-
Notifications
You must be signed in to change notification settings - Fork 676
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
clamonacc fatal error #184
Comments
confirmed as well on |
I don't see anything that would explain it. 🤷♂️ 🙁 |
still occurs without |
|
after switching to a custom fork provided by @m-sola and centos/fdpass/unixsocket i cannot get |
#199 has been poc'd and its statical linkage seems to provide a robust workaround for the moment. a sustainable fix on the |
This fixes a fatal issue that would occur when unable to queue events due to clamonacc improperly using all available fds. It also fixes the core fd socket leak issue at the heart of the segfault by properly cleaning up after a failed curl connection.
FYI, this is fixed with #227 You can test by following instructions listed above while monitoring the proc fd dir for clamonacc while it's running. e.g.
Run the ls command after the clamonacc log shows failed connections to clamd. Previously, clamonacc would leak fds on failed connection and you would be able to see the sockets by monitoring proc. With the fix, you can see via proc that these fds are correctly cleaned up. |
This fixes a fatal issue that would occur when unable to queue events due to clamonacc improperly using all available fds. It also fixes the core fd socket leak issue at the heart of the segfault by properly cleaning up after a failed curl connection. Lastly, worst case recovery code now allows more time for consumer queue to catchup. It accomplishes this by increasing wait time and adding retry logic. More info: Cisco-Talos#184
This fixes a fatal issue that would occur when unable to queue events due to clamonacc improperly using all available fds. It also fixes the core fd socket leak issue at the heart of the segfault by properly cleaning up after a failed curl connection. Lastly, worst case recovery code now allows more time for consumer queue to catchup. It accomplishes this by increasing wait time and adding retry logic. More info: #184
This fixes a fatal issue that would occur when unable to queue events due to clamonacc improperly using all available fds. It also fixes the core fd socket leak issue at the heart of the segfault by properly cleaning up after a failed curl connection. Lastly, worst case recovery code now allows more time for consumer queue to catchup. It accomplishes this by increasing wait time and adding retry logic. More info: #184
This fixes a fatal issue that would occur when unable to queue events due to clamonacc improperly using all available fds. It also fixes the core fd socket leak issue at the heart of the segfault by properly cleaning up after a failed curl connection. Lastly, worst case recovery code now allows more time for consumer queue to catchup. It accomplishes this by increasing wait time and adding retry logic. More info: Cisco-Talos#184
This fixes a fatal issue that would occur when unable to queue events due to clamonacc improperly using all available fds. It also fixes the core fd socket leak issue at the heart of the segfault by properly cleaning up after a failed curl connection. Lastly, worst case recovery code now allows more time for consumer queue to catchup. It accomplishes this by increasing wait time and adding retry logic. More info: #184
Here's the (now merged) PR for 0.103.4: #244 |
This fixes a fatal issue that would occur when unable to queue events due to clamonacc improperly using all available fds. It also fixes the core fd socket leak issue at the heart of the segfault by properly cleaning up after a failed curl connection. Lastly, worst case recovery code now allows more time for consumer queue to catchup. It accomplishes this by increasing wait time and adding retry logic. More info: #184
issue
clamonacc
dev/104 crashes with below ERROR when a folder like i.e. clamav.git-repo is copied and we aproach of about ~10000 files opened. this issue occurs on all kernel versions. the default ulimit=1024 needs to be raised for this to occur.reproduction steps
conf
furher observations
no such file or directory
clamonacc / ClamInotif: could not watch path #186 ?log
Please let me know if there's anything for me to test. Any advice appreciated. Thanks.
The text was updated successfully, but these errors were encountered: