d the Python script rc.services exists. This executes all scripts which are not blacklisted in rc.services. In my view the listed scripts have set the execute bits. Perhaps they can be called as the standard scripts. The others do not have it set. Your rc.clamav is not one of the "standard" scripts. Right?

And, the owner should be root but for the group: should it be root to or clamav?

All scripts in /etc/rc.d have ownership root:root. That should be for rc.clamav too.

First of all, thanks for the explanations (i'm pretty new to slackware)!

westms wrote:
jsfarinet wrote:Another question: Should the rc.clamav file be executable or not?
I'm not sure too. But let us take a pragmatic comparison with the situation in /etc/rc.d. In /etc/rc.d the Python script rc.services exists. This executes all scripts which are not blacklisted in rc.services. In my view the listed scripts have set the execute bits. Perhaps they can be called as the standard scripts. The others do not have it set. Your rc.clamav is not one of the "standard" scripts. Right?

My 'rc.services' looks like this (and i did not touch it at all):

Code: Select all

#!/usr/bin/env python

import os

blacklist = [ '.conf', \
		'.new', \
		'rc.0', \
		'rc.4', \
		'rc.6', \
		'rc.acpid', \
		'rc.alsa', \
		'rc.atalk', \
		'rc.autofs', \
		'rc.bind', \
		'rc.bluetooth', \
		'rc.cups', \
		'rc.dnsmasq', \
		'rc.famd', \
		'rc.firewall', \
		'rc.font', \
		'rc.fuse', \
		'rc.gpm', \
		'rc.hald', \
		'rc.httpd', \
		'rc.inet1', \
		'rc.inet2', \
		'rc.inetd', \
		'rc.ip_forward', \
		'rc.K', \
		'rc.keymap', \
		'rc.licences', \
		'rc.local', \
		'rc.loop', \
		'rc.lprng', \
		'rc.M', \
		'rc.messagebus', \
		'rc.modules', \
		'rc.mysqld', \
		'rc.networkmanager', \
		'rc.nfsd', \
		'rc.ntpd', \
		'rc.numlock', \
		'rc.openldap', \
		'rc.pcmcia', \
		'rc.rpc', \
		'rc.S', \
		'rc.samba', \
		'rc.sample', \
		'rc.saslauthd', \
		'rc.scanluns', \
		'rc.sendmail', \
		'rc.serial', \
		'rc.services', \
		'rc.shorewall', \
		'rc.snmpd', \
		'rc.sshd', \
		'rc.syslog', \
		'rc.sysvinit', \
		'rc.udev', \
		'rc.uwd', \
		'rc.wicd', \
		'rc.wireless' ]

def validscripts():
	scripts = []
	for script in os.listdir('/etc/rc.d/'):
		use = True
		for blk in blacklist:
			if blk in script:
				use = False
		if use == True:
			if os.access('/etc/rc.d/'+script, os.X_OK):
				if os.path.isfile('/etc/rc.d/'+script):
					scripts.append(script)
	return scripts

for i in validscripts():
	os.system('/usr/bin/ionice -c2 -n2 sh /etc/rc.d/'+i+' start &')

As i understand, the list of services within the square brackets are default (by default *NOT* blacklisted) correct? As i guess, all other existing scripts in rc.d which are not (positively) blacklisted are executed (?) In any case rc.clamav is not there, and it definitively came with the installation of clamav. So, i should take away the "+x" flag?

westms wrote:
And, the owner should be root but for the group: should it be root to or clamav?
All scripts in /etc/rc.d have ownership root:root. That should be for rc.clamav too.

That is correct.

I posted the same question in the clamav user mailing list and got a good answer over there. The poster suggested the error msg i was starting from ("No return value received from daemon process") could be cause by another daemon. And indeed while searching the web for that error all i found was related to the avahi daemon. Now, how can i find out *WHICH* daemon effectively is causing the error msg?

As for the problems starting X, my - unprofessional! - guess would be: Because of some timing problems between starting the daemon which does not give a return value and starting X sometimes there is a kind of "hickup" which blocks X (?)

jsfarinet wrote:First of all, thanks for the explanations (i'm pretty new to slackware)!

westms wrote:
jsfarinet wrote:Another question: Should the rc.clamav file be executable or not?
I'm not sure too. But let us take a pragmatic comparison with the situation in /etc/rc.d. In /etc/rc.d the Python script rc.services exists. This executes all scripts which are not blacklisted in rc.services. In my view the listed scripts have set the execute bits. Perhaps they can be called as the standard scripts. The others do not have it set. Your rc.clamav is not one of the "standard" scripts. Right?
As i understand, the list of services within the square brackets are default (by default *NOT* blacklisted) correct?

In other words, the black-listed scripts are not started by the script /etc/rc.d/rc.services.

As i guess, all other existing scripts in rc.d which are not (positively) blacklisted are executed (?)

Yes, if an execute bit is set.

In any case rc.clamav is not there, and it definitively came with the installation of clamav. So, i should take away the "+x" flag?

Want to get started /etc/rc.d/rc.clamav, an execute bits must be set.

... from ("No return value received from daemon process") could be cause by another daemon. And indeed while searching the web for that error all i found was related to the avahi daemon.

What is the exact message? Once you wrote:

Code: Select all

Timeout reached while waiting for return value
Could not receive return value from daemon process

But later you wrote:

Code: Select all

No return value received from daemon process

... And indeed while searching the web for that error all i found was related to the avahi daemon. Now, how can i find out *WHICH* daemon effectively is causing the error msg?

A test might be to change the working environment. Wenn /etc/rc.d/rc.services is running, the current shells are no login shells. The working environment can vary significantly. A test may be not to set the execute bits and to start the script /etc/rc.d/rc.clamav from the root login shell of the root account e.g from .bashrc (with . /etc/rc.d/rc.clamav). Does it work, then calmd is missing something otherwise.

Then go back one step and call /etc/rc.d/rc.clamav from /etc/rc.d/rc.local (with . /etc/rc.d/rc.clamav). The execute bits are not set for /etc/rc.d/rc.clamav too. /etc/rc.d/rc.services is called in /etc/rc.d/rc.M . At the end of rc.M rc.local is called. As between file systems are mounted. Maybe there is something.

As for the problems starting X, my - unprofessional! - guess would be: Because of some timing problems between starting the daemon which does not give a return value and starting X sometimes there is a kind of "hickup" which blocks X (?)

Do you know if /usr/sbin/clamd passes? What is the exit status? If /usr/bin/freshclam was running, what is the exit status? You can insert a line echo status is $? directly after each call to get the exit status displayed. There is more that can be tried.

When you built it, did you run

$ ./configure --enable-check
$ make
$ make check

Did you read the chapters (at least)
3.3 Adding new system user and group
3.6 Running unit tests
from clamav-0.98.5/doc/clamdoc.pdf

Did you add a real user?

westms wrote: Do you know if /usr/sbin/clamd passes?

First of all: Thanks a lot for your patience. To answer the most important point:

clamd and freshclamd pass and work. The error sits elsewhere. So as far as it goes for clamav the problem should be considered as irrelevant respectively as solved.

Reading /var/log/messages i found this:

Code: Select all

Jan  5 10:52:26 darkstar avahi-dnsconfd[10791]: Failed to connect to the daemon. This probably means that you
Jan  5 10:52:26 darkstar avahi-dnsconfd[10791]: didn't start avahi-daemon before avahi-dnsconfd.

I think it's better to open a new thread on this ...

PS. I never touched avahi and i'm even not so sure if and wherefor it should be used.

If the execution bit is set it one of the rc.* scripts, then it's started when system boots.

Try disabling the avahi service. You installed it as a dependency of something else, as it wasn't installed by default.

Salix Forums

clamav configuration problems

clamav configuration problems

Re: clamav configuration problems

Re: clamav configuration problems

Re: clamav configuration problems

Re: clamav configuration problems

Re: clamav configuration problems

Re: clamav configuration problems

Re: clamav configuration problems

Re: clamav configuration problems

Re: clamav configuration problems