Closed jendis closed 3 years ago
Hi @jendis thanks for the report. I'm unsure how to test this one outside of setting up a similar system and letting it run for a month, hoping it will reproduce the issue. Will have a think about it. I might just do that if I can't find any other way to accelerate reproducing the issue.
Well, if you provide me a patch or whatever else with some more debug log messages, I can compile it and run on our system. I'll provide you the whole log when a bug arises.
The problem haven't occurred since version ClamAV 0.103.3/26298/Mon Sep 20 06:51:09 2021
Describe the bug
Freshclam stops downloading (and updating clamav database) after ~20days of run. This happens on all our servers. Restart of freshclam has to be done. Freshclam runs as a daemon
freshclam -d
and /etc/clamd.conf hasLocalSocket /tmp/clamd.sock
. No error is logged, it just stops logging and updating the DB.strace -p <freshclam_pid>
logs approx. each secondHow to reproduce the problem
Error occures after ~20 days periodically.
Checking configuration files in /etc
Config file: clamd.conf
TemporaryDirectory = "/tmp" LocalSocket = "/tmp/clamd.sock" TCPSocket = "3310" TCPAddr = "212.24.139.173", "2001:67c:15a0:4000::b" MaxConnectionQueueLength = "16000" StreamMaxLength = "25165824" MaxThreads = "64" ReadTimeout = "20" MaxQueue = "128" MaxDirectoryRecursion = "8" FollowFileSymlinks = "yes" Foreground = "yes" User = "clamav" BytecodeTimeout = "2000" DetectPUA = "yes" IncludePUA = "Spy", "Scanner", "RAT" PhishingScanURLs disabled AlertPhishingSSLMismatch = "yes" MaxScanSize = "25165824" MaxRecursion = "8" MaxFiles = "2000"
Config file: freshclam.conf
Foreground = "yes" Checks = "50" DatabaseMirror = "db.DE.ipv6.clamav.net", "database.clamav.net" DatabaseCustomURL = "http://ftp.swin.edu.au/sanesecurity/sanesecurity.ftm", "http://ftp.swin.edu.au/sanesecurity/sigwhitelist.ign2", "http://ftp.swin.edu.au/sanesecurity/junk.ndb", "http://ftp.swin.edu.au/sanesecurity/jurlbl.ndb", "http://ftp.swin.edu.au/sanesecurity/phish.ndb", "http://ftp.swin.edu.au/sanesecurity/rogue.hdb", "http://ftp.swin.edu.au/sanesecurity/scam.ndb", "http://ftp.swin.edu.au/sanesecurity/blurl.ndb", "http://ftp.swin.edu.au/sanesecurity/badmacro.ndb", "http://ftp.swin.edu.au/sanesecurity/foxhole_generic.cdb", "http://ftp.swin.edu.au/sanesecurity/foxhole_filename.cdb", "http://ftp.swin.edu.au/sanesecurity/winnow_malware.hdb", "http://ftp.swin.edu.au/sanesecurity/winnow_malware_links.ndb", "http://ftp.swin.edu.au/sanesecurity/bofhland_cracked_URL.ndb", "http://ftp.swin.edu.au/sanesecurity/bofhland_malware_URL.ndb", "http://ftp.swin.edu.au/sanesecurity/bofhland_phishing_URL.ndb", "http://ftp.swin.edu.au/sanesecurity/bofhland_malware_attach.hdb", "http://signatures.virusfree.cz/virusfree.ldb", "http://signatures.virusfree.cz/virusfree.cdb", "http://signatures.virusfree.cz/virusfree.ign2", "http://signatures.virusfree.cz/virusfree.virus.hsb", "http://signatures.virusfree.cz/virusfree.white.wdb"
clamav-milter.conf not found
Software settings
Version: 0.103.2 Optional features supported: MEMPOOL IPv6 AUTOIT_EA06 BZIP2 LIBXML2 PCRE2 ICONV JSON RAR
Database information
Database directory: /var/lib/clamav [3rd Party] sanesecurity.ftm: 170 sigs [3rd Party] sigwhitelist.ign2: 11 sigs [3rd Party] junk.ndb: 60306 sigs [3rd Party] jurlbl.ndb: 2600 sigs [3rd Party] phish.ndb: 28042 sigs [3rd Party] rogue.hdb: 478 sigs [3rd Party] scam.ndb: 12747 sigs [3rd Party] blurl.ndb: 4006 sigs [3rd Party] badmacro.ndb: 621 sigs [3rd Party] foxhole_generic.cdb: 212 sigs [3rd Party] foxhole_filename.cdb: 2613 sigs [3rd Party] winnow_malware.hdb: 293 sigs [3rd Party] winnow_malware_links.ndb: 133 sigs [3rd Party] bofhland_cracked_URL.ndb: 40 sigs [3rd Party] bofhland_malware_URL.ndb: 4 sigs [3rd Party] bofhland_phishing_URL.ndb: 72 sigs [3rd Party] bofhland_malware_attach.hdb: 1836 sigs [3rd Party] virusfree.virus.hsb: 1332 sigs [3rd Party] virusfree.white.wdb: 77 sigs [3rd Party] virusfree.ldb: 252 sigs [3rd Party] virusfree.cdb: 115 sigs [3rd Party] virusfree.ign2: 24 sigs daily.cld: version 26188, sigs: 3985498, built on Tue Jun 1 13:07:16 2021 bytecode.cld: version 333, sigs: 92, built on Mon Mar 8 16:21:51 2021 main.cvd: version 59, sigs: 4564902, built on Mon Nov 25 14:56:15 2019 Total number of signatures: 8666476
Platform information
uname: Linux 5.10.5-gentoo-x86_64 #1 SMP Thu Jan 7 12:38:46 CET 2021 x86_64 OS: linux-gnu, ARCH: x86_64, CPU: x86_64 zlib version: 1.2.11 (1.2.11), compile flags: a9 platform id: 0x0a217b7b0800000000090300
Build information
GNU C: 9.3.0 (9.3.0) CPPFLAGS: CFLAGS: -O2 -pipe -fno-strict-aliasing -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 CXXFLAGS: -O2 -pipe LDFLAGS: -Wl,-O1 -Wl,--as-needed Configure: '--prefix=/usr' '--build=x86_64-pc-linux-gnu' '--host=x86_64-pc-linux-gnu' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--datadir=/usr/share' '--sysconfdir=/etc' '--localstatedir=/var/lib' '--disable-dependency-tracking' '--disable-silent-rules' '--docdir=/usr/share/doc/clamav-0.103.2' '--htmldir=/usr/share/doc/clamav-0.103.2/html' '--with-sysroot=/' '--libdir=/usr/lib64' '--enable-bzip2' '--disable-clamonacc' '--enable-clamdtop' '--enable-ipv6' '--disable-milter' '--disable-check' '--with-xml' '--with-iconv' '--with-libjson=/usr' '--disable-libclamav-only' '--with-libcurl' '--with-system-libmspack' '--cache-file=/var/tmp/portage/app-antivirus/clamav-0.103.2/work/clamav-0.103.2/config.cache' '--disable-experimental' '--disable-static' '--disable-zlib-vcheck' '--enable-id-check' '--with-dbdir=/var/lib/clamav' '--with-zlib' '--disable-llvm' '--enable-openrc' '--runstatedir=/run' 'build_alias=x86_64-pc-linux-gnu' 'host_alias=x86_64-pc-linux-gnu' 'CXXFLAGS=-O2 -pipe' 'LDFLAGS=-Wl,-O1 -Wl,--as-needed' 'CFLAGS=-O2 -pipe' sizeof(void*) = 8 Engine flevel: 123, dconf: 123
Attachments
If applicable, add screenshots to help explain your problem.
If the issue is reproducible only when scanning a specific file, attach it to the ticket.