From clamav-users-bounces@lists.clamav.net Mon Apr 7 11:57:17 2008 Return-Path: X-Original-To: list@tad.clamav.net Delivered-To: list@tad.clamav.net X-Virus-Scanned: Debian amavisd-new at tad.clamav.net Received: from tad.clamav.net ([127.0.0.1]) by localhost (tad.clamav.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 154NcBiWoKcW; Mon, 7 Apr 2008 11:57:16 +0200 (CEST) Received: from tad.clamav.net (localhost.localdomain [127.0.0.1]) by tad.clamav.net (Postfix) with ESMTP id 0526E16C068; Mon, 7 Apr 2008 11:57:12 +0200 (CEST) X-Original-To: clamav-users@tad.clamav.net Delivered-To: clamav-users@tad.clamav.net X-Virus-Scanned: Debian amavisd-new at tad.clamav.net Received: from tad.clamav.net ([127.0.0.1]) by localhost (tad.clamav.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2L5DUXEquII9 for ; Mon, 7 Apr 2008 11:57:07 +0200 (CEST) Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.153]) by tad.clamav.net (Postfix) with ESMTP id 0E6B516C042 for ; Mon, 7 Apr 2008 11:57:01 +0200 (CEST) Received: by fg-out-1718.google.com with SMTP id 22so1111289fge.18 for ; Mon, 07 Apr 2008 02:57:01 -0700 (PDT) Received: by 10.82.149.8 with SMTP id w8mr828171bud.53.1207562221117; Mon, 07 Apr 2008 02:57:01 -0700 (PDT) Received: from ?192.168.0.2? ( [79.114.58.2]) by mx.google.com with ESMTPS id l12sm6790203fgb.8.2008.04.07.02.56.58 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 07 Apr 2008 02:56:59 -0700 (PDT) Message-ID: <47F9EFE9.8040602@gmail.com> Date: Mon, 07 Apr 2008 12:56:57 +0300 From: =?ISO-8859-15?Q?T=F6r=F6k_Edwin?= User-Agent: Mozilla-Thunderbird 2.0.0.9 (X11/20080109) MIME-Version: 1.0 To: ClamAV users ML References: <47F9EE29.9080005@phoenixsoftware.de> In-Reply-To: <47F9EE29.9080005@phoenixsoftware.de> Subject: Re: [Clamav-users] all my ClamAV daemons died last night X-BeenThere: clamav-users@lists.clamav.net X-Mailman-Version: 2.1.9 Precedence: list Reply-To: ClamAV users ML List-Id: ClamAV users ML List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: clamav-users-bounces@lists.clamav.net Errors-To: clamav-users-bounces@lists.clamav.net Tilman Schmidt wrote: > I have ClamAV running on several Linux mailservers. All of them stopped > working last night with similar symptoms: > > - Some time after 23h CEST (21h GMT) freshclam started complaining it > couldn't connect any update server. > > Apr 6 23:07:06 lx1 freshclam[15939]: nonblock_connect: connect timing > out (30 secs) > Apr 6 23:07:06 lx1 freshclam[15939]: Can't connect to port 80 of host > db.de.clamav.net (IP: 62.26.160.3) > Apr 6 23:07:06 lx1 freshclam[15939]: Trying host db.de.clamav.net > (62.201.161.84)... > > [repeating every 30 seconds with varying IP addresses] > This in itself isn't normally a reason for concern. > > - Five minutes later it gives up on incrementals and switches to > main.cvd, which is probably standard behaviour, but the connection > problems persist: > > Apr 6 23:12:08 lx1 freshclam[15939]: Incremental update failed, > trying to download main.cvd > Apr 6 23:12:38 lx1 freshclam[15939]: nonblock_connect: connect timing > out (30 secs) > Apr 6 23:12:38 lx1 freshclam[15939]: Can't connect to port 80 of host > db.de.clamav.net (IP: 195.246.234.199) > Apr 6 23:12:38 lx1 freshclam[15939]: Trying host db.de.clamav.net > (212.1.60.18)... > Apr 6 23:13:08 lx1 freshclam[15939]: nonblock_connect: connect timing > out (30 secs) > > - Some time later ClamAV complains it cannot update its database, and > exits: > > Apr 6 23:15:28 lx1 clamav-milter[15949]: Unable to lock database > directory > Apr 6 23:15:28 lx1 clamav-milter[15949]: Failed to load updated database > Apr 6 23:15:31 lx1 clamav-milter[15947]: ClamAv: mi_stop=1 > Apr 6 23:15:31 lx1 clamav-milter[15947]: Stopping ClamAV > 0.92.1/6635/Sun Apr 6 18:29:31 2008 > > Or on a different machine using MIMEdefang instead of clamav-milter: > > Apr 6 23:49:10 monolith clamd[4648]: reload db failed: Unable to lock > database directory (try 3) It looks like freshclam locked the directory. This will no longer be a problem with 0.93, since no locking of the directory is required anymore! > Apr 6 23:49:10 monolith clamd[4648]: reload db failed: Unable to lock > database directory > Apr 6 23:49:10 monolith clamd[4648]: Terminating because of a fatal > error. > Simple question: why did that happen? IMHO a failure to update the > signatures, even if it persists for several hours, should not prevent > the continued use of the scan service with the signatures it already > has. Is this: > - a misconfiguration (ie. my own fault)? Run clamd under a wrapper that monitors it, and restarts it in case of failure. > - a bug? Failure to reload the DB shouldn't be a fatal error, please open a bug. > - a feature? No. Best regards, --Edwin _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html