[ClamAV] WARNING: Clamd was NOT notified: Can't connect to clamd through /var/run/clamav/clamd.sock
I created a shell script to register ClamAV in Cron, and when I ran it for confirmation, an error occurred during virus definition pattern file updates.
By the way, the shell script content is as follows:
/usr/local/scripts/clamav.sh
#!/bin/bash
logfile="/var/log/clamav/clamav_$(date +%Y%m%d%H%M).log"
update_logfile="/var/log/clamav/clamav_update.log"
mail_to="notice@localhost"
mail_from="[email protected]"
/usr/bin/freshclam --quiet -u root -l ${update_logfile} > /dev/null 2>&1
/usr/bin/clamscan -r -i --quiet -l ${logfile} \\
--exclude-dir="/sys" \\
/ > /dev/null 2>&1
if [ $? != 0 ]
then
cat ${logfile} | mail -s "[ClamAV report] $(hostname)" ${mail_to} -- -f $mail_from
fi
Error Content
WARNING: Clamd was NOT notified: Can't connect to clamd through /var/run/clamav/clamd.sock
A warning appeared, so I checked /var/run/clamav/clamd.sock but it didn’t exist.
That makes sense because I haven’t started clamd as a daemon, so freshclam can’t notify clamd after updating the virus definition pattern files.
You can fix this by commenting out the NotifyClamd line in the freshclam.conf file.
/etc/freshclam.conf
NotifyClamd /etc/clamd.conf
↓(Comment out)
#NotifyClamd /etc/clamd.conf
If /etc/freshclam.conf has NotifyClamd /etc/clamd.conf configured, freshclam will try to notify clamd after updating virus definition pattern files However, if clamd is not running, it cannot notify and the above error appearsIf you don’t start the clamd daemon, disable the above setting #NotifyClamd /etc/clamd.conf
If the clamd daemon is running and an error appears, check if /tmp/clamd.sock exists If clamd is running and the sock file doesn’t exist
Check if /etc/clamd.conf has LocalSocket /tmp/clamd.sock #TCPSocket 3310
That’s all from the Gemba.