MRatWork Forum by Mustafa Ramadhan
Sawo Project - Kloxo-MR Discussions => Kloxo-MR Technical Helps => Topic started by: putude on 2017-08-25, 01:10:37
-
Dear Master,
I have a problem with my VPS after update to version 2017082302
I have error on sending/receiving message
# tail -f maillog
Aug 25 07:06:26 server clamd: ERROR: TCP: Cannot bind to [127.0.0.1]:3310: Address already in use
Aug 25 07:06:26 server clamd: ERROR: LOCAL: Socket file /var/run/clamav/clamd.sock is in use by another process.
so I have to turn Clamav off to make it work. however, this error message is still appear although the option "Enable Virus Scan" was unchecked.
Please help, how to make the Antivirus work normal again.
Best regards,
Putu de
-
What I have done,
#yum clean all; yum update -y; sh /script/cleanup;
then error appear
- uncheck "Enable Virus Scan" option. Email back to normal, but still the same error in log
# yum reinstall clamav
# reboot
{no luck, same result}
-
Inform 'chkconfig --list; dir -l /var/qmail/supervise/clamd'.
-
[root@server home]# chkconfig --list; dir -l /var/qmail/supervise/clamd
atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
clamd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off
cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off
dc_client 0:off 1:off 2:off 3:off 4:off 5:off 6:off
dc_server 0:off 1:off 2:off 3:off 4:off 5:off 6:off
djbdns 0:off 1:off 2:off 3:off 4:off 5:off 6:off
dovecot 0:off 1:off 2:off 3:off 4:off 5:off 6:off
fail2ban 0:off 1:off 2:on 3:on 4:on 5:on 6:off
hiawatha 0:off 1:off 2:off 3:off 4:off 5:off 6:off
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
httpry 0:off 1:off 2:on 3:on 4:on 5:on 6:off
ipset 0:off 1:off 2:on 3:on 4:on 5:on 6:off
iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
kloxo-php 0:off 1:off 2:on 3:on 4:on 5:on 6:off
kloxo-web 0:off 1:off 2:on 3:on 4:on 5:on 6:off
kloxo-wrap 0:off 1:off 2:on 3:on 4:on 5:on 6:off
lighttpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
messagebus 0:off 1:off 2:on 3:on 4:on 5:on 6:off
modules_dep 0:off 1:off 2:on 3:on 4:on 5:on 6:off
mysql 0:off 1:off 2:on 3:on 4:on 5:on 6:off
named 0:off 1:off 2:on 3:on 4:on 5:on 6:off
netconsole 0:off 1:off 2:off 3:off 4:off 5:off 6:off
netfs 0:off 1:off 2:off 3:off 4:on 5:on 6:off
network 0:off 1:off 2:on 3:on 4:on 5:on 6:off
nginx 0:off 1:off 2:off 3:off 4:off 5:off 6:off
nginx-debug 0:off 1:off 2:off 3:off 4:off 5:off 6:off
nsd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
pdns 0:off 1:off 2:off 3:off 4:off 5:off 6:off
php-fpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off
portreserve 0:off 1:off 2:on 3:on 4:on 5:on 6:off
pure-ftpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
qmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off
quota_nld 0:off 1:off 2:off 3:off 4:off 5:off 6:off
rdisc 0:off 1:off 2:off 3:off 4:off 5:off 6:off
restorecond 0:off 1:off 2:off 3:off 4:off 5:off 6:off
rsyslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off
snmpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
snmptrapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
spawn-fcgi 0:off 1:off 2:off 3:off 4:off 5:off 6:off
sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
svnserve 0:off 1:off 2:off 3:off 4:off 5:off 6:off
sysstat 0:off 1:on 2:on 3:on 4:on 5:on 6:off
udev-post 0:off 1:on 2:on 3:off 4:on 5:on 6:off
varnish 0:off 1:off 2:off 3:off 4:off 5:off 6:off
varnishncsa 0:off 1:off 2:off 3:off 4:off 5:off 6:off
winbind 0:off 1:off 2:off 3:off 4:off 5:off 6:off
xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
yadifad 0:off 1:off 2:off 3:off 4:off 5:off 6:off
xinetd based services:
chargen-dgram: off
chargen-stream: off
daytime-dgram: off
daytime-stream: off
discard-dgram: off
discard-stream: off
echo-dgram: off
echo-stream: off
rsync: off
tcpmux-server: off
time-dgram: off
time-stream: off
total 12
drwx------ 3 qmaill qmail 4096 Aug 25 06:46 log
-rwxr-x--x 1 root root 60 Aug 25 06:46 run
drwxr-xr-x 2 qmaill qmail 4096 Aug 25 16:32 supervise
[root@server home]#
-
Try 'chkconfig clamd off; service clamd stop; sh /script/restart-mail'.
-
Executing command
#chkconfig clamd off; service clamd stop; sh /script/restart-mail;
#tail -f /var/log/maillog
Aug 26 20:50:52 server clamd: setuidgid: fatal: unable to run /usr/sbin/clamd: f ile does not exist
Aug 26 20:50:53 server clamd: setuidgid: fatal: unable to run /usr/sbin/clamd: f ile does not exist
Aug 26 20:50:54 server clamd: setuidgid: fatal: unable to run /usr/sbin/clamd: f ile does not exist
Aug 26 20:50:55 server clamd: setuidgid: fatal: unable to run /usr/sbin/clamd: f ile does not exist
Aug 26 20:50:56 server clamd: setuidgid: fatal: unable to run /usr/sbin/clamd: f ile does not exist
Aug 26 20:50:57 server clamd: setuidgid: fatal: unable to run /usr/sbin/clamd: f ile does not exist
Aug 26 20:50:58 server clamd: setuidgid: fatal: unable to run /usr/sbin/clamd: f ile does not exist
Aug 26 20:50:59 server clamd: setuidgid: fatal: unable to run /usr/sbin/clamd: f ile does not exist
Aug 26 20:51:00 server clamd: setuidgid: fatal: unable to run /usr/sbin/clamd: f ile does not exist
Aug 26 20:51:01 server clamd: setuidgid: fatal: unable to run /usr/sbin/clamd: f ile does not exist
Aug 26 20:51:02 server clamd: setuidgid: fatal: unable to run /usr/sbin/clamd: f ile does not exist
---
Then I try to check "Enable Virus Scan"
and see /var/log/maillog
Aug 26 20:55:10 server clamd: ERROR: TCP: Cannot bind to [127.0.0.1]:3310: Address already in use
Aug 26 20:55:10 server clamd: ERROR: LOCAL: Socket file /var/run/clamav/clamd.sock is in use by another process.
Aug 26 20:55:21 server clamd: ERROR: TCP: Cannot bind to [127.0.0.1]:3310: Address already in use
Aug 26 20:55:21 server clamd: ERROR: LOCAL: Socket file /var/run/clamav/clamd.sock is in use by another process.
just FYI, I have 3 VPS with KloxoMR running on these machines. They have same problem. Even if "Enable Virus Scan" unchecked, clamd still running and took a huge memory and processor.
# ps aux
root 506 0.0 0.0 3936 400 ? S 21:05 0:00 supervise clamd
qmaill 535 0.0 0.0 4076 664 ? S 21:05 0:00 /var/qmail/bin/splogger clamd
clam 726 61.2 3.9 390928 251124 ? R 21:06 0:02 /usr/sbin/clamd
---
Then I uncheck "Enable Virus Scan" and
#chkconfig clamd off; service clamd stop; sh /script/restart-mail;
I saw clamd keep running :-[
-
Hi Mustafa,
I've just trying to move "clamd" directory in /var/qmail/supervise/
then reboot the machine and It works.
Is it okay to do this ?
thank you.
-
Kloxo-MR use supervise from qmail for handle clamav. Better use it instead initd.
-
Yes, I would like to use it but sadly when I restore Supervise's files, the processor activity start increasing by Clamd.
in var/log/maillog
----------------------
...
server clamd: ERROR: LOCAL: Socket file /var/run/clamav/clamd.sock is in use by another process.
.....
in /var/log/message
----------------------
Aug 29 00:00:48 server clamd[3075]: Self checking every 600 seconds.
Aug 29 00:00:50 server clamd[3077]: Received 0 file descriptor(s) from systemd.
Aug 29 00:00:50 server clamd[3077]: clamd daemon 0.99.2 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Aug 29 00:00:50 server clamd[3077]: Log file size limited to 4294967295 bytes.
Aug 29 00:00:50 server clamd[3077]: Reading databases from /var/lib/clamav
Aug 29 00:00:50 server clamd[3077]: Not loading PUA signatures.
Aug 29 00:00:50 server clamd[3077]: Bytecode: Security mode set to "TrustSigned".
Aug 29 00:01:03 server clamd[3077]: Loaded 6414151 signatures.
Aug 29 00:01:05 server clamd[3077]: TCP: Cannot bind to [127.0.0.1]:3310: Address already in use
Aug 29 00:01:05 server clamd[3077]: LOCAL: Socket file /var/run/clamav/clamd.sock is in use by another process.
FYI, This problem is appear after update version 2017082302.
-
Try reboot.