Hi, the patched version of clamav-milter is running since 5 days without problems. I can confirm that your patch solved the problem.
Thanks and regards Urban Loesch -------- Original-Nachricht -------- Betreff: Re: [clamav-users] clamav-milter: Failed to create temporary file Datum: Thu, 04 Sep 2014 15:21:00 +0200 Von: Urban Loesch <b...@enas.net> An: Steven Morgan <smor...@sourcefire.com>, "J. David Rye" <d....@roadtech.co.uk> Kopie (CC): Shawn Webb (shawebb) <shaw...@cisco.com> Hi, I installed the patch on one of my servers where it happens. Now I have to wait some days, because to me it does not happen very frequently. I let you know the result. Many thanks Urban Am 04.09.2014 00:57, schrieb Steven Morgan: > Hi, > > We may have an answer. Is it possible try the following patch and see if it > fixes the problem? > > Thanks, > Steve > > --- a/clamav-milter/clamav-milter.c > +++ b/clamav-milter/clamav-milter.c > @@ -56,6 +56,8 @@ int main(int argc, char **argv) { > mode_t umsk; > int ret; > > + cl_initialize_crypto(); > + > memset(&descr, 0, sizeof(struct smfiDesc)); > descr.xxfi_name = "ClamAV"; /* filter name */ > descr.xxfi_version = SMFI_VERSION; /* milter version */ > > > On Tue, Sep 2, 2014 at 6:12 PM, Steven Morgan <smor...@sourcefire.com > <mailto:smor...@sourcefire.com>> wrote: > > Hi J. David, > > Thanks for the additional analysis and information. I've been looking at > this for a bit today. I have opened a ticket in the ClamAV bugzilla > system to track the issue. The ticket number is 11089. Hope to have an > answer soon. > > Steve > > > On Sun, Aug 31, 2014 at 5:52 AM, J. David Rye <d....@roadtech.co.uk > <mailto:d....@roadtech.co.uk>> wrote: > > On Thu, 2014-08-21 at 19:22 -0400, Steven Morgan wrote: > > Hi Urban, > > > > I took a look at this code. The real problem is the inability to > > create a > > temporary file. The second message just results from the return code > > of the > > function that attempts to create the temp file. We need to find out > > why the > > temp file creation fails. There should also be a clamav error > message > > written from: cli_errmsg("cli_gentempfd: Can't create temporary > file > > %s: > > %s\n", *name, strerror(errno)); Can you find this message? > > > > Otherwise, it is a memory allocation failure for space for the temp > > file > > name, which seems unlikely. > > > > Steve > > I am also seeing this issue. Mostly intermitant but see further down. > > cli_errmsg wont work if clamav-milter has daemonezed. > it only writes to STDERR and the function daemonize closes standard > error even if you recompile with CL_DEBUG set. > > Only way to get is to get the error messages from cli_gentempfd seams > to be to uncomment the line > > "#Foreground yes" > > In clamav-milter.conf, then run in foreground from command line. > > As an aside I wonder why cli_gentempfd does not use the function > logg() > and output to file or syslog depending on configuration file. > > I am running clamav-milter on a VM. OS is CentoOS 6.5 > VM has 4 vcpu, and 2GB RAM > clamav-milter is version 0.98.4-1.el6.rf installed from rpmforge > repository. > > Looking at he logs if time stamps in syslog for calls to clamav-milter > are two seconds or more apart the problem never shows. > > However if 4 or more messages arrive in two seconds problem always > shows > up, the failure to create temp file is usually time stamped 2 seconds > after the first message in the burst that triggered it. > > On a sustained burst of traffic pretty much all the messages trip the > issue. > In a 1 hour period last week when I had a lot of messages due to a > different issue. I had 20,000 temp file failures, and 23 messages > delivered. > > [root@mailhost-c6 etc]# clamav-milter > --config-file=/etc/clamav-milter.conf.foreground > Local socket unix:/var/run/clamav/clamd.sock added to the pool (slot > 1) > Probe for slot 1 returned: success > LibClamAV Error: cli_gentempfd: Can't create temporary > file /tmp/clamav-0000000000000000626683ff3a000000.tmp: File exists > ERROR: Failed to create temporary file > ERROR: Failed to initiate streaming/fdpassing > LibClamAV Error: cli_gentempfd: Can't create temporary > file /tmp/clamav-0000000000000000626683ff3a000000.tmp: File exists > ERROR: Failed to create temporary file > ERROR: Failed to initiate streaming/fdpassing > LibClamAV Error: cli_gentempfd: Can't create temporary > file /tmp/clamav-0000000000000000626683ff3a000000.tmp: File exists > ERROR: Failed to create temporary file > ERROR: Failed to initiate streaming/fdpassing > LibClamAV Error: cli_gentempfd: Can't create temporary > file /tmp/clamav-0000000000000000626683ff3a000000.tmp: File exists > ERROR: Failed to create temporary file > ERROR: Failed to initiate streaming/fdpassing > LibClamAV Error: cli_gentempfd: Can't create temporary > file /tmp/clamav-0000000000000000626683ff3a000000.tmp: File exists > ERROR: Failed to create temporary file > ERROR: Failed to initiate streaming/fdpassing > Message from <n0r3ply812...@scotland117.wanadoo.co.uk > <mailto:n0r3ply812...@scotland117.wanadoo.co.uk>> to > <stevensonbros> infected by Heuristics.Phishing.Email.SpoofedDomain > Message from <n0r3ply620...@aughamullan.dungannon.ni.sch.uk > <mailto:n0r3ply620...@aughamullan.dungannon.ni.sch.uk>> to > <brett01> infected by Heuristics.Phishing.Email.SpoofedDomain > Probe for slot 1 returned: success > > > I think > > clamav-milter does a lot of initialization, including setting up a > structure with a list of function entry points it then calls > smfi_main. > > smfi_main in turn forks one thread for each message, and calls the > entry > points in the context of the thread. > > call back to function clamfi_header > that calls sendchunk > which calls nc_connect_rand > which calls cli_gentempfd which prints the EEXISTS errors to stderr > shown above. > > File name looks like it is supposed to be based on a 16 byte MD5 > digest > printed in hex. > > cli_gentempfd builds the name by calling cli_gentemp > which adds 32 bytes of random data from cli_rndnum to a 16 > byte seed > passes a pointer the the 48 buffer to cli_md5buff > which in turn calls cl_hash_data > digest returned is used to create the file name, > and update the seed for the next name. > > > Note cli_gentemp is common to all programs in the clam set. > > Note cl_hash_data is calling openssl library functions to calculate > the > digest. > > Note cli_md5buff does not check for an error in cl_hash_data > > _______________________________________________ > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > http://www.clamav.net/support/ml > > > _______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml