Bug 1312035 - /var/run/clamav not being created
/var/run/clamav not being created
Status: CLOSED WORKSFORME
Product: Fedora EPEL
Classification: Fedora
Component: clamav (Show other bugs)
epel7
x86_64 Linux
unspecified Severity urgent
: ---
: ---
Assigned To: Nick Bebout
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-02-25 10:12 EST by infinitnetsolutions
Modified: 2017-03-26 18:19 EDT (History)
8 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-03-26 18:19:58 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description infinitnetsolutions 2016-02-25 10:12:04 EST
When the clamd service gets started, it uses 100% CPU and doesn't start up completely with:

ERROR: LOCAL: Socket file /var/run/clamav/clamd.sock could not be bound: No such file or directory
ERROR: Can't unlink the socket file /var/run/clamav/clamd.sock

If /var/run/clamav/ is being created manually, it gets deleted during a system reboot (using CentOS 7) and the same error occures again which prevents clamd from starting.

OS: CentOS 7
Packages: clamav-data-0.99-2.el7.noarch, clamav-lib-0.99-2.el7.x86_64, clamav-filesystem-0.99-2.el7.noarch, clamav-server-0.99-2.el7.x86_64, clamav-update-0.99-2.el7.x86_64

Fix: The issue can be resolved by creating the required folders via ExecStartPre by modifying the SystemD script in /lib/systemd/system/clamd.service. So the SystemD script bundled with your clamav packages should be updated to the below:

[Unit]
Description = clamd scanner (clamd) daemon
After = syslog.target nss-lookup.target network.target

[Service]
Type = simple
ExecStartPre = /usr/bin/mkdir /var/run/clamav
ExecStartPre = /usr/bin/chown -R clam.clam /var/run/clamav
ExecStart = /usr/sbin/clamd -c /etc/clamd.conf --nofork=yes
Restart = on-failure
PrivateTmp = true

[Install]
WantedBy=multi-user.target
Comment 1 infinitnetsolutions 2016-02-25 10:15:08 EST
Update: Sorry, to prevent startup errors complaining that /var/run/clamav already exists, the SystemD script has look like below:

[Unit]
Description = clamd scanner (clamd) daemon
After = syslog.target nss-lookup.target network.target

[Service]
Type = simple
ExecStartPre = /usr/bin/mkdir /var/run/clamav
ExecStartPre = /usr/bin/chown -R clam.clam /var/run/clamav
ExecStart = /usr/sbin/clamd -c /etc/clamd.conf --nofork=yes
Restart = on-failure
PrivateTmp = true

[Install]
WantedBy=multi-user.target
Comment 2 infinitnetsolutions 2016-02-25 10:16:07 EST
Wrong copy & paste, damn it. Here you go. Note the "-p" for mkdir.

[Unit]
Description = clamd scanner (clamd) daemon
After = syslog.target nss-lookup.target network.target

[Service]
Type = simple
ExecStartPre = /usr/bin/mkdir -p /var/run/clamav
ExecStartPre = /usr/bin/chown -R clam.clam /var/run/clamav
ExecStart = /usr/sbin/clamd -c /etc/clamd.conf --nofork=yes
Restart = on-failure
PrivateTmp = true

[Install]
WantedBy=multi-user.target
Comment 3 Denis Kadyshev 2016-05-03 08:39:25 EDT
Fast fix this issue:

Run: systemctl edit clamd.service
And paste:
[Service]
ExecStartPre = /bin/install -m 755 -o clam -g clam -d /var/run/clamav

Not shure about mode 755, but it work 100%.
Comment 4 Orion Poplawski 2016-06-13 13:01:26 EDT
FWIW - clamav-scanner ships a working clamd-server configuration.

If you want /var/run/clamav created at boot, create a /etc/tmpfiles.d/clamav.conf file with:

d /var/run/clamav 0710 clam clam
Comment 5 infinitnetsolutions 2016-07-18 11:31:49 EDT
@Orion Poplawski, this doesn't work, it results in a permission error. I tried using 0755 in /etc/tmpfiles.d/clamav.conf to create the /var/run/clamav directory at startup, but even though this resolves the permission error we're back to square one with:

clamd: unable to connect to UNIX socket (/var/run/clamav/clamd.sock): No such file or directory

.. it still doesn't create the socket file this way. I tested this with several reboots.
Comment 6 infinitnetsolutions 2016-07-18 11:43:24 EDT
Ok the latest issue was actually caused by the removal of --nofork option with the latest RHEL7 package. That's how it works now:

1.) Make sure that there's no "--nofork=yes" option set in /lib/systemd/system/clamd.service

2.) Create a /etc/tmpfiles.d/clamav.conf file with the below content:

d /var/run/clamav 0755 clam clam

3.) Reboot.

It would be appreciated if the responsible package maintainers could look into this. I reported this bug a while ago and there's still no proper fix for it. I can hardly use clamd in production because it breaks after literally every package update.

Note You need to log in before you can comment on or make changes to this bug.