search

geerlingguy / ansible-role-clamav

Ansible Role - ClamAV.
https://galaxy.ansible.com/geerlingguy/clamav/
MIT License
60 stars 51 forks source link

clamav daemon fails on ubuntu #18

Closed caleb15 closed 3 years ago

caleb15 commented 3 years ago

When I installed on our t3a.small server it became unresponsive (high cpu / memory usage maybe?). After a while I was able to access the server again but the daemon failed.

caleb@influxdb0.cloud20:~$ sudo journalctl -u clamav-daemon
-- Logs begin at Fri 2020-03-06 02:11:25 UTC, end at Thu 2021-02-04 21:52:48 UTC. --
Feb 04 21:07:21 influxdb0 systemd[1]: Starting Clam AntiVirus userspace daemon...
Feb 04 21:07:21 influxdb0 systemd[1]: Started Clam AntiVirus userspace daemon.
Feb 04 21:07:34 influxdb0 systemd[1]: Stopping Clam AntiVirus userspace daemon...
Feb 04 21:07:34 influxdb0 systemd[1]: Stopped Clam AntiVirus userspace daemon.
Feb 04 21:07:34 influxdb0 mkdir[8035]: /bin/mkdir: cannot create directory ‘/run/clamav’: File exists
Feb 04 21:07:34 influxdb0 systemd[1]: Starting Clam AntiVirus userspace daemon...
Feb 04 21:07:34 influxdb0 systemd[1]: Started Clam AntiVirus userspace daemon.
Feb 04 21:22:14 influxdb0 systemd[1]: clamav-daemon.service: Main process exited, code=killed, status=9/KILL
Feb 04 21:22:14 influxdb0 systemd[1]: clamav-daemon.service: Failed with result 'signal'.
caleb@influxdb0.cloud20:~$ sudo cat /var/log/clamav/clamav.log 
Thu Feb  4 21:07:21 2021 -> +++ Started at Thu Feb  4 21:07:21 2021
Thu Feb  4 21:07:21 2021 -> Received 0 file descriptor(s) from systemd.
Thu Feb  4 21:07:21 2021 -> clamd daemon 0.102.4 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Thu Feb  4 21:07:21 2021 -> Running as user clamav (UID 114, GID 119)
Thu Feb  4 21:07:21 2021 -> Log file size limited to 4294967295 bytes.
Thu Feb  4 21:07:21 2021 -> Reading databases from /var/lib/clamav
Thu Feb  4 21:07:21 2021 -> Not loading PUA signatures.
Thu Feb  4 21:07:21 2021 -> Bytecode: Security mode set to "TrustSigned".
Thu Feb  4 21:07:34 2021 -> +++ Started at Thu Feb  4 21:07:34 2021
Thu Feb  4 21:07:34 2021 -> Received 0 file descriptor(s) from systemd.
Thu Feb  4 21:07:34 2021 -> clamd daemon 0.102.4 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Thu Feb  4 21:07:34 2021 -> Running as user clamav (UID 114, GID 119)
Thu Feb  4 21:07:34 2021 -> Log file size limited to 4294967295 bytes.
Thu Feb  4 21:07:34 2021 -> Reading databases from /var/lib/clamav
Thu Feb  4 21:07:34 2021 -> Not loading PUA signatures.
Thu Feb  4 21:07:34 2021 -> Bytecode: Security mode set to "TrustSigned".
Thu Feb  4 21:07:51 2021 -> Loaded 8681271 signatures.
caleb15 commented 3 years ago

Restarting the daemon worked. The memory usage is pretty concerning though, it takes up a whopping 60% :grimacing:

caleb15 commented 3 years ago

Ah I ran into this bug: https://bugzilla.clamav.net/show_bug.cgi?id=12460