ConfigServer Community Forum

Hi,

Since earlier I have been gettin an email every 5 minutes (over 200 so far) saying:

clamav failed @ Sun May 17 02:21:50 2009. A restart was attempted automagically.
Service Check Method: [check command]

When I go to MSFE in WHM it tells me :

A new version of ClamAV (Current:v New:v0.95.1) is available

When I click on "Upgrade ClamAV" I get the following response:

checking for ctime_r... yes, and it takes 2 arguments
checking for socklen_t... yes
checking for clamav in /etc/passwd... no
configure: error: User clamav (and/or group clamav) doesn't exist. Please read the documentation !
make: *** No targets specified and no makefile found. Stop.
make: *** No rule to make target `install'. Stop.
sh: /usr/local/bin/freshclam: No such file or directory

Tidying up...

Shutting down MailScanner daemons:
MailScanner:[ OK ]
Waiting for MailScanner to stop..
Starting MailScanner daemons:
MailScanner: [ OK ]

...All done.

Now obviously it means I need to create a user for clamav - but how exactly must I do this? And why does it suddenly need a user? I've never had to do this before.

PS - Did check mail logs and no errors relating to clamav there.

Thanks

Hi Michael,

There certainly should already be a clamav user and group if you were successfully running clamav previously. If it doesn't exist, then someone must have deleted it.

To create the required user and group, in SSH as root:
Then retry the clamav update in MSFE. If that doesn't fix it:

* Have you checked that the /tmp partition is not full?
* What OS and version of cPanel are you running?
* Are you running the latest version of MailScanner and MSFE?

Regards,
Sarah

ok that fixed it - strange, i am the only one with ssh access.

sorry - scratch that. that fixed the update problem, the install worked now.

i am still getting the same clamav error email though.

if i tail /var/log/maillog i get:

May 17 13:56:14 de MailScanner[5687]: New Batch: Forwarding 1 unscanned messages, 881 bytes
May 17 13:56:14 de MailScanner[5687]: Unscanned: Delivered 1 messages
May 17 13:56:14 de MailScanner[5687]: Virus and Content Scanning: Starting
May 17 13:56:14 de MailScanner[7897]: Cannot find Socket (/tmp/clamd.socket) Exiting!
May 17 13:56:14 de MailScanner[5687]: Deleted 1 messages from processing-database
May 17 13:56:14 de MailScanner[5687]: Logging message 1M5eyU-00023F-6L to SQL
May 17 13:56:14 de MailScanner[7700]: 1M5eyU-00023F-6L: Logged to MailWatch SQL

i am running centos 5.3 x86_64, cPanel 11.24.4-R36167 - WHM 11.24.2 - X 3.9, MailScanner - v4.76.24, ConfigServer MailScanner Script - v2.74, ClamAV - v0.95.1, MailScanner Front-End - v4.28

PS- /tmp is only 3% used

Try the steps in this post to see if it's the filesize issue:

showpost.php?p=7108&postcount=4

Regards,
Sarah

thanks - I have already got the guys @ platinumservermanagement.com to take a look and they sorted it out.

apparently they needed to update the clam database and then reinstall the connector.

If you mean clamavconnector in WHM > Plugins, that will actually break Mailscanner so I hope they didn't install that.