clamonacc and stat() #857
Comments
|
Hi, I am not sure at this point what would cause this. Have you tried decreasing your LogFileMaxSize in clamd.conf to determine if it will still crash? Thanks, |
|
Hi Andy,
thank you for your e-mail and sorry for my bad english…
I decreased the LogFileMaxSize but nothing realy changed.
After clamd and clamonacc are started both works as i expect. Opening the eicar-testfile clamonacc and clamd will log this event. If i afterwards „open“ a MS-office-file on samba-directory for half a hour and save this file clamd produces log-files (see figur) with the described errors and warnings and clamonacc doesn’t work correctly anymore. When now the eicar-testfile is opened whether clamonacc nor clamd will recognise it. Reducing LogFileMaxSize reduces only „the number of logfiles“.
Because of your hint I use in clamd.conf only the defaults now and it seems that both clamd and clamonacc works fine. Now clamd logs only once the „File path check failure…“ when a MS-Office-file is opened. Clanonacc continues to work normally…
I have to addmit, that I changend the defaults in clamd.conf because I didn’t get started clamd and clamonacc. But the reason for the troubles was that max_user_watches in inotify was set wrong. The number of files in the samba-directory is apparently to large for the default max_user_watches (1024?) in inotify so clamd and clamonacc can’t start. Please excuse the circumstances I suspected.
***@***.***
Thanks you for hint,
Gerhard
Von: ragusaa ***@***.***>
Gesendet: Montag, 13. März 2023 19:10
An: Cisco-Talos/clamav ***@***.***>
Cc: Saller, Gerhard ***@***.***>; Author ***@***.***>
Betreff: Re: [Cisco-Talos/clamav] clamonacc and stat() (Issue #857)
Hi,
I am not sure at this point what would cause this. Have you tried decreasing your LogFileMaxSize in clamd.conf to determine if it will still crash?
Thanks,
Andy
—
Reply to this email directly, view it on GitHub<#857 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ASUNKFEI2D5QWQRGDYAWY6LW35PFXANCNFSM6AAAAAAVUZMYZM>.
You are receiving this because you authored the thread.Message ID: ***@***.******@***.***>>
|
|
Hi Gerhard, Your English is fine, don't worry about it :) I believe this is a bug, and I will create a ticket internally, so that we can track it, but unfortunately I don't know when it will be scheduled. I appreciate you reporting this, and I will let you know when we have time to work on it. Thanks, |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I want to use clamd and clamonacc on a fileserver (Debian 11) for samba directories. Usually it works fine. But when a MS-Office-file or document (esp. in excel) is opend for more then 1 hour (from a Windows-Client) with out any changes and then works with this MS-Office-file goes on clamd causes errors (clamav 1.0.1 and with clamav stable version of Debian 11).
clamd.log:
Tue Mar 7 17:06:25 2023 -> WARNING: File path check failure for: /home/data/01_PROJEKTE/01_Projekte/Firma/1_Projektdokumentation/Standort-W-Konzept 2022/Energiebilanzen/02 EB mit neuen Anlagen.xlsx
Tue Mar 7 17:06:25 2023 -> WARNING: File path check failure on: /home/data/01_PROJEKTE/01_Projekte/Firma/1_Projektdokumentation/Standort-W-Konzept 2022/Energiebilanzen/02 EB mit neuen Anlagen.xlsx
Tue Mar 7 17:06:25 2023 -> WARNING: File path check failure for: /home/data/01_PROJEKTE/01_Projekte/Firma/1_Projektdokumentation/Standort-W-Konzept 2022/Energiebilanzen/02 EB mit neuen Anlagen.xlsx
Tue Mar 7 17:06:25 2023 -> WARNING: File path check failure on: /home/data/01_PROJEKTE/01_Projekte/Firma/1_Projektdokumentation/Standort-W-Konzept 2022/Energiebilanzen/02 EB mit neuen Anlagen.xlsx
.
.
.
later on
Tue Mar 7 17:06:26 2023 -> WARNING: File path check failure for: /home/data/01_PROJEKTE/01_Projekte/Firma/1_Projektdokumentation/Standort-W-Konzept 2022/Energiebilanzen/77EF24F1.tmp
Tue Mar 7 17:06:26 2023 -> WARNING: File path check failure on: /home/data/01_PROJEKTE/01_Projekte/Firma/1_Projektdokumentation/Standort-W-Konzept 2022/Energiebilanzen/77EF24F1.tmp
Tue Mar 7 17:06:26 2023 -> WARNING: File path check failure for: /home/data/01_PROJEKTE/01_Projekte/Firma/1_Projektdokumentation/Standort-W-Konzept 2022/Energiebilanzen/77EF24F1.tmp
Tue Mar 7 17:06:26 2023 -> WARNING: File path check failure on: /home/data/01_PROJEKTE/01_Projekte/Firma/1_Projektdokumentation/Standort-W-Konzept 2022/Energiebilanzen/77EF24F1.tmp
.
.
.
clamd produces log-files till clamd is stopped with (or no place left on harddisk)
pkill -SIGTERM clamd
clamonacc can not be stopped with -SIGTERM only be killed but I got onetime a "warning" in clamonacc.log
clamonacc.log:
/home/data/01_PROJEKTE/01_Projekte/Firma/1_Projektdokumentation/Standort-W-Konzept 2022/Energiebilanzen/7C895913.tmp: stat() failed with No such file or directory, clamd may not be responding
/home/data/01_PROJEKTE/01_Projekte/Firma/1_Projektdokumentation/Standort-W-Konzept 2022/Energiebilanzen/7C895913.tmp: stat() failed with No such file or directory, clamd may not be responding
ERROR: ClamClient: Connection to clamd failed, Couldn't connect to server.
What do I wrong? I can't find any issues here or at the mailing-list...
Checking configuration files in /etc/clamav
Config file: clamd.conf
LogFile = "/var/log/clamav/clamd.log"
LogFileMaxSize = "2097152"
LogTime = "yes"
LogRotate = "yes"
LocalSocket = "/tmp/clamd.socket"
LocalSocketMode = "660"
MaxThreads = "20"
ReadTimeout = "300"
MaxQueue = "200"
MaxDirectoryRecursion = "12"
ExitOnOOM = "yes"
DetectPUA = "yes"
ScanHTML disabled
MaxScanSize = "4194304000"
MaxFileSize = "1572864000"
MaxFiles = "20000"
MaxEmbeddedPE = "104857600"
PCREMaxFileSize = "419430400"
OnAccessIncludePath = "/home"
OnAccessExcludePath = "/home/data/03_VERWALTUNG/10_Sicherung"
OnAccessExcludeRootUID = "yes"
OnAccessExcludeUname = "root"
OnAccessMaxFileSize = "52428800"
OnAccessMaxThreads = "15"
OnAccessRetryAttempts = "3"
Config file: freshclam.conf
LogFileMaxSize = "4294967295"
LogTime = "yes"
LogRotate = "yes"
UpdateLogFile = "/var/log/clamav/freshclam.log"
Checks = "24"
DatabaseMirror = "db.local.clamav.net", "database.clamav.net"
MaxAttempts = "5"
clamav-milter.conf not found
Software settings
Version: 0.103.8
Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2 LIBXML2 PCRE2 ICONV JSON
Database information
Database directory: /var/lib/clamav
daily.cld: version 26835, sigs: 2025005, built on Wed Mar 8 09:35:43 2023
main.cvd: version 62, sigs: 6647427, built on Thu Sep 16 14:32:42 2021
bytecode.cvd: version 334, sigs: 91, built on Wed Feb 22 22:33:21 2023
[3rd Party] mywhitelist.ign2: 2 sigs
Total number of signatures: 8672525
Platform information
uname: Linux 5.10.0-21-amd64 #1 SMP Debian 5.10.162-1 (2023-01-21) x86_64
OS: linux-gnu, ARCH: x86_64, CPU: x86_64
Full OS version: Debian GNU/Linux 11 (bullseye)
zlib version: 1.2.11 (1.2.11), compile flags: a9
platform id: 0x0a21818108000000000a0201
Build information
GNU C: 10.2.1 20210110 (10.2.1)
CPPFLAGS: -Wdate-time -D_FORTIFY_SOURCE=2
CFLAGS: -g -O2 -ffile-prefix-map=/build/clamav-XPIT9Z/clamav-0.103.8+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64
CXXFLAGS: -g -O2 -ffile-prefix-map=/build/clamav-XPIT9Z/clamav-0.103.8+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64
LDFLAGS: -Wl,-z,relro -Wl,-z,now -Wl,--as-needed
Configure: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-option-checking' '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu' '--runstatedir=/run' '--disable-maintainer-mode' '--disable-dependency-tracking' 'CFLAGS=-g -O2 -ffile-prefix-map=/build/clamav-XPIT9Z/clamav-0.103.8+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -ffile-prefix-map=/build/clamav-XPIT9Z/clamav-0.103.8+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now -Wl,--as-needed' '--with-dbdir=/var/lib/clamav' '--sysconfdir=/etc/clamav' '--disable-clamav' '--disable-unrar' '--enable-milter' '--enable-dns-fix' '--with-libjson' '--with-system-libmspack' '--with-libcurl=/usr' '--with-gnu-ld' '--with-systemdsystemunitdir=/lib/systemd/system' 'build_alias=x86_64-linux-gnu' 'OBJCFLAGS=-g -O2 -ffile-prefix-map=/build/clamav-XPIT9Z/clamav-0.103.8+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security'
sizeof(void*) = 8
Engine flevel: 129, dconf: 129
The text was updated successfully, but these errors were encountered: