Koozali.org formerly Contribs.org

Contribs.org Forums => SME Server 9.x => Topic started by: waldviertler on September 29, 2020, 02:32:47 PM

Title: Errors from clamd
Post by: waldviertler on September 29, 2020, 02:32:47 PM
Hello!

I'm running SME 9.2

rpm -q clamav
clamav-0.100.2-6.el6.sme.x86_64


Since today I get this errors from clamd:

Code: [Select]
2020-09-29 14:03:54.283029500 LibClamAV Error: mpool_malloc(): Can't allocate memory (262144 bytes).
2020-09-29 14:03:54.283033500 LibClamAV Error: cli_mpool_strdup(): Can't allocate memory (24 bytes).
2020-09-29 14:03:54.283161500 LibClamAV Error: cli_loadhash: Problem parsing database at line 2321627
2020-09-29 14:03:54.283162500 LibClamAV Error: Can't load main.mdb: Malformed database
2020-09-29 14:03:54.283163500 LibClamAV Error: cli_tgzload: Can't load main.mdb
2020-09-29 14:03:54.283163500 LibClamAV Error: Can't load /var/clamav/main.cvd: Malformed database
2020-09-29 14:03:54.283164500 LibClamAV Error: cli_loaddbdir(): error loading database /var/clamav/main.cvd
2020-09-29 14:03:54.283165500 ERROR: Malformed database
2020-09-29 14:03:54.283179500 Closing the main socket.


My Clamd-Configuration:

Code: [Select]
db configuration show clamd
clamd=service
    InitscriptOrder=60
    MemLimit=1000000000
    status=enabled

My Clamav-configuration:

Code: [Select]
config show clamav
clamav=service
    ArchiveBlockEncrypted=no
    ArchiveBlockMax=no
    ArchiveMaxCompressionRatio=300
    Checks=24
    DNSDatabaseInfo=current.cvd.clamav.net
    DatabaseMirror=db.local.clamav.net
    Debug=no
    DetectBrokenExecutables=no
    FilesystemScan=disabled
    FilesystemScanExclude=/proc,/sys,/usr/share,/var
    FilesystemScanFilesystems=/
    FilesystemScanReportTo=admin
    FilesystemScanUnofficialSigs=no
    Foreground=yes
    HeuristicScanPrecedence=no
    IdleTimeout=60
    LeaveTemporaryFiles=no
    LogClean=no
    LogFileUnlock=yes
    LogTime=no
    LogVerbose=yes
    MaxAttempts=6
    MaxConnectionQueueLength=30
    MaxDirectoryRecursion=20
    MaxFileSize=80M
    MaxFiles=1500
    MaxRecursion=8
    MaxThreads=20
    Quarantine=disabled
    QuarantineDirectory=/var/spool/clamav/quarantine
    ReadTimeout=300
    ScanArchive=yes
    ScanHTML=yes
    ScanMail=yes
    ScanOLE2=yes
    ScanPE=yes
    ScanRAR=no
    SelfCheck=1800
    ShowProxySettings=no
    ShowUpdateSettings=no
    SignaturesUpdated=unknown
    UpdateNonOfficeHrs=disabled
    UpdateOfficeHrs=disabled
    UpdateWeekend=disabled
    status=enabled



I have deleted all files from /var/clamav (bytecode, daily, main, mirrors)
and have done

Code: [Select]
/usr/bin/refreshclam
with this Result:

Code: [Select]
Current working dir is /var/clamav
Max retries == 6
ClamAV update process started at Tue Sep 29 14:07:37 2020
Using IPv6 aware code
Querying current.cvd.clamav.net
TTL: 1722
Software version from DNS: 0.103.0
Retrieving http://db.local.clamav.net/main.cvd
Trying to download http://db.local.clamav.net/main.cvd (IP: 104.16.219.84)
Downloading main.cvd [100%]
Loading signatures from main.cvd
Properly loaded 4564902 signatures from new main.cvd
main.cvd updated (version: 59, sigs: 4564902, f-level: 60, builder: sigmgr)
Querying main.59.93.1.0.6810DB54.ping.clamav.net
Can't query main.59.93.1.0.6810DB54.ping.clamav.net
Retrieving http://db.local.clamav.net/daily.cvd
Trying to download http://db.local.clamav.net/daily.cvd (IP: 104.16.219.84)
Downloading daily.cvd [100%]
Loading signatures from daily.cvd
Properly loaded 4323510 signatures from new daily.cvd
daily.cvd updated (version: 25941, sigs: 4323511, f-level: 63, builder: raynman)
Querying daily.25941.93.1.0.6810DB54.ping.clamav.net
Can't query daily.25941.93.1.0.6810DB54.ping.clamav.net
Retrieving http://db.local.clamav.net/bytecode.cvd
Trying to download http://db.local.clamav.net/bytecode.cvd (IP: 104.16.219.84)
Downloading bytecode.cvd [100%]
Loading signatures from bytecode.cvd
Properly loaded 94 signatures from new bytecode.cvd
bytecode.cvd updated (version: 331, sigs: 94, f-level: 63, builder: anvilleg)
Querying bytecode.331.93.1.0.6810DB54.ping.clamav.net
Can't query bytecode.331.93.1.0.6810DB54.ping.clamav.net
Database updated (8888507 signatures) from db.local.clamav.net (IP: 104.16.219.84)
WARNING: Clamd was NOT notified: Can't connect to clamd through /var/clamav/clamd.socket: No such file or directory


btw: I have no clamd.socket in  /var/clamav/
but according to: wiki.contribs.org/Clamav:freshclam_update

Is that ok:

"All steps will be displayed, ending up with the following WARNING : "Clamd was NOT notified : Can't connect to clamd through /var/clamav/clamd.socket connect(): No such file or directory. This warning can be ignored, it is expected as a number of processes were stopped during execution of the script."


Has anybody a clue why there are this errors from clamd?

Thank you.
Martin
Title: Re: Errors from clamd
Post by: Stefano on September 29, 2020, 05:26:21 PM
hi

take a look here: https://forums.contribs.org/index.php/topic,54299.msg284047.html#msg284047
Title: Re: Errors from clamd
Post by: waldviertler on September 29, 2020, 08:35:06 PM
Thanks a lot!