Package: clamav-daemon
Version: 0.101.4+dfsg-0+deb8u1
Severity: normal
Dear Maintainer,
I've just upgraded ClamAV on jessie, but clamav does not restart. On log i
get:
Oct 11 09:02:40 ibrsamba clamd[28918]: Fri Oct 11 09:02:40 2019 -> !LOCAL:
Socket file /var/run/clamav/clamd.ctl could not be bound: Permission denied
Oct 11 09:02:40 ibrsamba systemd[1]: clamav-daemon.service: Main process
exited, code=exited, status=1/FAILURE
Oct 11 09:02:40 ibrsamba systemd[1]: clamav-daemon.service: Unit entered
failed state.
Oct 11 09:02:40 ibrsamba systemd[1]: clamav-daemon.service: Failed with
result 'exit-code'.
Looking at clamav run folder:
ibrsamba:~# ls -la /var/run/clamav/
totale 0
drwxr-xr-x 2 root root 40 ott 11 09:01 .
drwxr-xr-x 33 root root 1060 set 13 12:14 ..
doing simply:
chown clamav /var/run/clamav
permit me to correctly restart clamav. Now:
ibrsamba:~# ls -la /var/run/clamav/
totale 0
drwxr-xr-x 2 clamav root 60 ott 11 12:57 .
drwxr-xr-x 33 root root 1060 set 13 12:14 ..
srw-rw-rw- 1 clamav clamav 0 ott 11 12:57 clamd.ctl
Thanks.
-- Package-specific info:
--- configuration ---
Checking configuration files in /etc/clamav
Config file: clamd.conf
-----------------------
AlertExceedsMax disabled
PreludeEnable disabled
PreludeAnalyzerName = "ClamAV"
LogFile = "/var/log/clamav/clamav.log"
LogFileUnlock disabled
LogFileMaxSize = "4294967295"
LogTime = "yes"
LogClean disabled
LogSyslog = "yes"
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate = "yes"
ExtendedDetectionInfo = "yes"
PidFile disabled
TemporaryDirectory disabled
DatabaseDirectory = "/var/lib/clamav"
OfficialDatabaseOnly disabled
LocalSocket = "/var/run/clamav/clamd.ctl"
LocalSocketGroup = "clamav"
LocalSocketMode = "666"
FixStaleSocket = "yes"
TCPSocket disabled
TCPAddr disabled
MaxConnectionQueueLength = "15"
StreamMaxLength = "26214400"
StreamMinPort = "1024"
StreamMaxPort = "2048"
MaxThreads = "12"
ReadTimeout = "180"
CommandReadTimeout = "5"
SendBufTimeout = "200"
MaxQueue = "100"
IdleTimeout = "30"
ExcludePath disabled
MaxDirectoryRecursion = "15"
FollowDirectorySymlinks disabled
FollowFileSymlinks disabled
CrossFilesystems = "yes"
SelfCheck = "3600"
DisableCache disabled
VirusEvent disabled
ExitOnOOM disabled
AllowAllMatchScan = "yes"
Foreground disabled
Debug disabled
LeaveTemporaryFiles disabled
User = "clamav"
Bytecode = "yes"
BytecodeSecurity = "TrustSigned"
BytecodeTimeout = "60000"
BytecodeUnsigned disabled
BytecodeMode = "Auto"
DetectPUA disabled
ExcludePUA disabled
IncludePUA disabled
ScanPE = "yes"
ScanELF = "yes"
ScanMail = "yes"
ScanPartialMessages disabled
PhishingSignatures = "yes"
PhishingScanURLs = "yes"
HeuristicAlerts = "yes"
HeuristicScanPrecedence disabled
StructuredDataDetection disabled
StructuredMinCreditCardCount = "3"
StructuredMinSSNCount = "3"
StructuredSSNFormatNormal = "yes"
StructuredSSNFormatStripped disabled
ScanHTML = "yes"
ScanOLE2 = "yes"
AlertBrokenExecutables disabled
AlertEncrypted disabled
AlertEncryptedArchive disabled
AlertEncryptedDoc disabled
AlertOLE2Macros disabled
AlertPhishingSSLMismatch disabled
AlertPhishingCloak disabled
AlertPartitionIntersection disabled
ScanPDF = "yes"
ScanSWF = "yes"
ScanXMLDOCS = "yes"
ScanHWP3 = "yes"
ScanArchive = "yes"
ForceToDisk disabled
MaxScanTime = "120000"
MaxScanSize = "104857600"
MaxFileSize = "26214400"
MaxRecursion = "16"
MaxFiles = "10000"
MaxEmbeddedPE = "10485760"
MaxHTMLNormalize = "10485760"
MaxHTMLNoTags = "2097152"
MaxScriptNormalize = "5242880"
MaxZipTypeRcg = "1048576"
MaxPartitions = "50"
MaxIconsPE = "100"
MaxRecHWP3 = "16"
PCREMatchLimit = "10000"
PCRERecMatchLimit = "5000"
PCREMaxFileSize = "26214400"
ScanOnAccess disabled
OnAccessMountPath disabled
OnAccessIncludePath disabled
OnAccessExcludePath disabled
OnAccessExcludeRootUID disabled
OnAccessExcludeUID disabled
OnAccessMaxFileSize = "5242880"
OnAccessDisableDDD disabled
OnAccessPrevention disabled
OnAccessExtraScanning disabled
DevACOnly disabled
DevACDepth disabled
DevPerformance disabled
DevLiblog disabled
DisableCertCheck disabled
AlgorithmicDetection = "yes"
BlockMax disabled
PhishingAlwaysBlockSSLMismatch disabled
PhishingAlwaysBlockCloak disabled
PartitionIntersection disabled
OLE2BlockMacros disabled
ArchiveBlockEncrypted disabled
Config file: freshclam.conf
---------------------------
LogFileMaxSize = "4294967295"
LogTime = "yes"
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate = "yes"
PidFile disabled
DatabaseDirectory = "/var/lib/clamav"
Foreground disabled
Debug disabled
UpdateLogFile = "/var/log/clamav/freshclam.log"
DatabaseOwner = "clamav"
Checks = "24"
DNSDatabaseInfo = "current.cvd.clamav.net"
DatabaseMirror = "db.local.clamav.net", "database.clamav.net"
PrivateMirror disabled
MaxAttempts = "5"
ScriptedUpdates = "yes"
TestDatabases = "yes"
CompressLocalDatabase disabled
ExtraDatabase disabled
DatabaseCustomURL disabled
HTTPProxyServer disabled
HTTPProxyPort disabled
HTTPProxyUsername disabled
HTTPProxyPassword disabled
HTTPUserAgent disabled
NotifyClamd = "/etc/clamav/clamd.conf"
OnUpdateExecute disabled
OnErrorExecute disabled
OnOutdatedExecute disabled
LocalIPAddress disabled
ConnectTimeout = "30"
ReceiveTimeout = "30"
SafeBrowsing disabled
Bytecode = "yes"
clamav-milter.conf not found
Software settings
-----------------
Version: 0.101.4
Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2
LIBXML2 PCRE ICONV JSON JIT
Database information
--------------------
Database directory: /var/lib/clamav
[3rd Party] bofhland_malware_URL.ndb: 6 sigs
[3rd Party] rogue.hdb: 4981 sigs
[3rd Party] junk.ndb: 58248 sigs
[3rd Party] spamattach.hdb: 14 sigs
[3rd Party] foxhole_filename.cdb: 2569 sigs
[3rd Party] jurlbl.ndb: 14108 sigs
daily.cld: version 25599, sigs: 1911653, built on Fri Oct 11 10:48:23 2019
[3rd Party] spamimg.hdb: 196 sigs
[3rd Party] malwarehash.hsb: 771 sigs
[3rd Party] sanesecurity.ftm: 170 sigs
[3rd Party] bofhland_cracked_URL.ndb: 28 sigs
main.cld: version 58, sigs: 4566249, built on Wed Jun 7 23:38:10 2017
[3rd Party] blurl.ndb: 22274 sigs
[3rd Party] scam.ndb: 12593 sigs
[3rd Party] phish.ndb: 27800 sigs
[3rd Party] doppelstern.hdb: 1 sig
[3rd Party] crdfam.clamav.hdb: 1 sig
[3rd Party] bofhland_phishing_URL.ndb: 52 sigs
[3rd Party] porcupine.ndb: 5862 sigs
[3rd Party] bofhland_malware_attach.hdb: 1836 sigs
[3rd Party] winnow_malware.hdb: 293 sigs
[3rd Party] foxhole_generic.cdb: 211 sigs
[3rd Party] phishtank.ndb: 10472 sigs
[3rd Party] winnow_bad_cw.hdb: 1 sig
[3rd Party] winnow_extended_malware.hdb: 245 sigs
[3rd Party] winnow.attachments.hdb: 182 sigs
[3rd Party] porcupine.hsb: 862 sigs
bytecode.cld: version 331, sigs: 94, built on Thu Sep 19 18:12:33 2019
[3rd Party] winnow_malware_links.ndb: 135 sigs
[3rd Party] hackingteam.hsb: 435 sigs
Total number of signatures: 6642342
Platform information
--------------------
uname: Linux 3.16.0-9-amd64 #1 SMP Debian 3.16.68-2 (2019-06-17) x86_64
OS: linux-gnu, ARCH: x86_64, CPU: x86_64
Full OS version: Debian GNU/Linux 8.11 (jessie)
zlib version: 1.2.8 (1.2.8), compile flags: a9
Triple: x86_64-pc-linux-gnu
CPU: corei7, Little-endian
platform id: 0x0a2169690804090201040902
Build information
-----------------
GNU C: 4.9.2 (4.9.2)
GNU C++: 4.9.2 (4.9.2)
CPPFLAGS: -D_FORTIFY_SOURCE=2
CFLAGS: -g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security
-Wall -D_FILE_OFFSET_BITS=64 -fno-strict-aliasing -D_LARGEFILE_SOURCE
-D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
CXXFLAGS: -g -O2 -fPIE -fstack-protector-strong -Wformat
-Werror=format-security -Wall -D_FILE_OFFSET_BITS=64
LDFLAGS: -fPIE -pie -Wl,-z,relro -Wl,-z,now -Wl,--as-needed
Configure: '--build=x86_64-linux-gnu' '--prefix=/usr'
'--includedir=/usr/include' '--mandir=/usr/share/man'
'--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var'
'--libexecdir=/usr/lib/clamav' '--disable-maintainer-mode'
'--disable-dependency-tracking' 'CFLAGS=-g -O2 -fPIE -fstack-protector-strong
-Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64'
'CPPFLAGS=-D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fPIE -fstack-protector-strong
-Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'LDFLAGS=-fPIE
-pie -Wl,-z,relro -Wl,-z,now -Wl,--as-needed' '--with-dbdir=/var/lib/clamav'
'--sysconfdir=/etc/clamav' '--disable-clamav' '--disable-unrar'
'--enable-milter' '--enable-dns-fix' '--with-libjson' '--with-system-libmspack'
'--with-libcurl=/usr' '--with-gnu-ld' '-with-system-llvm=/usr/bin/llvm-config'
'--with-llvm-linking=dynamic' '--with-systemdsystemunitdir=/lib/systemd/system'
'build_alias=x86_64-linux-gnu'
sizeof(void*) = 8
Engine flevel: 105, dconf: 105
--- data dir ---
total 474992
-rw-r--r-- 1 clamav clamav 3315980 Oct 11 13:11 blurl.ndb
-rw-r--r-- 1 clamav clamav 2440 Oct 10 09:02 bofhland_cracked_URL.ndb
-rw-r--r-- 1 clamav clamav 1140 Oct 11 00:03 bofhland_malware_URL.ndb
-rw-r--r-- 1 clamav clamav 106247 Apr 3 2019 bofhland_malware_attach.hdb
-rw-r--r-- 1 clamav clamav 7396 Oct 11 00:03 bofhland_phishing_URL.ndb
-rw-r--r-- 1 clamav clamav 1458176 Sep 19 18:52 bytecode.cld
-rw-r--r-- 1 clamav clamav 82 Jul 13 2016 crdfam.clamav.hdb
-rw-r--r-- 1 clamav clamav 155617280 Oct 11 11:45 daily.cld
-rw-r--r-- 1 clamav clamav 65 Jul 26 2013 doppelstern.hdb
-rw-r--r-- 1 clamav clamav 222684 Sep 24 12:14 foxhole_filename.cdb
-rw-r--r-- 1 clamav clamav 51613 Mar 26 2018 foxhole_generic.cdb
-rw-r--r-- 1 clamav clamav 48176 Aug 5 2015 hackingteam.hsb
-rw-r--r-- 1 clamav clamav 7291156 Oct 11 10:12 junk.ndb
-rw-r--r-- 1 clamav clamav 1700610 Oct 11 13:11 jurlbl.ndb
-rw-r--r-- 1 clamav clamav 307499008 Jun 8 2017 main.cld
-rw-r--r-- 1 clamav clamav 73808 Jun 29 2017 malwarehash.hsb
-rw------- 1 clamav clamav 128 Oct 11 13:48 mirrors.dat
-rw-r--r-- 1 clamav clamav 4104196 Oct 11 10:12 phish.ndb
-rw-r--r-- 1 clamav clamav 1626364 Oct 11 13:00 phishtank.ndb
-rw-r--r-- 1 clamav clamav 67467 Oct 11 13:00 porcupine.hsb
-rw-r--r-- 1 clamav clamav 576127 Oct 11 06:00 porcupine.ndb
-rw-r--r-- 1 clamav clamav 543559 Oct 11 13:11 rogue.hdb
-rw-r--r-- 1 clamav clamav 11098 Oct 18 2016 sanesecurity.ftm
-rw-r--r-- 1 clamav clamav 1908481 Oct 11 10:12 scam.ndb
-rw-r--r-- 1 clamav clamav 736 Jun 4 12:09 sigwhitelist.ign2
-rw-r--r-- 1 clamav clamav 1391 Apr 28 2017 spamattach.hdb
-rw-r--r-- 1 clamav clamav 18825 Oct 3 09:12 spamimg.hdb
-rw-r--r-- 1 clamav clamav 14825 Jul 16 2018 winnow.attachments.hdb
-rw-r--r-- 1 clamav clamav 66 Sep 23 2015 winnow_bad_cw.hdb
-rw-r--r-- 1 clamav clamav 16271 Feb 26 2018 winnow_extended_malware.hdb
-rw-r--r-- 1 clamav clamav 18189 Mar 5 2018 winnow_malware.hdb
-rw-r--r-- 1 clamav clamav 14961 Nov 14 2018 winnow_malware_links.ndb
-- System Information:
Debian Release: 8.11
APT prefers oldoldstable
APT policy: (500, 'oldoldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-9-amd64 (SMP w/4 CPU cores)
Locale: LANG=it_IT.UTF-8, LC_CTYPE=it_IT.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages clamav-daemon depends on:
ii adduser 3.113+nmu3
ii clamav-base 0.101.4+dfsg-0+deb8u1
ii clamav-freshclam [clamav-data] 0.101.4+dfsg-0+deb8u1
ii debconf [debconf-2.0] 1.5.56+deb8u1
ii dpkg 1.17.27
ii init-system-helpers 1.22
ii libc6 2.19-18+deb8u10
ii libclamav9 0.101.4+dfsg-0+deb8u1
ii libncurses5 5.9+20140913-1+deb8u3
ii libssl1.0.0 1.0.1t-1+deb8u12
ii libsystemd0 215-17+deb8u13
ii libtinfo5 5.9+20140913-1+deb8u3
ii lsb-base 4.1+Debian13+nmu1
ii procps 2:3.3.9-9+deb8u1
ii ucf 3.0030
ii zlib1g 1:1.2.8.dfsg-2+b1
Versions of packages clamav-daemon recommends:
ii clamdscan 0.101.4+dfsg-0+deb8u1
Versions of packages clamav-daemon suggests:
pn apparmor <none>
pn clamav-docs <none>
pn daemon <none>
-- debconf information:
* clamav-daemon/StatsEnabled: false
* clamav-daemon/LogSyslog: true
clamav-daemon/FollowDirectorySymlinks: false
* clamav-daemon/LocalSocketMode: 666
* clamav-daemon/ScanOnAccess: false
clamav-daemon/TCPSocket: 3310
* clamav-daemon/LogTime: true
* clamav-daemon/ScanSWF: true
* clamav-daemon/LogRotate: true
* clamav-daemon/User: clamav
* clamav-daemon/StatsTimeout: 10
* clamav-daemon/MaxEmbeddedPE: 10M
* clamav-daemon/LocalSocketGroup: clamav
* clamav-daemon/BytecodeSecurity: TrustSigned
* clamav-daemon/debconf: true
* clamav-daemon/TcpOrLocal: UNIX
* clamav-daemon/MaxDirectoryRecursion: 15
clamav-daemon/TCPAddr: any
* clamav-daemon/StatsHostID: auto
* clamav-daemon/MaxHTMLNoTags: 2M
* clamav-daemon/MaxZipTypeRcg: 1M
* clamav-daemon/AddGroups: Debian-exim c-icap
* clamav-daemon/ScanMail: true
* clamav-daemon/AllowAllMatchScan: true
* clamav-daemon/StreamMaxLength: 25
* clamav-daemon/DisableCertCheck: false
* clamav-daemon/ScanArchive: true
* clamav-daemon/LocalSocket: /var/run/clamav/clamd.ctl
* clamav-daemon/MaxThreads: 12
* clamav-daemon/BytecodeTimeout: 60000
* clamav-daemon/ForceToDisk: false
* clamav-daemon/StatsPEDisabled: true
* clamav-daemon/FollowFileSymlinks: false
* clamav-daemon/OnAccessMaxFileSize: 5M
* clamav-daemon/SelfCheck: 3600
* clamav-daemon/FixStaleSocket: true
* clamav-daemon/ReadTimeout: 180
* clamav-daemon/MaxHTMLNormalize: 10M
* clamav-daemon/MaxConnectionQueueLength: 15
* clamav-daemon/LogFile: /var/log/clamav/clamav.log
* clamav-daemon/Bytecode: true
* clamav-daemon/MaxScriptNormalize: 5M
