freshclam error, "clamd.conf" file not found

When I run the following command:

sudo freshclam

If there are found to be updates to the virus definitions etc then at the end of the output comes this error message

ERROR: NotifyClamd: Can't find or parse configuration file /etc/clamav/clamd.conf

But if I run the command when there are no new updates available, then I don't receive this error message. Why am I getting this error message (as I have not got it before when running the same operations)? And can I fix the problem (if it needs fixing)?

I am running Ubuntu 14.10 and ClamAV (the latest version).


Information update:

This command:

ls -al /var/log/clamav/

Outputs:

total 124
drwxr-xr-x  2 clamav clamav  4096 Feb 22 11:14 .
drwxrwxr-x 15 root   syslog  4096 Feb 24 18:26 ..
-rw-r-----  1 clamav adm    46790 Feb 24 18:31 freshclam.log
-rw-r-----  1 clamav adm    59109 Feb 22 11:14 freshclam.log.1

And this command:

more /etc/clamav/clamd.conf

Outputs:

/etc/clamav/clamd.conf: No such file or directory

I have also tried reinstalling clamav, but I still get the same error when running sudo freshclam.


It seems that installing clamav via apt-get install clamav doesn't actually install the clamav daemon; it only installs the freshclam daemon. You'll probably want to install clamav-daemon as well. The first time clamd runs, it'll create /etc/clamav/clamd.conf.

Note that the clamav package does install clamscan, which you can invoke manually to scan specific files/directories. However, by default, nothing will be scanned automatically. clamav-daemon allows scans to be triggered remotely, but even that doesn't schedule scans or provide realtime protection.

This is a good reminder that you should never just install security software and forget about it. You need to make sure it's working properly. I'm sure plenty of people run sudo apt-get install clamav, then just assume it's working in the background--when, in reality, all that's running is freshclam.

If you're actually looking for realtime protection, instead of just trying to run a scan, user61995 mentioned a potential solution. I haven't tested it.

tl;dr: sudo apt install clamav-daemon to fix the error, but you still have to run scans manually to be protected; these packages don't provide realtime protection.


On-access scanning exists if you are looking for that. There's a kernel module: Dazuko. Take a look at the ClamAV manual chapter 4.1.1.