Clamav: troubleshooting of clamdscan

clamdscan is much faster to run than clamscan, however, it requires clamd which is a bit harder to setup, so I have some tips for troubleshooting:

ERROR: Could not lookup : Servname not supported for ai_socktype

Usually you should check the permission, especially whether the current user is in group clamscan (the primary group of the clamd running user).

lstat() failed: Permission denied. ERROR

This is usually because clamd running does not have the permission to run the is run as non-root user.

So you will need to enlist User clamscan (the user that runs clamd). You need to logout and login to make that change effective.

If it is still failed with the same error messsage, it is still possible that you are fooled by ACL permission. Use getfact to check it. The reason? When you ls, you get:

drwxr-xr-x+ 2 testuser testuser 40 Jul 17 15:19 /tmp/test

But your actual ACL (getfacl /tmp/test)might look like:

getfacl: Removing leading '/' from absolute path names
# file: tmp/test
# owner: testuser
# group: testuer
user::rwx
group::---
mask::r-x
other::r-x

Acknowledge:

The Clamav image is from http://www.stepbystep.com/how-to-integrate-clamav-into-pureftpd-for-virus-scanning-on-debian-squeeze-45061/

Advertisements