Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 13th February 2008, 09:10
Zous Zous is offline
Junior Member
 
Join Date: Feb 2008
Location: Atlanta, GA, USA
Posts: 4
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Of course I will, I've been looking at those over and over

ls -l /var/run

Code:
...
drwxr-xr-x 2 clamav      clamav      4096 2008-02-13 03:02 clamav
...
ls -l /var/run/clamav

Code:
-rwxrw---- 1 clamav clamav 4 2008-02-13 01:48 freshclam.pid
Btw, I was about to repost here as I realized that I stopped seeing comments about the UNIX socket in the log as the default config file turned off LogClean

With LogClean on, when I restart I see:
Code:
Wed Feb 13 03:02:37 2008 -> Unix socket file /var/run/clamav/clamd.ctl
Also, notice that the folder /var/run/clamav got touched at 3:02 as well (even if the ctl file is not there currently, and yes clamd is still running)

This makes me think that it is getting created, even if it doesn't stay around for long.
Reply With Quote
Sponsored Links
  #12  
Old 13th February 2008, 09:13
topdog topdog is offline
Senior Member
 
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 153 Times in 150 Posts
Default

Seems like the socket is being removed do you have FixStaleSocket set to yes ?
__________________
----
http://www.topdog.za.net - Got Linux problems ? - I can help.
http://www.baruwa.org - Try it.
Reply With Quote
The Following User Says Thank You to topdog For This Useful Post:
Zous (13th February 2008)
  #13  
Old 13th February 2008, 09:28
Zous Zous is offline
Junior Member
 
Join Date: Feb 2008
Location: Atlanta, GA, USA
Posts: 4
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Yes, I do. I turned it off. I looked through the clean version of the log for a little more and found the following.

Code:
Wed Feb 13 03:02:50 2008 -> Socket file removed.
I'll probably let it run for a while with FixStaleSocket set to no

I didn't think that it would remove a socket in 30 seconds...
Reply With Quote
  #14  
Old 13th February 2008, 09:46
Zous Zous is offline
Junior Member
 
Join Date: Feb 2008
Location: Atlanta, GA, USA
Posts: 4
Thanks: 1
Thanked 0 Times in 0 Posts
Default

And now it's back, which is why I let it run last time.

Loading the database takes a long time (20+ mins). While before it was a permissions issue, once I fixed the permissions I kept changing settings and never gave it enough time to load the database. Only once it loaded the database would it actually create the socket.

Thanks for your help, hopefully this was just a misunderstanding between me and ClamAV
Reply With Quote
  #15  
Old 22nd February 2008, 06:30
chimaster chimaster is offline
Junior Member
 
Join Date: Mar 2006
Location: Queenstown
Posts: 16
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via ICQ to chimaster Send a message via Skype™ to chimaster
Default Me Too!

I have this same issue. I took the time to wait for Clamav to spring back to life and email started moving again... for about four hours, then it stopped again.

Any ideas as to what causes this? How would I initiate a secondary virus scanner to combat this happening?

I've had a pretty good look through the logs and all I see is that the socket stopped responding.

Feb 22 18:20:49 ferengi amavis[9734]: (09734-07) (!) run_av: timed out
Feb 22 18:20:49 ferengi amavis[9734]: (09734-07) (!!) ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
Feb 22 18:20:49 ferengi amavis[9734]: (09734-07) (!!) TROUBLE in check_mail: virus_scan FAILED: virus_scan: ALL VIRUS SCANNERS FAILED: ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.; ClamAV-clamscan av-scanner FAILED: /usr/bin/clamscan timed out at (eval 44) line 462.
Feb 22 18:20:49 ferengi amavis[9734]: (09734-07) (!) PRESERVING EVIDENCE in /var/lib/amavis/tmp/amavis-20080222T181527-09734
Feb 22 18:20:50 ferengi amavis[9734]: (09734-08) (!) ClamAV-clamd: Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory, retrying (2)
Feb 22 18:20:51 ferengi amavis[9732]: (09732-08) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.
Feb 22 18:20:51 ferengi amavis[9732]: (09732-08) (!!) WARN: all primary virus scanners failed, considering backups
Feb 22 18:20:56 ferengi amavis[9734]: (09734-08) (!!) ClamAV-clamd av-scanner FAILED: Too many retries to talk to /var/run/clamav/clamd.ctl (Can't connect to UNIX socket /var/run/clamav/clamd.ctl: No such file or directory) at (eval 44) line 268.
Feb 22 18:20:56 ferengi amavis[9734]: (09734-08) (!!) WARN: all primary virus scanners failed, considering backups


for a little more info.. Clamav.log

Fri Feb 22 14:44:58 2008 -> ERROR: reload db failed: Unable to lock database directory (try 2)
Fri Feb 22 14:47:08 2008 -> ERROR: reload db failed: Unable to lock database directory (try 3)
Fri Feb 22 14:47:08 2008 -> ERROR: reload db failed: Unable to lock database directory
Fri Feb 22 14:47:08 2008 -> Terminating because of a fatal error.Fri Feb 22 14:47:08 2008 -> Socket file removed.
Fri Feb 22 14:47:08 2008 -> Pid file removed.
Fri Feb 22 14:47:08 2008 -> --- Stopped at Fri Feb 22 14:47:08 2008
Fri Feb 22 18:06:29 2008 -> +++ Started at Fri Feb 22 18:06:29 2008
Fri Feb 22 18:06:29 2008 -> clamd daemon 0.90.1 (OS: linux-gnu, ARCH: i386, CPU: i486)
Fri Feb 22 18:06:29 2008 -> Log file size limit disabled.
Fri Feb 22 18:06:29 2008 -> Reading databases from /var/lib/clamav

TIA :-)
__________________
-----------------------------------------------
Uan Spijkerbosch
HeadQuarters N.D.C.
Web: www.queenstownhq.co.nz
Web: www.queenstown.com
-----------------------------------------------
Reply With Quote
  #16  
Old 22nd February 2008, 07:01
topdog topdog is offline
Senior Member
 
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 153 Times in 150 Posts
 
Default

The problem is that some of your freshclam processes seem to terminate uncleanly leaving the lock in place, (.dbLock). The next update process then cannot "lock" the db because there is already a lock in place.

This means you have to take a close look at your system to figure out why the update does not finish cleanly, also this issue seems to have affected clamav version 0.90 if you are running that version or something below an upgrade is worth the try.
__________________
----
http://www.topdog.za.net - Got Linux problems ? - I can help.
http://www.baruwa.org - Try it.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
configuring IPTABLES firewall adityavpratap HOWTO-Related Questions 9 27th May 2006 21:42
Frustrated with ISPConfig install! woozyerdaddee Installation/Configuration 4 19th May 2006 03:38
Installation Fails... :( cyberstorm Installation/Configuration 1 15th January 2006 18:07
Could not make OpenSSL yontengyatso Installation/Configuration 3 3rd November 2005 10:50
Install stop at uuwish, UUDeview SeaWolf Installation/Configuration 6 4th October 2005 23:53


All times are GMT +2. The time now is 03:44.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.