Clamdscan Error 2
Contents |
From: "John Fleming"
Clamdscan Lstat() Failed: Permission Denied. Error
the following header added to ALL emails: > > X-Virus-Status: Failed > X-Virus-Report: /usr/bin/clamdscan error 2 clamdscan permission denied > > I deleted my clamav log and restarted clamav. The new log starts out as > usual, but the first email to
Clamdscan Access Denied Error
come in results in the ERROR lines at the > bottom. I don't know what's going on here, i.e. whether this is something I > should be able to diagnose and treat, or whether there is a problem clamscan vs clamdscan with the > Debian package, and I should just wait for it to get fixed. Anyone else > seeing this and/or have any ideas? Thanks - John > > root@Luke:/var/log/clamav# cat clamav.log > Sun Jul 18 21:57:27 2004 -> +++ Started at Sun Jul 18 21:57:27 2004 > Sun Jul 18 21:57:27 2004 -> clamd daemon 0.74 (OS: linux-gnu, ARCH: i386, > CPU: i386) > Sun Jul 18 21:57:27 2004 -> Log file size limit disabled. > Sun error: could not lookup : servname not supported for ai_socktype Jul 18 21:57:27 2004 -> Running as user clamav (UID 114, GID 114) > Sun Jul 18 21:57:27 2004 -> Reading databases from /var/lib/clamav/ > Sun Jul 18 21:57:28 2004 -> Protecting against 22797 viruses. > Sun Jul 18 21:57:28 2004 -> Unix socket file /var/run/clamav/clamd.ctl > Sun Jul 18 21:57:28 2004 -> Setting connection queue length to 15 > Sun Jul 18 21:57:28 2004 -> Archive: Archived file size limit set to > 10485760 bytes. > Sun Jul 18 21:57:28 2004 -> Archive: Recursion level limit set to 5. > Sun Jul 18 21:57:28 2004 -> Archive: Files limit set to 1000. > Sun Jul 18 21:57:28 2004 -> WARNING: USING HARDCODED LIMIT: Archive: > Compression ratio limit set to 200. > Sun Jul 18 21:57:28 2004 -> Archive support enabled. > Sun Jul 18 21:57:28 2004 -> RAR support disabled. > Sun Jul 18 21:57:28 2004 -> Mail files support enabled. > Sun Jul 18 21:57:28 2004 -> OLE2 support disabled. > Sun Jul 18 21:57:28 2004 -> Self checking every 3600 seconds. > Sun Jul 18 22:00:52 2004 -> ERROR: ScanStream: accept timeout. > Sun Jul 18 22:02:00 2004 -> ERROR: ScanStream: accept timeout. > Sun Jul 18 22:02:27 2004 -> ERROR: ScanStream: accept timeout. > Sun Jul 18 22:06:01 2004 -> ERROR: ScanStream: accept timeout. > Sun Jul 18 22:06:36 2004 -> ERROR: ScanStream: accept tim
connections all over the world. Join today Download & Extend Drupal Core Distributions Modules Themes ClamAVIssues clanscan return codes no longer provide details of errors Closed (fixed)Project:ClamAVVersion:7.x-1.0-alpha2Component:CodePriority:NormalCategory:Bug reportAssigned:UnassignedReporter:mcdruidCreated:February 26, 2015 - 11:03Updated:July 7, 2015
Clamav
- 10:24 Log in or register to update this issue Jump to:Most recent comment Most recent attachment It looks like the executable mode code was written when clamscan used to provide rich information about errors in its return codes: /** * clamscan return values (documented from man clamscan) * 0 : No virus found. * 1 : Virus(es) found. * 40: Unknown option passed. * 50: Database initialization error. * 52: https://lists.debian.org/debian-user/2004/07/msg02799.html Not supported file type. * 53: Can't open directory. * 54: Can't open file. (ofm) * 55: Error reading file. (ofm) * 56: Can't stat input file / directory. * 57: Can't get absolute path name of current working directory. * 58: I/O error, please check your file system. * 62: Can't initialize logger. * 63: Can't create temporary files/directories (check permissions). * 64: Can't write to temporary directory (please https://www.drupal.org/node/2441575 specify another one). * 70: Can't allocate memory (calloc). * 71: Can't allocate memory (malloc). */ ...the switch/case based on the return code from the executable is based on the return code being something like the above. However, it looks like clamscan changed the way it reports errors some time ago: Looking at the source code for the clamav project itself, the detailed error messages were present in the man page in release 0.95 (from 2009): https://github.com/vrtadmin/clamav-devel/blob/clamav-0.95/docs/man/clams... ...but they were replaced by the catch-all return code 2 in the next release 0.96 (from 2010): https://github.com/vrtadmin/clamav-devel/blob/clamav-0.96/docs/man/clams... The man page now just says this: RETURN CODES 0 : No virus found. 1 : Virus(es) found. 2 : Some error(s) occured. Therefore when something goes wrong, the module typically records very little information e.g. Clamscan reported: [2] - unknown error The actual output from clamscan is discarded and only the return code is logged: // exec: // The lines of text output by clamscan are assigned as an array to $output // The actual result of clamscan is assigned to $result: // 0 = clean // 1 = infected // x = unchecked exec($cmd, $output, $result); // ...snip... watchdog('clamav', 'Uploaded file %filename could not be scanned. Clamscan reported: [@error_code] - @error_description', array('%filename' =>
headers report X-Virus-Status: Failed X-Virus-Report: /home/admispconfig/ispconfig/tools/clamav/bin/clamdscan error 2 X-Virus-Checker-Version: clamassassin https://www.howtoforge.com/community/threads/clamdscan-convertion-and-errors.46411/ 1.2.4 with clamdscan / ERROR: Can't connect to clamd: Permission denied ClamAV 0.96.1Click to expand... and the listing look like [emailprotected]:/usr/bin# ll /home/admispconfig/ispconfig/tools/clamav/sbin/clamd -rwxr-xr-x 1 admispconfig admispconfig 326580 2010-05-29 13:25 /home/admispconfig/ispconfig/tools/clamav/sbin/clamd* [emailprotected]:/usr/bin# ll /home/admispconfig/ispconfig/tools/clamav/bin/clamdscan -rwxr-xr-x 1 admispconfig admispconfig 270211 2010-05-29 13:25 /home/admispconfig/ispconfig/tools/clamav/bin/clamdscan*Click to expand... I start the daemon with [emailprotected]:~# permission denied cat /etc/init.d/clamav-daemon #! /bin/sh # Written by Miquel van Smoorenburg <[emailprotected]>. # Modified for Debian GNU/Linux # by Ian Murdock <[emailprotected]>. # Clamav version by Magnus Ekdahl <[emailprotected]> # Heavily reworked by Stephen Gran <[emailprotected]> # ### BEGIN INIT INFO # Provides: clamav-daemon # Required-Start: $syslog # Should-Start: # Required-Stop: # clamdscan error 2 Should-Stop: # Default-Start: 2 3 4 5 # Default-Stop: 0 6 # Short-Description: ClamAV daemon # Description: Clam AntiVirus userspace daemon ### END INIT INFO #. /etc/clamav/clamav-base.init PATH=/sbin:/bin:/usr/sbin:/usr/bin # DAEMON=/usr/sbin/clamd DAEMON=/home/admispconfig/ispconfig/tools/clamav/sbin/clamd NAME="clamd" DESC="ClamAV daemon" #CLAMAVCONF=/etc/clamav/clamd.conf CLAMAVCONF=/home/admispconfig/ispconfig/tools/clamav/etc/clamd.conf SUPERVISOR=/usr/bin/daemon SUPERVISORNAME=daemon SUPERVISORPIDFILE="/var/run/clamav/daemon-clamd.pid" SUPERVISORARGS="--name=$NAME --respawn $DAEMON -F $SUPERVISORPIDFILE" SUPERVISORPIDDIR="$(dirname $SUPERVISORPIDFILE)" CLAMUSER="$(grep "^User" ${CLAMAVCONF} | awk '{print $2}')" CLAMSOCKETDIR="$(dirname $(grep "^LocalSocket" ${CLAMAVCONF} | awk '{print $2}'))" [ -x "$DAEMON" ] || exit 0 [ -r /etc/default/clamav-daemon ] && . /etc/default/clamav-daemon . /lib/lsb/init-functions if [ ! -f "$CLAMAVCONF" ]; then log_failure_msg "There is no configuration file for Clamav." log_failure_msg "Please either dpkg-reconfigure $DESC, or copy the example from" log_failure_msg "/usr/share/doc/clamav-base/examples/ to $CLAMAVCONF and run" log_failure_msg "'/etc/init.d/clamav-daemon start'" exit 1; fi if grep -q "^Example" $CLAMAVCONF; then log_failure_msg "Clamav is not configured." log_failure_msg "Please edit $CLAMAVCONF and run '/etc/init.d/clamav-daemon start'" exit 0 fi if egrep -qi "^Foreground[[:space:]]*(yes|true|1)" $CLAMAVCONF; then if [ ! -x "$SUPERVISOR" ] ; then