I upgraded from 0.99.3 (which worked perfectly) to 0.100.0. Everything seemed to work but today I noticed that it wasn’t actually running. No mention of there being a problem in the logs:
Thu May 10 10:01:25 2018 -> +++ Started at Thu May 10 10:01:25 2018 Thu May 10 10:01:25 2018 -> Received 0 file descriptor(s) from systemd. Thu May 10 10:01:25 2018 -> clamd daemon 0.100.0 (OS: darwin11.4.2, ARCH: x86_64, CPU: x86_64) Thu May 10 10:01:25 2018 -> Log file size limited to 2097152 bytes. Thu May 10 10:01:25 2018 -> Reading databases from /usr/local/clamav Thu May 10 10:01:25 2018 -> Not loading PUA signatures. Thu May 10 10:01:25 2018 -> Bytecode: Security mode set to "TrustSigned". Thu May 10 10:02:13 2018 -> Loaded 13435987 signatures. Thu May 10 10:02:17 2018 -> LOCAL: Removing stale socket file /tmp/clamd Thu May 10 10:02:17 2018 -> LOCAL: Unix socket file /tmp/clamd Thu May 10 10:02:17 2018 -> LOCAL: Setting connection queue length to 200 Thu May 10 10:02:17 2018 -> Limits: Global size limit set to 104857600 bytes. Thu May 10 10:02:17 2018 -> Limits: File size limit set to 26214400 bytes. Thu May 10 10:02:17 2018 -> Limits: Recursion level limit set to 16. Thu May 10 10:02:17 2018 -> Limits: Files limit set to 10000. Thu May 10 10:02:17 2018 -> Limits: MaxEmbeddedPE limit set to 10485760 bytes. Thu May 10 10:02:17 2018 -> Limits: MaxHTMLNormalize limit set to 10485760 bytes. Thu May 10 10:02:17 2018 -> Limits: MaxHTMLNoTags limit set to 2097152 bytes. Thu May 10 10:02:17 2018 -> Limits: MaxScriptNormalize limit set to 5242880 bytes. Thu May 10 10:02:17 2018 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes. Thu May 10 10:02:17 2018 -> Limits: MaxPartitions limit set to 50. Thu May 10 10:02:17 2018 -> Limits: MaxIconsPE limit set to 100. Thu May 10 10:02:17 2018 -> Limits: MaxRecHWP3 limit set to 16. Thu May 10 10:02:17 2018 -> Limits: PCREMatchLimit limit set to 100000. Thu May 10 10:02:17 2018 -> Limits: PCRERecMatchLimit limit set to 5000. Thu May 10 10:02:17 2018 -> Limits: PCREMaxFileSize limit set to 26214400. Thu May 10 10:02:17 2018 -> Archive support enabled. Thu May 10 10:02:17 2018 -> Archive: Blocking encrypted archives. Thu May 10 10:02:17 2018 -> BlockMax heuristic detection disabled. Thu May 10 10:02:17 2018 -> Algorithmic detection enabled. Thu May 10 10:02:17 2018 -> Portable Executable support enabled. Thu May 10 10:02:17 2018 -> ELF support enabled. Thu May 10 10:02:17 2018 -> Mail files support enabled. Thu May 10 10:02:17 2018 -> Mail: RFC1341 handling enabled. Thu May 10 10:02:17 2018 -> OLE2 support enabled. Thu May 10 10:02:17 2018 -> OLE2: Blocking all VBA macros. Thu May 10 10:02:17 2018 -> PDF support enabled. Thu May 10 10:02:17 2018 -> SWF support enabled. Thu May 10 10:02:17 2018 -> HTML support enabled. Thu May 10 10:02:17 2018 -> XMLDOCS support enabled. Thu May 10 10:02:17 2018 -> HWP3 support enabled. Thu May 10 10:02:17 2018 -> Self checking every 600 seconds. Thu May 10 10:02:17 2018 -> Set stacksize to 1048576 Mac OS cash report:
clamd_2018-05-10-100246_localhost.crash
Description: Binary data
Most useful part is probably this: "Crashed Thread: 2 Exception Type: EXC_CRASH (SIGABRT) Exception Codes: 0x0000000000000000, 0x0000000000000000 Application Specific Information: Assertion failed: (sp == 0), function yr_execute_code, file yara_exec.c, line 177." Any suggestions? Thanks, James.
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml