I configured the ClamAV plugin in Moodle and installed the necessary ClamAV packages on my linux server.
Running method: Unix domain socket
Unix domain socket: /var/run/clamd.scan/clamd.sock
The clamd server is running and the socket really exist in specified location.
But when I tried to upload files in Moodle to test the anti-virus, messages like the following, appear in the log file of Clamd:
WARNING: lstat() failed on: /tmp/phpag0dQF
I added user clamscan (the user under which clamd server is running) to the apache group; and added user apache (the user under which httpd server is running) to the clamscan group.
The permission of /tmp/ are :
drwxrwxrwt. root root
I have disabled SELinux to ensure it is not blocking anything.
I don't understand what is preventing ClamAV to scan files uploaded via Moodle.
Thank for your help.