Can't save PID to file /var/run/clamd/freshclam.pid: Permission denied

IT_Architect

Verified User
Joined
Feb 27, 2006
Messages
1,114
Can't save PID to file /var/run/clamd/freshclam.pid: Permission denied
This is after a fresh install of ClamAV on a new FreeBSD 11.2 install. The directory rights are root:wheel and -rwx-r x-r x/0755, and clamd.pid makes its .pid fine because it it runs as root. However, freshclam runs as clamav, and thus cannot write it's .pid, and thus the error makes sense because it has no write privilege. It doesn't seem to affect the operation:
Code:
ps -ax|grep freshclam
1989  -  IWs   0:00.00 /usr/local/bin/freshclam -d
A common suggestion on the web is commenting out the line in etc/freshclam.conf. I've been flagging /var/run/clamd root:clamav and 0770, and it naturally fixes the error and freshclam is able to make pid in the directory. However, every time we do a build that makes ClamAV, such ./build all -d, it resets the folder rights to root:wheel, and 755, and we are back to the error and having to reflag the /var/run/clamd folder.

Edit: Actually, 0664 or 0660 would probably be better 0770.

Thanks!
 
Last edited:
On my server it is: -rw-rw-r-- root wheel clamd.pid
The problem is with the folder /var/run/clamd. As installed, the folder rights are:
root:wheel -rwx-r x-r x/755
The freshclam.pid is also supposed to be there. freshclam still runs, but posts an error because it runs as clamav, and with no write access, it cannot makke it's .pid. Flagging /var/run/clamd root:clamav and 0770 fixes the error and enables freshclam to make its .pid in the directory. Actually, it should only need to be 0664 at most, and maybe even 660 would be fine.

Thanks!
 
Last edited:
Pardon me for digging up an old thread, but im running into an issue with freshclam. Every hour i get an alert that freshclam is not running; while it show it's PID just fine in the service monitor. So it seems it cannot write the PID to /var/run/clamd/freshclam.pid.

freshclam.service - ClamAV updater daemon
Loaded: loaded (/etc/systemd/system/freshclam.service; enabled; vendor preset: disabled)
Active: failed (Result: timeout) since Fri 2019-03-08 12:29:51 CET; 9s ago
Process: 4365 ExecStart=/usr/local/bin/freshclam -d (code=exited, status=0/SUCCESS)
Process: 4362 ExecStartPre=/bin/chown -R clamav:clamav /var/run/clamd (code=exited, status=0/SUCCESS)
Process: 4361 ExecStartPre=/bin/mkdir -p /var/run/clamd (code=exited, status=0/SUCCESS)

Mar 08 12:28:20 mars.goadvised.com systemd[1]: Starting ClamAV updater daemon...
Mar 08 12:28:20 mars.goadvised.com systemd[1]: PID file /var/run/clamd/freshclam.pid not readable (yet?) after start.
Mar 08 12:29:51 mars.goadvised.com systemd[1]: freshclam.service start operation timed out. Terminating.
Mar 08 12:29:51 mars.goadvised.com systemd[1]: Failed to start ClamAV updater daemon.
Mar 08 12:29:51 mars.goadvised.com systemd[1]: Unit freshclam.service entered failed state.
Mar 08 12:29:51 mars.goadvised.com systemd[1]: freshclam.service failed.

The rights on the folder /var/run/clamd are clamav:clamav 0770, so it should be able to write there just fine. If i manually create a freshclam.pid, chown it with clamav:clamav and restart the freshclam service the file gets removed and throws the not readable error again. So i tried moving the file to /var/run/freshclam.pid in freshclam.conf and /etc/systemd/system/freshclam.service, all to no avail.

I an act of desperation i went and removed clamav altogether (./build set clamav no), update, rebuild, but it keeps throwing the same error.

i'm running out of ideas what to try here... any thoughts?

Kind regards, John.
 
I forgot about this thread. Changing ownership of the directory /var/rn/clamd to root:clamav with permissions 770 fixed the issue for me.
 
Back
Top