# Freshclam is reporting an error with internal logger

## gohmdoree

Once a week.  logrotate archives my clam.log and freshclam.log.

I will get the following error:

```

ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).

```

What I see is a new freshclam.log is created, and then the former is renamed as freshclam.log.1.  I think when this first occurred, I realized to manually gzip the freshclam.log.1 file, restart clamav, and run freshclam.  

All is fine until the next time.  Here is my logrotate file for clamav

```

/var/log/clamav/clamd.log {

        weekly

        missingok

        rotate 3

        compress

        delaycompress

        notifempty

        sharedscripts

        postrotate

                /etc/init.d/clamd logfix

                /bin/kill -HUP `cat /var/run/clamav/clamd.pid 2> /dev/null` 2>/d

ev/null || true

        endscript

}

/var/log/clamav/freshclam.log {

        weekly

        missingok

        rotate 3

        compress

        delaycompress

        notifempty

        sharedscripts

        postrotate

                /etc/init.d/clamd logfix

                /bin/kill -HUP `cat /var/run/clamav/freshclam.pid 2> /dev/null` 2>/dev/null || true

        endscript

}

```

Any suggestions on corrections?  Changes?  Don't mind the manual fix, but realize just means I did something incorrect.

----------

## magic919

It's not logrotate, you'll get the error on a restart of the daemons.

Check permissions/ownership of the log files and directory.

----------

## gohmdoree

Got it.  Thanks for clarifying.  I'm running clamav as the amavis user, so the permissions are amavis:amavis.

----------

## magic919

That's actually ownership, not permissions.

Have a look at a ps -ef and see if freshclam also runs as amavis.  And check the permissions on logging directory for the user it runs as.

----------

## gohmdoree

I have /var/log as 755 root:root and /var/log/clamav as 755 amavis:amavis.

Do I need to change /var/log to 775?

Or, I guess I can move /var/log/clamav to /var/clamav?

freshclam runs as amavis.

----------

## gohmdoree

found these bug reports, but i'm thinking everything is correct on my end.  still an issue:

https://bugs.gentoo.org/170739

my clamd init script is as follows

```

logfix() {

        if [ "${START_CLAMD}" = "yes" ]; then

                # fix clamd log permissions

                # (might be clobbered by logrotate or something)

                local logfile=`awk '$1 == "LogFile" { print $2 }' /etc/clamd.conf`

                local clamav_user=`awk '$1 == "User" { print $2 }' /etc/clamd.conf`

                if [ -n "${logfile}" ] && [ -n "${clamav_user}" ]; then

                        if [ ! -f "${logfile}" ]; then

                                touch ${logfile}

                        fi

                        chown ${clamav_user} ${logfile}

                        chmod 640 ${logfile}

                fi

        fi

        if [ "${START_FRESHCLAM}" = "yes" ]; then

                # fix freshclam log permissions

                # (might be clobbered by logrotate or something)

                logfile=`awk '$1 == "UpdateLogFile" { print $2 }' /etc/freshclam.conf`

                local freshclam_user=`awk '$1 == "DatabaseOwner" { print $2 }' /etc/freshclam.conf`

                if [ -n "${logfile}" -a -n "${clamav_user}" ]; then

                        if [ ! -f "${logfile}" ]; then

                                touch ${logfile}

                        fi

                        chown ${freshclam_user} ${logfile}

                        chmod 640 ${logfile}

                fi

        fi

}

```

----------

