Clamav-daemon status failed !

Discussion in 'Server Operation' started by sawa73, Mar 8, 2013.

  1. sawa73

    sawa73 New Member

    Hello,

    I have a server with debian + ispconfig3, sometimes Clamav-daemon status goes to failed for some reason.
    This happened 3 times in 10 months.

    I use this server since may 2012, this happened first time in december 2012, then 2 times yesterday.


    Code:
    root@ksxxxxx:~# /etc/init.d/clamav-daemon status
    clamd is not running ... failed!
    root@ksxxxxx:~# /etc/init.d/clamav-daemon start
    Starting ClamAV daemon: clamd LibClamAV Warning: *******************************             *******************
    LibClamAV Warning: ***  The virus database is older than 7 days!  ***
    LibClamAV Warning: ***   Please update it as soon as possible.    ***
    LibClamAV Warning: **************************************************
    LibClamAV Warning: ***********************************************************
    LibClamAV Warning: ***  This version of the ClamAV engine is outdated.     ***
    LibClamAV Warning: *** DON'T PANIC! Read http://www.clamav.net/support/faq ***
    LibClamAV Warning: ***********************************************************
    
    [​IMG]
     
    Last edited: Mar 8, 2013
  2. florian030

    florian030 Member HowtoForge Supporter ISPConfig Developer

    Hi,

    Please update the database by running "freshclam" or "freshclam -v". Usually clamd/freshclam updates the database according to Checks in your freshclam.conf.

    A few weeks ago there where a lot out trouble with updating clamav.

    You can also try to remove the mirrors.dat (/usr/local/share/clamav) before running freshclam.

    Which version of clamav are you using? Some mirrors block connections for outdated clients (i.e. <= clamav/0.94)
     
  3. sawa73

    sawa73 New Member

    Hi,

    I can't use freshclam -v command :
    Code:
    root@ksxxxxx:~# freshclam -v
    ERROR: /var/log/clamav/freshclam.log is locked by another process
    ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
    
    My log file :
    Code:
    root@ksxxxxx:~# tail /var/log/clamav/freshclam.log
    Sat Mar  9 14:37:01 2013 -> WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
    Sat Mar  9 14:37:01 2013 -> WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
    Sat Mar  9 14:37:01 2013 -> WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
    Sat Mar  9 14:37:01 2013 -> WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
    Sat Mar  9 14:37:01 2013 -> ERROR: getpatch: Can't download daily-16682.cdiff from database.clamav.net
    Sat Mar  9 14:37:01 2013 -> WARNING: Incremental update failed, trying to download daily.cvd
    Sat Mar  9 14:37:01 2013 -> ERROR: Can't download daily.cvd from database.clamav.net
    Sat Mar  9 14:37:01 2013 -> Giving up on database.clamav.net...
    Sat Mar  9 14:37:01 2013 -> Update failed. Your network may be down or none of the mirrors listed in /etc/clamav/freshclam.conf is working. Check http://www.clamav.net/support/mirror-problem for possible reasons.
    Sat Mar  9 14:37:01 2013 -> --------------------------------------
    
    My network is not down i can reach the clamav host :
    Code:
    root@ksxxxxx:~# host database.clamav.net
    database.clamav.net is an alias for db.local.clamav.net.
    db.local.clamav.net is an alias for db.fr.clamav.net.
    db.fr.clamav.net has address 193.51.160.14
    db.fr.clamav.net has address 193.52.101.131
    db.fr.clamav.net has address 195.190.27.134
    db.fr.clamav.net has address 91.193.56.105
    db.fr.clamav.net has address 193.43.215.41
    
    Content of /etc/clamav/freshclam.conf :
    Code:
    DatabaseOwner clamav
    UpdateLogFile /var/log/clamav/freshclam.log
    LogVerbose false
    LogSyslog false
    LogFacility LOG_LOCAL6
    LogFileMaxSize 0
    LogTime true
    Foreground false
    Debug false
    MaxAttempts 5
    DatabaseDirectory /var/lib/clamav
    DNSDatabaseInfo current.cvd.clamav.net
    AllowSupplementaryGroups false
    PidFile /var/run/clamav/freshclam.pid
    ConnectTimeout 30
    ReceiveTimeout 30
    TestDatabases yes
    ScriptedUpdates yes
    CompressLocalDatabase no
    Bytecode true
    # Check for new database 24 times a day
    Checks 24
    DatabaseMirror db.local.clamav.net
    DatabaseMirror database.clamav.net
    
    I deleted mirror.dat in /var/lib/clamav

    my Clamav version is 0.97 :
    Code:
    root@ksxxxxx:~# freshclam -V
    ClamAV 0.97.6/16681/Thu Feb 14 13:55:37 2013
    
    Thank you for your help.
     
  4. florian030

    florian030 Member HowtoForge Supporter ISPConfig Developer

    Remove main.cld and run freshclam again.
     
  5. sawa73

    sawa73 New Member

    I still have the same error messsage after deleted main.cld and mirrors.dat:

    Code:
    root@ksxxxxx:~# freshclam
    ERROR: /var/log/clamav/freshclam.log is locked by another process
    ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).
    
    EDIT : It works, i needed to do /etc/init.d/clamav-freshclam stop

    Now i have this message :

    Code:
    WARNING: getpatch: Can't download daily-16682.cdiff from database.clamav.net
    WARNING: Incremental update failed, trying to download daily.cvd
    Whitelisting short-term blacklisted mirrors
    Retrieving http://database.clamav.net/daily.cvd
    Ignoring mirror 193.51.160.14 (has connected too many times with an outdated version)
    Ignoring mirror 193.52.101.131 (has connected too many times with an outdated version)
    Ignoring mirror 195.190.27.134 (has connected too many times with an outdated version)
    Ignoring mirror 193.43.215.41 (has connected too many times with an outdated version)
    Ignoring mirror 91.193.56.105 (has connected too many times with an outdated version)
    Ignoring mirror 193.51.160.14 (has connected too many times with an outdated version)
    Ignoring mirror 193.52.101.131 (has connected too many times with an outdated version)
    Ignoring mirror 195.190.27.134 (has connected too many times with an outdated version)
    Ignoring mirror 193.43.215.41 (has connected too many times with an outdated version)
    Ignoring mirror 91.193.56.105 (has connected too many times with an outdated version)
    WARNING: Can't download daily.cvd from database.clamav.net
    
     
    Last edited: Mar 9, 2013
  6. florian030

    florian030 Member HowtoForge Supporter ISPConfig Developer

    You should update to latest version (0.97.6 - http://www.clamav.net/lang/en/download/sources/). As i told you above, most mirrors drop connections from outdated clients and i`m not sure if your client can handle the latest database-files.

    Usually you can update clamav while freshclam runs. IIRC this was a bug in an older version.
     
  7. sawa73

    sawa73 New Member

    I deleted daily.cvd, main.cvd and mirror then run freshclam, and restarted amavis and postfix.

    It's fixed now, Thank you for your help.
     
  8. sawa73

    sawa73 New Member

    It worked 2 days, same problem happens again. Clamav stop working.

    Code:
    root@ksxxxxx:~# /etc/init.d/clamav-daemon status
    clamd is not running ... failed!
    root@ksxxxxx:~# /etc/init.d/clamav-daemon start
    Starting ClamAV daemon: clamd .
    
    I don't have the warning about old database anymore, but clamav goes down for some reason.
     
  9. florian030

    florian030 Member HowtoForge Supporter ISPConfig Developer

    Is there anything in your logs why clamd stopped working?
     
  10. sawa73

    sawa73 New Member

    I found this in my logs :

    Code:
    Mar 13 20:23:31 ksxxxxx postfix/qmgr[6592]: warning: mail for [127.0.0.1]:10024 is using up 6569 of 6569 active queue entries
    Mar 13 20:23:31 ksxxxxx postfix/qmgr[6592]: warning: you may need to reduce amavis connect and helo timeouts
    Mar 13 20:23:31 ksxxxxx postfix/qmgr[6592]: warning: so that Postfix quickly skips unavailable hosts
    Mar 13 20:23:31 ksxxxxx postfix/qmgr[6592]: warning: you may need to increase the main.cf minimal_backoff_time and maximal_backoff_time
    Mar 13 20:23:31 ksxxxxx postfix/qmgr[6592]: warning: so that Postfix wastes less time on undeliverable mail
    Mar 13 20:23:31 ksxxxxx postfix/qmgr[6592]: warning: you may need to increase the master.cf amavis process limit
    Mar 13 20:23:31 ksxxxxx postfix/qmgr[6592]: warning: please avoid flushing the whole queue when you have
    Mar 13 20:23:31 ksxxxxx postfix/qmgr[6592]: warning: lots of deferred mail, that is bad for performance
    Mar 13 20:23:31 ksxxxxx postfix/qmgr[6592]: warning: to turn off these warnings specify: qmgr_clog_warn_time = 0
    
     
  11. florian030

    florian030 Member HowtoForge Supporter ISPConfig Developer

    You should change your amavis-settings. But this doesn´t explain why clamd stopps on your system. Look at your clamd-Logfile.
     
  12. sawa73

    sawa73 New Member

    i have this in my /var/log/mail.err file :

    Code:
    amavis[28223]: (28223-08) (!!)WARN: all primary virus scanners failed, considering backups
    amavis[28222]: (28222-09) (!!)WARN: all primary virus scanners failed, considering backups
    amavis[28223]: (28223-09) (!!)WARN: all primary virus scanners failed, considering backups
    amavis[28222]: (28222-09-2) (!!)WARN: all primary virus scanners failed, considering backups
    amavis[28223]: (28223-09-2) (!!)WARN: all primary virus scanners failed, considering backups
    amavis[28222]: (28222-09-3) (!!)WARN: all primary virus scanners failed, considering backups
    amavis[28223]: (28223-10) (!!)WARN: all primary virus scanners failed, considering backups
    postfix/smtp[10912]: fatal: mysql:/etc/postfix/mysql-virtual_relaydomains.cf(0,lock|fold_fix): table lookup problem
    postfix/error[11129]: fatal: mysql:/etc/postfix/mysql-virtual_relaydomains.cf(0,lock|fold_fix): table lookup problem
    postfix/qmgr[24426]: fatal: mysql:/etc/postfix/mysql-virtual_relaydomains.cf(0,lock|fold_fix): table lookup problem
    
     
  13. florian030

    florian030 Member HowtoForge Supporter ISPConfig Developer

    Again, this doesn´t explain why clamd stopped on your system.

    "WARN: all primary virus scanners failed, considering backups" means, that clamd is not running or your amavis-config points to a wrong socket-file.

    Clamd writes its own logfiles (or send messages to syslog). Check your clamd.conf for something like "LogFile /var/log/clamd.log" and check THIS log for any errors.
     
  14. sawa73

    sawa73 New Member

    This is my clamav log :

    Code:
    root@ksxxxxx:~# cat /var/log/clamav/clamav.log
    Sun Mar 10 07:01:58 2013 -> No stats for Database check - forcing reload
    Sun Mar 10 07:01:59 2013 -> Reading databases from /var/lib/clamav
    Sun Mar 10 07:02:05 2013 -> Database correctly reloaded (1954426 signatures)
    Sun Mar 10 08:02:22 2013 -> SelfCheck: Database modification detected. Forcing reload.
    Sun Mar 10 08:02:22 2013 -> Reading databases from /var/lib/clamav
    Sun Mar 10 08:02:28 2013 -> Database correctly reloaded (1954600 signatures)
    Sun Mar 10 09:02:28 2013 -> SelfCheck: Database status OK.
    Sun Mar 10 10:02:40 2013 -> SelfCheck: Database status OK.
    Sun Mar 10 11:02:46 2013 -> SelfCheck: Database status OK.
    Sun Mar 10 12:02:49 2013 -> SelfCheck: Database status OK.
    Sun Mar 10 13:02:57 2013 -> SelfCheck: Database modification detected. Forcing reload.
    Sun Mar 10 13:02:57 2013 -> Reading databases from /var/lib/clamav
    Sun Mar 10 13:03:04 2013 -> Database correctly reloaded (1954605 signatures)
    Sun Mar 10 14:03:17 2013 -> SelfCheck: Database status OK.
    Sun Mar 10 15:03:20 2013 -> SelfCheck: Database status OK.
    Sun Mar 10 16:03:27 2013 -> SelfCheck: Database status OK.
    Sun Mar 10 17:03:35 2013 -> SelfCheck: Database modification detected. Forcing reload.
    Sun Mar 10 17:03:35 2013 -> Reading databases from /var/lib/clamav
    Sun Mar 10 17:03:41 2013 -> Database correctly reloaded (1954606 signatures)
    Sun Mar 10 18:03:53 2013 -> SelfCheck: Database status OK.
    Sun Mar 10 19:04:11 2013 -> SelfCheck: Database modification detected. Forcing reload.
    Sun Mar 10 19:04:11 2013 -> Reading databases from /var/lib/clamav
    Sun Mar 10 19:04:17 2013 -> Database correctly reloaded (1954610 signatures)
    Sun Mar 10 20:04:35 2013 -> SelfCheck: Database status OK.
    Sun Mar 10 21:04:56 2013 -> SelfCheck: Database status OK.
    Sun Mar 10 22:05:25 2013 -> SelfCheck: Database status OK.
    Sun Mar 10 23:05:27 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 00:05:50 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 01:05:54 2013 -> SelfCheck: Database modification detected. Forcing reload.
    Mon Mar 11 01:05:55 2013 -> Reading databases from /var/lib/clamav
    Mon Mar 11 01:06:07 2013 -> Database correctly reloaded (1954868 signatures)
    Mon Mar 11 02:06:22 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 03:06:37 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 04:06:41 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 05:06:57 2013 -> SelfCheck: Database modification detected. Forcing reload.
    Mon Mar 11 05:06:57 2013 -> Reading databases from /var/lib/clamav
    Mon Mar 11 05:07:03 2013 -> Database correctly reloaded (1954873 signatures)
    Mon Mar 11 06:07:19 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 07:07:35 2013 -> SelfCheck: Database modification detected. Forcing reload.
    Mon Mar 11 07:07:35 2013 -> Reading databases from /var/lib/clamav
    Mon Mar 11 07:07:41 2013 -> Database correctly reloaded (1954875 signatures)
    Mon Mar 11 08:11:36 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 09:56:00 2013 -> SelfCheck: Database modification detected. Forcing reload.
    Mon Mar 11 09:56:01 2013 -> Reading databases from /var/lib/clamav
    Mon Mar 11 09:56:07 2013 -> Database correctly reloaded (1955255 signatures)
    Mon Mar 11 11:01:29 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 12:25:15 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 13:25:49 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 14:33:48 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 15:35:39 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 16:37:34 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 17:49:30 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 18:50:31 2013 -> SelfCheck: Database modification detected. Forcing reload.
    Mon Mar 11 18:50:31 2013 -> Reading databases from /var/lib/clamav
    Mon Mar 11 18:50:38 2013 -> Database correctly reloaded (1955582 signatures)
    Mon Mar 11 20:02:02 2013 -> SelfCheck: Database status OK.
    Mon Mar 11 21:02:25 2013 -> SelfCheck: Database status OK.
    Wed Mar 13 06:14:06 2013 -> +++ Started at Wed Mar 13 06:14:06 2013
    Wed Mar 13 06:14:06 2013 -> clamd daemon 0.97.6 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
    Wed Mar 13 06:14:06 2013 -> Log file size limited to -1 bytes.
    Wed Mar 13 06:14:06 2013 -> Reading databases from /var/lib/clamav
    Wed Mar 13 06:14:06 2013 -> Not loading PUA signatures.
    Wed Mar 13 06:14:06 2013 -> Bytecode: Security mode set to "TrustSigned".
    Wed Mar 13 06:14:11 2013 -> Loaded 1973564 signatures.
    Wed Mar 13 06:14:12 2013 -> LOCAL: Removing stale socket file /var/run/clamav/clamd.ctl
    Wed Mar 13 06:14:12 2013 -> LOCAL: Unix socket file /var/run/clamav/clamd.ctl
    Wed Mar 13 06:14:12 2013 -> LOCAL: Setting connection queue length to 15
    Wed Mar 13 06:14:12 2013 -> Limits: Global size limit set to 104857600 bytes.
    Wed Mar 13 06:14:12 2013 -> Limits: File size limit set to 26214400 bytes.
    Wed Mar 13 06:14:12 2013 -> Limits: Recursion level limit set to 16.
    Wed Mar 13 06:14:12 2013 -> Limits: Files limit set to 10000.
    Wed Mar 13 06:14:12 2013 -> Archive support enabled.
    Wed Mar 13 06:14:12 2013 -> Algorithmic detection enabled.
    Wed Mar 13 06:14:12 2013 -> Portable Executable support enabled.
    Wed Mar 13 06:14:12 2013 -> ELF support enabled.
    Wed Mar 13 06:14:12 2013 -> Mail files support enabled.
    Wed Mar 13 06:14:12 2013 -> OLE2 support enabled.
    Wed Mar 13 06:14:12 2013 -> PDF support enabled.
    Wed Mar 13 06:14:12 2013 -> HTML support enabled.
    Wed Mar 13 06:14:12 2013 -> Self checking every 3600 seconds.
    Wed Mar 13 07:14:28 2013 -> No stats for Database check - forcing reload
    Wed Mar 13 07:14:29 2013 -> Reading databases from /var/lib/clamav
    Wed Mar 13 07:14:35 2013 -> Database correctly reloaded (1973565 signatures)
    Wed Mar 13 08:14:47 2013 -> SelfCheck: Database status OK.
    Wed Mar 13 09:15:00 2013 -> SelfCheck: Database status OK.
    Wed Mar 13 10:15:16 2013 -> SelfCheck: Database status OK.
    Wed Mar 13 11:15:39 2013 -> SelfCheck: Database status OK.
    Wed Mar 13 12:15:56 2013 -> SelfCheck: Database status OK.
    Wed Mar 13 13:16:23 2013 -> SelfCheck: Database status OK.
    Wed Mar 13 14:16:29 2013 -> SelfCheck: Database status OK.
    Wed Mar 13 16:26:32 2013 -> +++ Started at Wed Mar 13 16:26:32 2013
    Wed Mar 13 16:26:32 2013 -> clamd daemon 0.97.6 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
    Wed Mar 13 16:26:32 2013 -> Log file size limited to -1 bytes.
    Wed Mar 13 16:26:32 2013 -> Reading databases from /var/lib/clamav
    Wed Mar 13 16:26:32 2013 -> Not loading PUA signatures.
    Wed Mar 13 16:26:32 2013 -> Bytecode: Security mode set to "TrustSigned".
    Wed Mar 13 16:26:37 2013 -> Loaded 1973567 signatures.
    Wed Mar 13 16:26:38 2013 -> LOCAL: Removing stale socket file /var/run/clamav/clamd.ctl
    Wed Mar 13 16:26:38 2013 -> LOCAL: Unix socket file /var/run/clamav/clamd.ctl
    Wed Mar 13 16:26:38 2013 -> LOCAL: Setting connection queue length to 15
    Wed Mar 13 16:26:38 2013 -> Limits: Global size limit set to 104857600 bytes.
    Wed Mar 13 16:26:38 2013 -> Limits: File size limit set to 26214400 bytes.
    Wed Mar 13 16:26:38 2013 -> Limits: Recursion level limit set to 16.
    Wed Mar 13 16:26:38 2013 -> Limits: Files limit set to 10000.
    Wed Mar 13 16:26:38 2013 -> Archive support enabled.
    Wed Mar 13 16:26:38 2013 -> Algorithmic detection enabled.
    Wed Mar 13 16:26:38 2013 -> Portable Executable support enabled.
    Wed Mar 13 16:26:38 2013 -> ELF support enabled.
    Wed Mar 13 16:26:38 2013 -> Mail files support enabled.
    Wed Mar 13 16:26:38 2013 -> OLE2 support enabled.
    Wed Mar 13 16:26:38 2013 -> PDF support enabled.
    Wed Mar 13 16:26:38 2013 -> HTML support enabled.
    Wed Mar 13 16:26:38 2013 -> Self checking every 3600 seconds.
    Wed Mar 13 17:26:46 2013 -> No stats for Database check - forcing reload
    Wed Mar 13 17:26:46 2013 -> Reading databases from /var/lib/clamav
    Wed Mar 13 17:26:53 2013 -> Database correctly reloaded (1980049 signatures)
    Wed Mar 13 18:26:56 2013 -> SelfCheck: Database status OK.
    Wed Mar 13 19:27:06 2013 -> SelfCheck: Database modification detected. Forcing reload.
    Wed Mar 13 19:27:06 2013 -> Reading databases from /var/lib/clamav
    Wed Mar 13 19:27:12 2013 -> Database correctly reloaded (1980669 signatures)
    Wed Mar 13 20:27:12 2013 -> SelfCheck: Database status OK.
    Wed Mar 13 21:27:13 2013 -> SelfCheck: Database status OK.
    Wed Mar 13 22:27:25 2013 -> SelfCheck: Database status OK.
    Wed Mar 13 23:27:31 2013 -> SelfCheck: Database modification detected. Forcing reload.
    Wed Mar 13 23:27:31 2013 -> Reading databases from /var/lib/clamav
    Wed Mar 13 23:27:38 2013 -> Database correctly reloaded (1982668 signatures)
    Thu Mar 14 00:27:43 2013 -> SelfCheck: Database status OK.
    Thu Mar 14 01:27:56 2013 -> SelfCheck: Database status OK.
    Thu Mar 14 02:28:09 2013 -> SelfCheck: Database status OK.
    Thu Mar 14 03:28:20 2013 -> SelfCheck: Database status OK.
    Thu Mar 14 04:28:22 2013 -> SelfCheck: Database status OK.
    Thu Mar 14 05:28:36 2013 -> SelfCheck: Database modification detected. Forcing reload.
    Thu Mar 14 05:28:36 2013 -> Reading databases from /var/lib/clamav
    Thu Mar 14 05:28:43 2013 -> Database correctly reloaded (1982669 signatures)
    Thu Mar 14 06:28:44 2013 -> SelfCheck: Database status OK.
    Thu Mar 14 07:28:56 2013 -> SelfCheck: Database modification detected. Forcing reload.
    Thu Mar 14 07:28:57 2013 -> Reading databases from /var/lib/clamav
    Thu Mar 14 07:29:03 2013 -> Database correctly reloaded (1982670 signatures)
    Thu Mar 14 08:29:10 2013 -> SelfCheck: Database status OK.
    Thu Mar 14 09:29:17 2013 -> SelfCheck: Database status OK.
    Thu Mar 14 10:29:33 2013 -> SelfCheck: Database status OK.
    Thu Mar 14 14:46:37 2013 -> +++ Started at Thu Mar 14 14:46:37 2013
    Thu Mar 14 14:46:37 2013 -> clamd daemon 0.97.6 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
    Thu Mar 14 14:46:37 2013 -> Log file size limited to -1 bytes.
    Thu Mar 14 14:46:37 2013 -> Reading databases from /var/lib/clamav
    Thu Mar 14 14:46:37 2013 -> Not loading PUA signatures.
    Thu Mar 14 14:46:37 2013 -> Bytecode: Security mode set to "TrustSigned".
    Thu Mar 14 14:46:42 2013 -> Loaded 1986269 signatures.
    Thu Mar 14 14:46:43 2013 -> LOCAL: Removing stale socket file /var/run/clamav/clamd.ctl
    Thu Mar 14 14:46:43 2013 -> LOCAL: Unix socket file /var/run/clamav/clamd.ctl
    Thu Mar 14 14:46:43 2013 -> LOCAL: Setting connection queue length to 15
    Thu Mar 14 14:46:43 2013 -> Limits: Global size limit set to 104857600 bytes.
    Thu Mar 14 14:46:43 2013 -> Limits: File size limit set to 26214400 bytes.
    Thu Mar 14 14:46:43 2013 -> Limits: Recursion level limit set to 16.
    Thu Mar 14 14:46:43 2013 -> Limits: Files limit set to 10000.
    Thu Mar 14 14:46:43 2013 -> Archive support enabled.
    Thu Mar 14 14:46:43 2013 -> Algorithmic detection enabled.
    Thu Mar 14 14:46:43 2013 -> Portable Executable support enabled.
    Thu Mar 14 14:46:43 2013 -> ELF support enabled.
    Thu Mar 14 14:46:43 2013 -> Mail files support enabled.
    Thu Mar 14 14:46:43 2013 -> OLE2 support enabled.
    Thu Mar 14 14:46:43 2013 -> PDF support enabled.
    Thu Mar 14 14:46:43 2013 -> HTML support enabled.
    Thu Mar 14 14:46:43 2013 -> Self checking every 3600 seconds.
    Thu Mar 14 15:46:52 2013 -> No stats for Database check - forcing reload
    Thu Mar 14 15:46:53 2013 -> Reading databases from /var/lib/clamav
    Thu Mar 14 15:46:59 2013 -> Database correctly reloaded (1986269 signatures)
    Thu Mar 14 16:47:11 2013 -> SelfCheck: Database status OK.
    Thu Mar 14 17:47:28 2013 -> SelfCheck: Database status OK.
    Thu Mar 14 18:47:29 2013 -> SelfCheck: Database modification detected. Forcing reload.
    Thu Mar 14 18:47:30 2013 -> Reading databases from /var/lib/clamav
    Thu Mar 14 18:47:36 2013 -> Database correctly reloaded (1990264 signatures)
    Thu Mar 14 19:47:44 2013 -> SelfCheck: Database status OK.
    Thu Mar 14 22:15:26 2013 -> +++ Started at Thu Mar 14 22:15:26 2013
    Thu Mar 14 22:15:26 2013 -> clamd daemon 0.97.6 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
    Thu Mar 14 22:15:26 2013 -> Log file size limited to -1 bytes.
    Thu Mar 14 22:15:26 2013 -> Reading databases from /var/lib/clamav
    Thu Mar 14 22:15:26 2013 -> Not loading PUA signatures.
    Thu Mar 14 22:15:26 2013 -> Bytecode: Security mode set to "TrustSigned".
    Thu Mar 14 22:15:31 2013 -> Loaded 1990271 signatures.
    Thu Mar 14 22:15:32 2013 -> LOCAL: Removing stale socket file /var/run/clamav/clamd.ctl
    Thu Mar 14 22:15:32 2013 -> LOCAL: Unix socket file /var/run/clamav/clamd.ctl
    Thu Mar 14 22:15:32 2013 -> LOCAL: Setting connection queue length to 15
    Thu Mar 14 22:15:32 2013 -> Limits: Global size limit set to 104857600 bytes.
    Thu Mar 14 22:15:32 2013 -> Limits: File size limit set to 26214400 bytes.
    Thu Mar 14 22:15:32 2013 -> Limits: Recursion level limit set to 16.
    Thu Mar 14 22:15:32 2013 -> Limits: Files limit set to 10000.
    Thu Mar 14 22:15:32 2013 -> Archive support enabled.
    Thu Mar 14 22:15:32 2013 -> Algorithmic detection enabled.
    Thu Mar 14 22:15:32 2013 -> Portable Executable support enabled.
    Thu Mar 14 22:15:32 2013 -> ELF support enabled.
    Thu Mar 14 22:15:32 2013 -> Mail files support enabled.
    Thu Mar 14 22:15:32 2013 -> OLE2 support enabled.
    Thu Mar 14 22:15:32 2013 -> PDF support enabled.
    Thu Mar 14 22:15:32 2013 -> HTML support enabled.
    Thu Mar 14 22:15:32 2013 -> Self checking every 3600 seconds.
    Fri Mar 15 16:56:51 2013 -> +++ Started at Fri Mar 15 16:56:51 2013
    Fri Mar 15 16:56:51 2013 -> clamd daemon 0.97.6 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
    Fri Mar 15 16:56:51 2013 -> Log file size limited to -1 bytes.
    Fri Mar 15 16:56:51 2013 -> Reading databases from /var/lib/clamav
    Fri Mar 15 16:56:51 2013 -> Not loading PUA signatures.
    Fri Mar 15 16:56:51 2013 -> Bytecode: Security mode set to "TrustSigned".
    Fri Mar 15 16:56:56 2013 -> Loaded 1990562 signatures.
    Fri Mar 15 16:56:57 2013 -> LOCAL: Removing stale socket file /var/run/clamav/clamd.ctl
    Fri Mar 15 16:56:57 2013 -> LOCAL: Unix socket file /var/run/clamav/clamd.ctl
    Fri Mar 15 16:56:57 2013 -> LOCAL: Setting connection queue length to 15
    Fri Mar 15 16:56:57 2013 -> Limits: Global size limit set to 104857600 bytes.
    Fri Mar 15 16:56:57 2013 -> Limits: File size limit set to 26214400 bytes.
    Fri Mar 15 16:56:57 2013 -> Limits: Recursion level limit set to 16.
    Fri Mar 15 16:56:57 2013 -> Limits: Files limit set to 10000.
    Fri Mar 15 16:56:57 2013 -> Archive support enabled.
    Fri Mar 15 16:56:57 2013 -> Algorithmic detection enabled.
    Fri Mar 15 16:56:57 2013 -> Portable Executable support enabled.
    Fri Mar 15 16:56:57 2013 -> ELF support enabled.
    Fri Mar 15 16:56:57 2013 -> Mail files support enabled.
    Fri Mar 15 16:56:57 2013 -> OLE2 support enabled.
    Fri Mar 15 16:56:57 2013 -> PDF support enabled.
    Fri Mar 15 16:56:57 2013 -> HTML support enabled.
    Fri Mar 15 16:56:57 2013 -> Self checking every 3600 seconds.
    Fri Mar 15 17:57:08 2013 -> No stats for Database check - forcing reload
    Fri Mar 15 17:57:08 2013 -> Reading databases from /var/lib/clamav
    Fri Mar 15 17:57:15 2013 -> Database correctly reloaded (1990562 signatures)
    
     
  15. florian030

    florian030 Member HowtoForge Supporter ISPConfig Developer

    Your log seems ok. It doesn´t explain why your clamd suddenly stopped.

    You can use a cronjob as a workaround and (re)start clamd daily or use something like nagios to monitor your system.

    Maybe you should post your problem on the clamav-user-mailinglist.
     

Share This Page