[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Clamd was NOT notified: ... connect(): Connection refused

Posted on 2014-03-17
13
Medium Priority
?
2,032 Views
Last Modified: 2014-03-20
I've just installed CLAMAV on Linux. freshclam gives me the message:

WARNING: Clamd was NOT notified: Can't connect to clamd through /var/run/clamd.socket
connect(): Connection refused

Why?

ls -l /var/run/clam*
srw-rw---- 1 root root 0 2014-03-15 02:50 /var/run/clamav-milter.socket=
srw-rw-rw- 1 root root 0 2014-03-15 02:47 /var/run/clamd.socket=

Open in new window

0
Comment
Question by:jmarkfoley
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 2
  • +1
13 Comments
 
LVL 35

Expert Comment

by:Duncan Roe
ID: 39936146
You get Connection refused (ECONNREFUSED) when no-one is listening on the remote address. Could it be that Clamd is not running? (or clamd, not sure of capitalization)
0
 
LVL 65

Accepted Solution

by:
btan earned 860 total points
ID: 39936724
It seems similar to this forum sharing as it also started off to run the ps -ef|grep clamd to see if clamd is running, later drill down to patch is not latest and causing the issue. The troubleshooting step in the forum can be useful leads

http://www.linuxquestions.org/questions/linux-server-73/can%27t-connect-to-unix-socket-var-run-clamav-clamd-ctl-connection-refused-856847/

...needed to update the clamav-daemon (clamd) in addition to updating clamav.

Then run apt-get update; apt-get install clamav
If you need clamd, you may also want to run apt-get install clamav-daemon

Once I upgraded clamd to the latest version and reset everything back to normal, it appears to be working fine now.
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 39937272
clamd is running and is trapping viruses. I'll check out the Linux questions link and reinstall the latest version of clamd and see if that fixes the problem.
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

 
LVL 62

Assisted Solution

by:gheist
gheist earned 568 total points
ID: 39940579
usually there is some script to run freshclam as good user to update virus data and notify virus...
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 39940630
> usually there is some script to run freshclam as good user to update virus data and notify virus...

Yes, that is running and freshclam is the one issuing the warning.

Have not had a chance to re-install clamd yet.
0
 
LVL 62

Expert Comment

by:gheist
ID: 39940681
telling which linux and where you got clamav from usually helps, otherwise we can just give general outline on how to approach problem.
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 39941537
Clamav was 0.97.8, I just updated to 0.98.1 from http://www.clamav.net/lang/en/download/sources/

Linux Slackware distro, version 13.37.0, kernel version 2.6.37.6

So, I just got the most recent stable clamav from the above listed site and I still get the message from freshclam:

WARNING: Clamd was NOT notified: Can't connect to clamd through /var/run/clamd.socket
connect(): Connection refused
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 39941552
Wait ... maybe it *is* working. I'll post back after some experimenting.
0
 
LVL 65

Expert Comment

by:btan
ID: 39941554
/var/run/clamd.socket should be an empty file, the clamd process will attach to it and listen for commands. Probably look at your /etc/clamd.conf file, and look for the LocalSocket definition. I am suspecting the file is not probably created or the filename is not correct...

Some of the other may have it as in /var/run/clamav/clamd.sock. So when they do a ls -l on that full path socket file, you will see "srw-rw-rw-"... Notice the leading "s" in the ls output indicating that it is a socket. If all is correct, the clamav client (including freshclam) should be able to open this socket when they wish to write (send) commands to the clamd server.... if nothing of this is as mentioned, either the package is buggy else changing path to re-create or verify the .conf to see if it helps

Sometimes may be the clamav and clamd is not started...pls see this
0
 
LVL 35

Assisted Solution

by:Duncan Roe
Duncan Roe earned 572 total points
ID: 39941736
/var/run/clamd.socket should be a socket. That is not the same as an empty file, it is a special kind of file system entity.
Programs that use Unix sockets are duty bound to unlink them on program termination. Should a program crash, this may not get done.
0
 
LVL 65

Expert Comment

by:btan
ID: 39941841
Thanks yap as explain in my earlier sharing

"srw-rw-rw-"... Notice the leading "s" in the ls output indicating that it is a socket.
0
 
LVL 1

Author Comment

by:jmarkfoley
ID: 39943417
It is working! I was running freshclam --quiet, so it was not putting any additional message is my stdout/errout log file. I kept looking at an early log when clamd was not running thinking it was the most recent freshclam results!
0
 
LVL 1

Author Closing Comment

by:jmarkfoley
ID: 39943429
Thanks all
0

Featured Post

Survive A High-Traffic Event with Percona

Your application or website rely on your database to deliver information about products and services to your customers. You can’t afford to have your database lose performance, lose availability or become unresponsive – even for just a few minutes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Little introduction about CP: CP is a command on linux that use to copy files and folder from one location to another location. Example usage of CP as follow: cp /myfoder /pathto/destination/folder/ cp abc.tar.gz /pathto/destination/folder/ab…
I. Introduction There's an interesting discussion going on now in an Experts Exchange Group — Attachments with no extension (http://www.experts-exchange.com/discussions/210281/Attachments-with-no-extension.html). This reminded me of questions tha…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question