centos 6.4 amavis-new,clamav 无法运行

centos 6.4 amavis-new,clamav 无法运行

我在 centos 6.4 上安装了 amavis-new 和 clamav

/etc/clamd.d/amavisd

# cat amavisd.conf
# Use system logger.
LogSyslog yes

# Specify the type of syslog messages - please refer to 'man syslog'
# for facility names.
LogFacility LOG_MAIL

# This option allows you to save a process identifier of the listening
# daemon (main thread).
PidFile /var/run/amavisd/clamd.pid

# Remove stale socket after unclean shutdown.
# Default: disabled
FixStaleSocket yes

# Run as a selected user (clamd must be started by root).
User amavis

# Path to a local socket file the daemon will listen on.
LocalSocket /var/spool/amavisd/clamd.sock

/etc/amavisd/amavisd.conf

['ClamAV-clamd',
  \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
  qr/\bOK$/, qr/\bFOUND$/,
  qr/^.*?: (?!Infected Archive)(.*) FOUND$/ ],

但是如果我在 /var/log/maillog 中使用 viru 进行测试,我会看到

Jul 16 09:46:24 server postfix/qmgr[15064]: 36F0A19F5: from=<[email protected]>, size=407, nrcpt=1 (queue active)
Jul 16 09:46:24 server amavis[16208]: (16208-01) (!)connect to /var/spool/amavisd/clamd.sock failed, attempt #1: Can't connect to UNIX socket /var/spool/amavisd/clamd.sock: 2
Jul 16 09:46:25 server amavis[16208]: (16208-01) (!)connect to /var/spool/amavisd/clamd.sock failed, attempt #1: Can't connect to UNIX socket /var/spool/amavisd/clamd.sock: No such file or directory
Jul 16 09:46:25 server amavis[16208]: (16208-01) (!)ClamAV-clamd: All attempts (1) failed connecting to /var/spool/amavisd/clamd.sock, retrying (2)
Jul 16 09:46:31 server amavis[16208]: (16208-01) (!)connect to /var/spool/amavisd/clamd.sock failed, attempt #1: Can't connect to UNIX socket /var/spool/amavisd/clamd.sock: No such file or directory
Jul 16 09:46:31 server amavis[16208]: (16208-01) (!)ClamAV-clamd av-scanner FAILED: run_av error: Too many retries to talk to /var/spool/amavisd/clamd.sock (All attempts (1) failed connecting to /var/spool/amavisd/clamd.sock) at (eval 113) line 600.\n
Jul 16 09:46:31 server amavis[16208]: (16208-01) (!)WARN: all primary virus scanners failed, considering backups
Jul 16 09:46:36 server amavis[16208]: (16208-01) Blocked INFECTED (Eicar-Test-Signature) {DiscardedInbound,Quarantined}, <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: yDd_Z6Hv2PEK, Hits: -, size: 407, 12624 ms
Jul 16 09:46:36 server postfix/lmtp[16336]: 36F0A19F5: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=13, delays=0.11/0/0/13, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=16208-01 - INFECTED: Eicar-Test-Signature)
Jul 16 09:46:36 server postfix/qmgr[15064]: 36F0A19F5: removed

clamd 正在运行,但在 /var/spool/amavisd 中没有 clamd.sock

 ps ax | grep clam
16509 ?        Ssl    0:00 clamd
16517 pts/2    S+     0:00 grep clam




# ls /var/spool/amavisd/
amavisd.sock  db  quarantine  tmp

答案1

答案是这样的:LocalSocket /var/spool/amavisd/clamd.sock不等于这个:["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],,您需要决定要使用哪一个,然后将两个程序都设置为使用它。

答案2

一开始没有clamd.sock 复制代码文件里面/var/spool/amavisd/目录。如果您更改本地套接字 /var/spool/amavisd/clamd.sock或者["CONTSCAN {}\n","/var/run/clamav/clamd.sock"]如上回答会出现错误,

[root@hostname ~]# /etc/init.d/clamd.amavisd restart
Starting clamd.amavisd: ERROR: LOCAL: Socket file /var/run/clamav/clamd.sock is in use by another process.
                                                           [FAILED]
[root@hostname ~]#

无需像上面那样更改。我遇到了同样的问题。所以我只需启动 clamd.amavisd 服务即可。然后它就可以正常工作了。问题是我们没有启动clamd.amavisd 服务我们只启动 clamd 服务。

[root@hostname ~]# /etc/init.d/clamd.amavisd start
Starting clamd.amavisd:                                    [  OK  ]
[root@hostname ~]#

然后它将在 /var/spool/amavisd/ 内自动创建 clamd.sock 文件。

答案3

无需像上面那样更改。我遇到了同样的问题。所以我只需启动 clamd.amavisd 服务即可。然后它就可以正常工作。问题是我们没有启动 clamd.amavisd 服务,我们只启动了 clamd 服务。

[root@hostname ~]# /etc/init.d/clamd.amavisd start
Starting clamd.amavisd:                                    [  OK  ]
[root@hostname ~]#

然后它将在 /var/spool/amavisd/ 内自动创建 clamd.sock 文件。

不,不行——如果你这样做,你会收到权限被拒绝的错误。

相关内容