So this was one of the weeks where I learned Linux configuration the hard way. I simply thought of getting my virtual server up to the most recent version. It was/is running a Debian 3.1 (Sarge), I guess. You’ll probably realize by now that I know a lot about my server…
Anyway, I simply ran
which brought about 20+ packages to the most recent version. Including exim, my mail agent, and clamav, a virus-scanner that runs with mail agents. I guess because of a version change in either exim, or clamav, or both I was asked to do so configuration stuff which I followed to my best knowledge and guess. However, I ended up with bouncing mails to my server. After a while, I found out that clamav got a version change, but the configuration on the system didn’t go with it. The exim4 logfile /var/log/exim4/paniclog kept telling me
malware acl condition: clamd: unable to connect to UNIX socket /var/run/clamav/clamd.ctl (Connection refused) While exim4 was already properly calling clamav, clamav refused to answer.
A little bit of search with that phrase revealed the following page http://koivi.com/exim4-config/ which was quite instructive to me to some degree. There was a problem with the access privileges to the clamav runtime files from exim4. So gave some privileges:
adduser clamav Debian-exim
which was already done before. I then checked that /etc/clamav/clamd.conf contains a line that reads:
Done. Then I gave permissions for the /var/run/clamav directory to allow for the correct user to use it:
chown Debian-exim.Debian-exim /var/run/clamav
Since /var/run/clamav/ contained a file freshclam.pid I also ran
chown Debian-exim.Debian-exim /var/run/clamav/freshclam.pid
Now a restart with
gave me an error that AllowSupplementaryGroups in /etc/clamav/clamd.conf requires a BOOL value. Luckily Ping! from the ClarkConnect Forums pointed out that
In my /etc/clamd.conf file, there was an error in every line that required a BOOL value. I had to add “yes” or “1” to the followin options to get the clamd to succeed
I did that to each line of /etc/clamav/clamd.conf that had no argument next to it and the
succeeded. However, I still got bouncing mails and /var/run/clamav/clamd.ctl was still missing. It appears that clamav and exim4 just need the existence of that file, no specific content, plus proper access rights. A
chown Debian-exim.Debian-exim /var/run/clamav/clamd.ctl
did the trick. Thanks to aioshin.
update Well… that didn’t help… therefore I did it the hard way:
apt-get --purge remove clamav clamav-base clamav-daemon clamav-freshclam libclamav1
apt-get -t sarge install clamav clamav-daemon
adduser clamav Debian-exim
Thanks to D.J.Fan. After the apt install, I told the setup to take the package maintainer’s version of the configuration file. A choice I made wrong earlier… grrr.