I set up a new server instance on Amazon, tarragon_3, which is Fedora 22. I’ve had a lot of trouble over the years with clamav and amavisd, mostly with the nonsense about having to mess about with the user under which clamav runs, allowing a shared group, location of the socket, ability to create logs. I’ve never had it operate satifsactorily for a long time, and never looked into why. I resolved to look closer this time.<\/p>\n
I installed amavisd-new clamav clamav-server-systemd clamav-scanner clamav-update. I am not sure but I think:
\nclamav is the basic package, and has the engine, and perhaps libraries;
\nclamav-server-systemd is the machinery to start the clam daemon under systemd;
\nclamav-scanner I expect has clamscan and clamdscan for command line scanning;
\nclamav-update is probably freshclam, the stuff for getting updates.<\/p>\n
Initially, I was making the same sort of blind changes I’d made in the past, but I read around a little. It seems that some of this has been changed, so I’m trying a new approach. I’m somewhat following instructions in http:\/\/www.server-world.info\/en\/note?os=Fedora_21&p=mail&f=6<\/a>. Part of the reason for trusting those instructions a little is that they refer to new things which are in the distro, for example, the \/etc\/tmpfiles.d which I haven’t seen before now. So I think the instructions are relatively recent. On the other hand, the instructions called for modifying \/usr\/lib\/systemd\/system\/clamd@.service, which is simply wrong. My changes to amavis.conf were as usual, just setting the domains, the spamassassin levels, etc. After about a month and several updates, I have not experienced any of the issues of the past.<\/p>\n July, 2016:<\/p>\n Something happened and it began to fail. clamd@amavis would not start. I did some research, flailed around a bit, got it working, but have only a vague understanding of what happened.<\/p>\n One thing was that the systemd script in \/etc\/systemd\/system\/clamd@.service was a copy of the one in \/usr\/lib\/systemd\/system\/clamd@.service and the latter was changed in June with an update. There used to be a parameter –nofork=yes, and that is gone, and replaced with a parameter –foreground-yes, and the former syntax now generates an error.<\/p>\n The other thing has to do with the name under which the config file is sought. The systemd script (currently) has ExecStart = \/usr\/sbin\/clamd -c \/etc\/clamd.d\/%i.conf, aiming to have the config file named with the service (all this machinery to allow there to be multiple clamd daemons for different purposes I think). The config file I have in \/etc\/clamd.d\/amavisd.conf isn’t found with this – it is looking for \/etc\/clamd.d\/amavis.conf. Here I am not exactly sure what has changed, but it is clear that if the daemon is launched with a name that doesn’t match the actual config file, it fails. In trying to fix it, my first fix was just to put in a symlink, amavis.conf=>amavisd.conf and that worked. Maybe the %i.conf is new in the script, I’m not sure – I was too quick on the trigger replaceing the file.<\/p>\n <\/p>\n","protected":false},"excerpt":{"rendered":" I set up a new server instance on Amazon, tarragon_3, which is Fedora 22. I’ve had a lot of trouble over the years with clamav and amavisd, mostly with the nonsense about having to mess about with the user under which clamav runs, allowing a shared group, location of the socket, ability to create logs. … Continue reading Setting up amavisd and clamav<\/span>
\n
\nI did not change the user under which clamav runs in the config files. The only config changes I made were as follows:
\n1. modify \/etc\/freshclam.conf to remove the failsafe COMMENT->#COMMENT. Then I checked that freshclam would run correctly and download the sigs.
\n2. copy \/usr\/share\/doc\/clamav-server\/clamd.sysconfig ->\/etc\/sysconfig\/clamd.amavisd and update the text to substitute \u201camavis\u201d for <Service>
\n3. copied \/usr\/lib\/systemd\/system\/clamd@.service to \/etc\/system\/system\/clamd@.service and added :[Install] WantedBy=multi-user.target
\n4. start and enable clamd@amavisd<\/a> service<\/p>\n