Hello,
For a few days I have recurrent performance problems with my NS.
Two services are stopped and are not bootable:
ICAP server
clamd
Restart the services I can not!
I do not use squid as a proxy.
When these two services have stopped, the system load increases until the system is almost complete.
Under TOP run these two services and draw computing power without end. When I finish with kill, everything is fine again.
In the LOG files, I find no indication of an error, clamav, regularly pulls the updates - it is from and a mistake that was not found.
Is this phenomenon known - or a new minor problem?
In the search, I could not find anything that points to my problem … Does anyone know what you can make sense / should?
greetings
Gerald
pike
(Michael Kicks)
May 19, 2019, 4:16pm
2
Any info about your hardware?
flatspin
(Ralf Jeckel)
May 19, 2019, 5:02pm
3
Hi Gerald,
please ckeck your installed clamav-rpms
rpm -qa clamav-*
all should be 0.101.2
Check status of calmd@squidclamav
systemctl status clamd@squidclamav
Service c-icap depends on clamd@squidclamav, so if clamd doesn’t start, c-icap can’t start at all.
You can try to run the command: signal-event nethserver-squidclamav-update
Please have look at that : Squidclamav doesn't start - hangs during acitvating and takes 100% CPU (1 core)
Here is my mini-ITX hardware:
Intel Celeron J1900 (4x 1.99GHz)
8GB RAM
RAID 1 (2x 1TB WD red) (/ var)
MiniSata SSD 16GB (/)
2 NIC (1x onboard external - red) (1x Intel Pro internal green)
So the version should be up to date:
[root@openzwo ~]# rpm -qa clamav-*
clamav-server-systemd-0.101.2-1.el7.x86_64
clamav-update-0.101.2-1.el7.x86_64
clamav-lib-0.101.2-1.el7.x86_64
clamav-unofficial-sigs-5.6.2-7.el7.noarch
clamav-filesystem-0.101.2-1.el7.noarch
[root@openzwo ~]#
[root@openzwo ~]# systemctl status clamd@squidclamav
● clamd@squidclamav.service - clamd scanner (squidclamav) daemon
Loaded: loaded (/usr/lib/systemd/system/clamd@.service; static; vendor preset: disabled)
Drop-In: /etc/systemd/system/clamd@squidclamav.service.d
└─c-icap.conf
Active: inactive (dead) since Sun 2019-05-19 17:44:47 CEST; 1h 46min ago
Docs: man:clamd(8)
man:clamd.conf(5)
https://www.clamav.net/documents/
Process: 12250 ExecStart=/usr/sbin/clamd -c /etc/clamd.d/%i.conf (code=killed, signal=TERM)
May 19 17:43:46 openzwo.nandlnet.de systemd[1]: Starting clamd scanner (squidclamav) daemon...
May 19 17:43:46 openzwo.nandlnet.de clamd[12250]: Received 0 file descriptor(s) from systemd.
May 19 17:43:46 openzwo.nandlnet.de clamd[12250]: clamd daemon 0.101.2 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
May 19 17:43:46 openzwo.nandlnet.de clamd[12250]: Running as user c-icap (UID 977, GID 973)
May 19 17:43:46 openzwo.nandlnet.de clamd[12250]: Log file size limited to 1048576 bytes.
May 19 17:43:46 openzwo.nandlnet.de clamd[12250]: Reading databases from /var/lib/squidclamav
May 19 17:43:46 openzwo.nandlnet.de clamd[12250]: Not loading PUA signatures.
May 19 17:43:46 openzwo.nandlnet.de clamd[12250]: Bytecode: Security mode set to "TrustSigned".
May 19 17:44:47 openzwo.nandlnet.de systemd[1]: Started clamd scanner (squidclamav) daemon.
[root@openzwo ~]#
I looked at the other post.
systemctl stop clamd @ squidclamav - ok
/ usr / sbin / clamd --debug -F -c /etc/clamd.d/squidclamav.conf -nok
The stop works, however the manual does not start.
No message - just the system load over 100%
The same if I
signal-event nethserver-squidclamav-update
up out.
mmmm, let’s see where that leads!
I got the following output when I tried to restart the service:
root@openzwo var]# systemctl start clamd@squidclamav
Job for clamd@squidclamav.service failed because a timeout was exceeded. See "systemctl status clamd@squidclamav.service" and "journalctl -xe" for details.
[root@openzwo var]# systemctl status clamd@squidclamav.service
● clamd@squidclamav.service - clamd scanner (squidclamav) daemon
Loaded: loaded (/usr/lib/systemd/system/clamd@.service; static; vendor preset: disabled)
Drop-In: /etc/systemd/system/clamd@squidclamav.service.d
└─c-icap.conf
Active: activating (start) since Sun 2019-05-19 20:18:33 CEST; 29s ago
Docs: man:clamd(8)
man:clamd.conf(5)
https://www.clamav.net/documents/
Control: 27601 (clamd)
CGroup: /system.slice/system-clamd.slice/clamd@squidclamav.service
└─27601 /usr/sbin/clamd -c /etc/clamd.d/squidclamav.conf
May 19 20:18:33 openzwo.nandlnet.de systemd[1]: Starting clamd scanner (squidclamav) daemon...
May 19 20:18:33 openzwo.nandlnet.de clamd[27601]: Received 0 file descriptor(s) from systemd.
May 19 20:18:33 openzwo.nandlnet.de clamd[27601]: clamd daemon 0.101.2 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
May 19 20:18:33 openzwo.nandlnet.de clamd[27601]: Running as user c-icap (UID 977, GID 973)
May 19 20:18:33 openzwo.nandlnet.de clamd[27601]: Log file size limited to 1048576 bytes.
May 19 20:18:33 openzwo.nandlnet.de clamd[27601]: Reading databases from /var/lib/squidclamav
May 19 20:18:33 openzwo.nandlnet.de clamd[27601]: Not loading PUA signatures.
May 19 20:18:33 openzwo.nandlnet.de clamd[27601]: Bytecode: Security mode set to "TrustSigned".
[root@openzwo var]#