ClamAV 发生错误 socket_connect(): 无法连接 [13]: Permission denied?

Question

我的操作系统：Centos 7，使用 laravel 5.8，php 7.1：

我在：https://github.com/kissit/php-clamav-scan 使用 Clamav.php 扫描文件的病毒：

改变socket文件的设置：

private $clamd_sock = "/var/run/clamd.scan/clamd.sock";

这是我在 laravel 中的简单代码：

    $clamav = new Clamav();
    echo "Testing a bad file...\n";
    if($clamav->scan("/var/www/html/test/storage/logs/clamav_test.txt")) {
        echo "YAY, file is safe!\n";
    } else {
        echo "BOO, file is a virus.  Message: " . $clamav->getMessage() . "\n";
    }

我已经通过 url 在 centos 7 上安装 clamav：https://www.hostinger.com/tutorials/how-to-install-clamav-centos7

我有设置：

sudo setsebool -P daemons_enable_cluster_mode 1

并将用户 apache 添加到 clamscan 组

sudo usermod -a -G clamscan apache

我检查了存在的文件套接字：

[root@ip-172-31-2-17 centos]# ls -l /var/run/clamd.scan/
total 0
srw-rw-rw-. 1 clamscan clamscan 0 Sep 19 20:49 clamd.sock

但出现错误：

socket_connect(): 无法连接 [13]: 权限被拒绝

如何解决这个问题？

Answer 1

试试这个解决方案，它对我有用

chmod 755 /var/run/clamd.scan

我已经尝试过使用 docker。

supervisord.conf：

[supervisord]
nodaemon=true

[program:httpd]
redirect_stderr=true
command=/usr/sbin/httpd -DFOREGROUND
process_name = httpd

[program:clamd]
directory=/
command=clamd -c /etc/clamd.d/scan.conf &
autostart=true
autorestart=true

Dockerfile：

FROM centos:7

# Install Apache
RUN yum -y update
RUN yum -y install httpd httpd-tools

# Install EPEL Repo
RUN rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm \
 && rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm

# Install PHP
RUN yum -y install php71w php71w-bcmath php71w-cli php71w-common php71w-gd php71w-intl php71w-ldap php71w-mbstring \
    php71w-mysql php71w-pear php71w-soap php71w-xml php71w-xmlrpc

RUN yum -y install git

RUN yum -y install clamav-server clamav-data clamav-update clamav-filesystem clamav clamav-scanner-systemd clamav-devel clamav-lib clamav-server-systemd wget

RUN yum -y install php71w-devel gcc make
RUN yum -y groupinstall "Development tools"

#RUN wget https://datapacket.dl.sourceforge.net/project/php-clamav/0.15/php-clamav_0.15.7.tar.gz
#RUN tar -xvzf php-clamav_0.15.7.tar.gz && cd php-clamav-0.15.7 && phpize && ./configure && make && make install

RUN sed -E -i -e '/<Directory "\/var\/www\/html">/,/<\/Directory>/s/AllowOverride None/AllowOverride All/' /etc/httpd/conf/httpd.conf
RUN sed -E -i -e 's/DirectoryIndex (.*)$/DirectoryIndex index.php \1/g' /etc/httpd/conf/httpd.conf

RUN sed -i -e "s/^Example/#Example/" /etc/clamd.d/scan.conf
RUN sed -i 's+#LocalSocket /var/run/clamd.scan/clamd.sock+LocalSocket /var/run/clamd.scan/clamd.sock+g' /etc/clamd.d/scan.conf

RUN cat /etc/clamd.d/scan.conf | grep clamd.sock

RUN sed -i -e "s/^Example/#Example/" /etc/freshclam.conf
RUN freshclam

RUN chmod 755 /var/run/clamd.scan

RUN yum -y install supervisor
RUN yum -y install mc

COPY supervisord.conf /etc/supervisord.conf
EXPOSE 80
CMD ["/usr/bin/supervisord"]

CMD ["supervisord", "-n"]

index.php

<?php
require 'Clamav.php';
$sock = "/var/run/clamd.scan/clamd.sock";
if (file_exists($sock)){
    echo "";
}else{
    echo "$sock not found";
}

$clamav = new Clamav(array('clamd_sock' => $sock));

if($clamav->scan("/var/www/html/scan.txt")) {
    echo "YAY, file is safe\n";
} else {
    echo "BOO, file is a virus.  Message: " . $clamav->getMessage() . "\n";
}

?>

见here