Bug 1312035

Summary: /var/run/clamav not being created
Product: [Fedora] Fedora EPEL Reporter: infinitnetsolutions
Component: clamavAssignee: Nick Bebout <nb>
Status: CLOSED WORKSFORME QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: epel7CC: janfrode, metajiji, mstevens, nathanael, nb, orion, redhat-bugzilla, rhbugs
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-03-26 22:19:58 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description infinitnetsolutions 2016-02-25 15:12:04 UTC 
When the clamd service gets started, it uses 100% CPU and doesn't start up completely with:

ERROR: LOCAL: Socket file /var/run/clamav/clamd.sock could not be bound: No such file or directory
ERROR: Can't unlink the socket file /var/run/clamav/clamd.sock

If /var/run/clamav/ is being created manually, it gets deleted during a system reboot (using CentOS 7) and the same error occures again which prevents clamd from starting.

OS: CentOS 7
Packages: clamav-data-0.99-2.el7.noarch, clamav-lib-0.99-2.el7.x86_64, clamav-filesystem-0.99-2.el7.noarch, clamav-server-0.99-2.el7.x86_64, clamav-update-0.99-2.el7.x86_64

Fix: The issue can be resolved by creating the required folders via ExecStartPre by modifying the SystemD script in /lib/systemd/system/clamd.service. So the SystemD script bundled with your clamav packages should be updated to the below:

[Unit]
Description = clamd scanner (clamd) daemon
After = syslog.target nss-lookup.target network.target

[Service]
Type = simple
ExecStartPre = /usr/bin/mkdir /var/run/clamav
ExecStartPre = /usr/bin/chown -R clam.clam /var/run/clamav
ExecStart = /usr/sbin/clamd -c /etc/clamd.conf --nofork=yes
Restart = on-failure
PrivateTmp = true

[Install]
WantedBy=multi-user.target
Comment 1 infinitnetsolutions 2016-02-25 15:15:08 UTC 
Update: Sorry, to prevent startup errors complaining that /var/run/clamav already exists, the SystemD script has look like below:

[Unit]
Description = clamd scanner (clamd) daemon
After = syslog.target nss-lookup.target network.target

[Service]
Type = simple
ExecStartPre = /usr/bin/mkdir /var/run/clamav
ExecStartPre = /usr/bin/chown -R clam.clam /var/run/clamav
ExecStart = /usr/sbin/clamd -c /etc/clamd.conf --nofork=yes
Restart = on-failure
PrivateTmp = true

[Install]
WantedBy=multi-user.target
Comment 2 infinitnetsolutions 2016-02-25 15:16:07 UTC 
Wrong copy & paste, damn it. Here you go. Note the "-p" for mkdir.

[Unit]
Description = clamd scanner (clamd) daemon
After = syslog.target nss-lookup.target network.target

[Service]
Type = simple
ExecStartPre = /usr/bin/mkdir -p /var/run/clamav
ExecStartPre = /usr/bin/chown -R clam.clam /var/run/clamav
ExecStart = /usr/sbin/clamd -c /etc/clamd.conf --nofork=yes
Restart = on-failure
PrivateTmp = true

[Install]
WantedBy=multi-user.target
Comment 3 Denis Kadyshev 2016-05-03 12:39:25 UTC 
Fast fix this issue:

Run: systemctl edit clamd.service
And paste:
[Service]
ExecStartPre = /bin/install -m 755 -o clam -g clam -d /var/run/clamav

Not shure about mode 755, but it work 100%.
Comment 4 Orion Poplawski 2016-06-13 17:01:26 UTC 
FWIW - clamav-scanner ships a working clamd-server configuration.

If you want /var/run/clamav created at boot, create a /etc/tmpfiles.d/clamav.conf file with:

d /var/run/clamav 0710 clam clam
Comment 5 infinitnetsolutions 2016-07-18 15:31:49 UTC 
@Orion Poplawski, this doesn't work, it results in a permission error. I tried using 0755 in /etc/tmpfiles.d/clamav.conf to create the /var/run/clamav directory at startup, but even though this resolves the permission error we're back to square one with:

clamd: unable to connect to UNIX socket (/var/run/clamav/clamd.sock): No such file or directory

.. it still doesn't create the socket file this way. I tested this with several reboots.
Comment 6 infinitnetsolutions 2016-07-18 15:43:24 UTC 
Ok the latest issue was actually caused by the removal of --nofork option with the latest RHEL7 package. That's how it works now:

1.) Make sure that there's no "--nofork=yes" option set in /lib/systemd/system/clamd.service

2.) Create a /etc/tmpfiles.d/clamav.conf file with the below content:

d /var/run/clamav 0755 clam clam

3.) Reboot.

It would be appreciated if the responsible package maintainers could look into this. I reported this bug a while ago and there's still no proper fix for it. I can hardly use clamd in production because it breaks after literally every package update.