Giters

Cisco-Talos / clamav

ClamAV - Documentation is here: https://docs.clamav.net

Home Page:https://www.clamav.net/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

freshclam fails to notify clamd via socket, even though it exists (on Kubernetes)

alexanderaltanis opened this issue · comments

commented

Describe the bug

I am trying to run a Kubernetes pod based on the clamav/clamav-debian image. I've built my own image based on that one (via FROM clamav/clamav-debian:latest, and then replacing some config files and the /init script with a slightly improved one). The issue should not come from my changes to the /init script, as it happened even before I made those changes (and they have to do with graceful shutdown, and not the actual daemon).

The problem is that even though clamd is running, has created a local socket, and that socket exists, when freshclam tries to notify it to reload the virus databases, I get the following error in the freshclam log:

WARNING: Clamd was NOT notified: Can't connect to clamd through /run/clamav/clamd.sock: No such file or directory

However, the socket file exists, and is owned by the correct user and group.

# ls -l /run/clamav/clamd.sock 
srw-rw-rw- 1 clamav clamav 0 May  8 11:21 /run/clamav/clamd.sock

And in fact, I have configured clamd to use that file as a socket, and to use the user clamav (excerpt from /etc/clamav/clamd.conf):

LocalSocket /run/clamav/clamd.sock
User clamav

Freshclam is configured to notify clamd (excerpt from /etc/clamav/freshclam.conf):

NotifyClamd /etc/clamav/clamd.conf

Note that by default the image places the socket in /tmp/clamd.sock. The /tmp directory is owned by root, so I changed it to /run/clamav/clamd.sock, since that directory is owned by clamav and is mentioned in the /init script. The issue appeared just the same with the socket in /tmp (and freshclam then accordingly complained that /tmp/clamd.sock did not exist, which indicates that it is correctly reading /etc/clamav/clamd.conf).

Curiously, if I SSH into the image and run freshclam manually, it manages to notify clamd to reload the database correctly (I use the same arguments for freshclam used by the /init script)! It's only the process started by the init script that fails to do that.

I have no idea what to do as I believe I've followed the documentation and the error message seems to be wrong.

How to reproduce the problem

I don't know how the problem can be reproduced, if you have an idea please let me know and I can present a reproduction.

I can reproduce the problem 100% of the time on my setup. I can provide more information if necessary.

commented

Hi,

I am sorry we missed this issue previously, has it been resolved?

Thanks,
Andy