# amavis/clamd - can't connect to clamd.socket

## overcast

This is what's appearing over and over again in my logs:

```
Jan 11 09:12:09 [amavis] (10624-02) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.sock (Can't connect to UNIX socket /var/run/clamav/clamd.sock: Permission denied) at (eval 66) line 268.

Jan 11 09:14:51 [amavis] (09372-20) ClamAV-clamd: Can't send to socket /var/run/clamav/clamd.sock: Transport endpoint is not connected, retrying (1)

Jan 11 09:14:52 [amavis] (09372-20) (!) ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.sock: Permission denied, retrying (2)

Jan 11 09:14:58 [amavis] (09372-20) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.sock (Can't connect to UNIX socket /var/run/clamav/clamd.sock: Permission denied) at (eval 66) line 268.
```

I thought it might be simple file permissions, but this looks correct to me:

```
inquisitor ~ # ls -lu /var/run/clamav/

total 4

-rw-rw---- 1 clamav clamav 0 Jan 11 08:50 clamd.sock

-rw-rw---- 1 clamav clamav 4 Dec 28 13:09 freshclam.pid
```

amavis is part of the clamav group:

```
inquisitor ~ # groups clamav

amavis clamav
```

Help!   :Confused: 

----------

## Katphish

I went the other way and told clamd to run as the amavis user and put the socket at /var/run/amavis/clamav.sock.  This was the recommended method from amavisd-new documentation.

----------

## serotonin

 *Katphish wrote:*   

> I went the other way and told clamd to run as the amavis user and put the socket at /var/run/amavis/clamav.sock.  This was the recommended method from amavisd-new documentation.

 

I'll second that, make sure your /etc/amavisd.con file has

```

$daemon_user  = 'amavis';   # (no default;  customary: vscan or amavis), -u

$daemon_group = 'amavis';   # (no default;  customary: vscan or amavis), -g

$unix_socketname = "$MYHOME/amavisd.sock"; 

```

then this

```

ls -lah /var/run/clamav/

total 12K

drwxr-xr-x 2 amavis clamav 4.0K Dec 30 12:45 .

drwxr-xr-x 8 root   root   4.0K Jan 10 03:10 ..

-rw-r--r-- 1 root   root      0 Dec 29 23:24 .keep_app-antivirus_clamav-0

-rw-rw---- 1 amavis amavis    5 Dec 30 12:45 clamd.pid

srwxrwxrwx 1 amavis amavis    0 Dec 30 12:45 clamd.sock

```

Should be all set after a /etc/init.d/postfix reload 

 :Very Happy: 

----------

## Red-Drop

If you are like me and use clamav for more than just amavis you would want to have it so that clamav is not running as the amavis user.

Check that you have in your /etc/clamd.conf

```

# Initialize supplementary group access (clamd must be started by root).

# Default: no

AllowSupplementaryGroups yes

```

To have clamav use groups you specify in your /etc/group file

Hope this helps.

----------

## trossachs

I have clamav installed, but cannot locate the clamd.pid, or clamd.sock files. Can these be inserted manually?

----------

## ScOut3R

 *trossachs wrote:*   

> I have clamav installed, but cannot locate the clamd.pid, or clamd.sock files. Can these be inserted manually?

 

Check the /etc/clamd.conf file, there's an option where you can set the location of the socket file, or you can setup clamav to listen on the loopback interface.

----------

## trossachs

Socket set to:

```
LocalSocket /var/run/amavis/clamd
```

----------

