# ClamAV permission.



## best (Jul 31, 2009)

hi,

i've already install ClamAV in my FreeBSD according to the following instruction : 

install via ports :

```
#cd /usr/ports/security/clamav
    #make all install clean CLAMAVUSER=vscan CLAMAVGROUP=vscan
```
    (Menu defaults should be fine.)

Add build options to /etc/make.conf file:

```
#echo 'CLAMAVUSER=vscan' >> /etc/make.conf
    #echo 'CLAMAVGROUP=vscan' >> /etc/make.conf
```

Enable ClamAV at boot time:

```
#echo 'clamav_freshclam_enable="YES"' >> /etc/rc.conf
    #echo 'clamav_clamd_enable="YES"' >> /etc/rc.conf
```

next step is to Start FreshClam as well as the ClamAV daemon as the following instruction :

```
#/usr/local/etc/rc.d/clamav-clamd start
    #/usr/local/etc/rc.d/clamav-freshclam start
```

then i got this error message :

```
ERROR: Can't open /var/log/clamd.log in append mode (check permission!)
```

what am i missing?


----------



## dennylin93 (Jul 31, 2009)

You changed the user and group of ClamAV, so the user of the log file also has to modified.

Try:

```
chown vscan:vscan /var/log/clamd.log
```

If error still persists, follow-up with the following command:

```
chmod 640 /var/log/clamd.log
```

You must be root to do this though.

Make sure you are running clamd as the vscan user and check whether /var/log/clamd.log is the correct path to the log file. The default seems to be /var/log/clamav/clamd.log.


----------



## best (Jul 31, 2009)

> You changed the user and group of ClamAV, so the user of the log file also has to modified.



Is this right that the log file is not exist before i run clamav with 

```
#/usr/local/etc/rc.d/clamav-clamd start
#/usr/local/etc/rc.d/clamav-freshclam start
```

and how can i try the code you suggest me while the log file is not exist?


----------



## DutchDaemon (Jul 31, 2009)

Best, leave those color tags alone and use 

```
[/url] tags!
```


----------



## DutchDaemon (Jul 31, 2009)

as root:


```
touch /var/log/clamd.log
chown vscan:vscan /var/log/clamd.log
```


----------



## best (Aug 3, 2009)

> Best, leave those color tags alone and use
> 
> 
> 
> ...


----------



## best (Aug 3, 2009)

```
touch /var/log/clamd.log
chown vscan:vscan /var/log/clamd.log
```

the code above doesn't work.

in one case i successfully start clamav after i mark the code in clamd.conf as a comment in /usr/local/etc as the following :

```
#LogFile /var/log/clamav/clamd.log
```


----------



## DutchDaemon (Aug 3, 2009)

( 
	
	



```
, not [quote] )
```


----------



## DutchDaemon (Aug 3, 2009)

Then *either* use the correct directory in clamd.conf


```
LogFile /var/log/clamd.log
```

instead of


```
LogFile /var/log/clamav/clamd.log
```

*or* create the logfile in the place where clamd expects it:


```
mkdir /var/log/clamav
touch /var/log/clamav/clamd.log
chown -R vscan:vscan /var/log/clamav
```

and restart clamd.


----------



## best (Aug 4, 2009)

yes sir! it has been solved! many thanks..



> (
> 
> 
> 
> ...


----------

