Package: clamav-daemon Version: 0.99.2+dfsg-0+deb8u2 Severity: normal Dear Maintainer,
I'm seeing random errors which prevent clamav-daemon from processing any virus scans. ==> /var/log/clamav/clamav.log <== Fri Jan 26 08:30:52 2018 -> /tmp/01dy3y0hLW: Can't create new file ERROR It doesn't seem to be isolated to any specific file. It's just happening randomly. Once it triggers it will continue to error until clamav-daemon is restarted. Once restarted it will continue to work for awhile (regardless of file type, see next sentence) and then trigger again. The only thing I've upgraded recently is the recent patch of poppler. I have only noticed this error when scanning PDFs but we process thousands of files per day and most are PDFs. Like I said previously it continues to work for a while (even on PDFs). I am on an up-to-date debian 8.x installation. -- Package-specific info: --- configuration --- Checking configuration files in /etc/clamav Config file: clamd.conf ----------------------- LogFile = "/var/log/clamav/clamav.log" StatsHostID = "auto" StatsEnabled disabled StatsPEDisabled = "yes" StatsTimeout = "10" LogFileUnlock disabled LogFileMaxSize = "4294967295" LogTime = "yes" LogClean disabled LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" ExtendedDetectionInfo = "yes" PidFile disabled TemporaryDirectory disabled DatabaseDirectory = "/var/lib/clamav" OfficialDatabaseOnly disabled LocalSocket = "/var/run/clamav/clamd.ctl" LocalSocketGroup = "clamav" LocalSocketMode = "666" FixStaleSocket = "yes" TCPSocket disabled TCPAddr disabled MaxConnectionQueueLength = "15" StreamMaxLength = "26214400" StreamMinPort = "1024" StreamMaxPort = "2048" MaxThreads = "12" ReadTimeout = "180" CommandReadTimeout = "5" SendBufTimeout = "200" MaxQueue = "100" IdleTimeout = "30" ExcludePath disabled MaxDirectoryRecursion = "15" FollowDirectorySymlinks disabled FollowFileSymlinks disabled CrossFilesystems = "yes" SelfCheck = "3600" DisableCache disabled VirusEvent disabled ExitOnOOM disabled AllowAllMatchScan = "yes" Foreground disabled Debug disabled LeaveTemporaryFiles disabled User = "clamav" AllowSupplementaryGroups disabled Bytecode = "yes" BytecodeSecurity = "TrustSigned" BytecodeTimeout = "60000" BytecodeUnsigned disabled BytecodeMode = "Auto" DetectPUA disabled ExcludePUA disabled IncludePUA disabled AlgorithmicDetection = "yes" ScanPE = "yes" ScanELF = "yes" DetectBrokenExecutables disabled ScanMail = "yes" ScanPartialMessages disabled PhishingSignatures = "yes" PhishingScanURLs = "yes" PhishingAlwaysBlockCloak disabled PhishingAlwaysBlockSSLMismatch disabled PartitionIntersection disabled HeuristicScanPrecedence disabled StructuredDataDetection disabled StructuredMinCreditCardCount = "3" StructuredMinSSNCount = "3" StructuredSSNFormatNormal = "yes" StructuredSSNFormatStripped disabled ScanHTML = "yes" ScanOLE2 = "yes" OLE2BlockMacros disabled ScanPDF = "yes" ScanSWF = "yes" ScanXMLDOCS = "yes" ScanHWP3 = "yes" ScanArchive = "yes" ArchiveBlockEncrypted disabled ForceToDisk disabled MaxScanSize = "104857600" MaxFileSize = "26214400" MaxRecursion = "16" MaxFiles = "10000" MaxEmbeddedPE = "10485760" MaxHTMLNormalize = "10485760" MaxHTMLNoTags = "2097152" MaxScriptNormalize = "5242880" MaxZipTypeRcg = "1048576" MaxPartitions = "50" MaxIconsPE = "100" MaxRecHWP3 = "16" PCREMatchLimit = "10000" PCRERecMatchLimit = "5000" PCREMaxFileSize = "26214400" ScanOnAccess disabled OnAccessMountPath disabled OnAccessIncludePath disabled OnAccessExcludePath disabled OnAccessExcludeUID disabled OnAccessMaxFileSize = "5242880" OnAccessDisableDDD disabled OnAccessPrevention disabled OnAccessExtraScanning disabled DevACOnly disabled DevACDepth disabled DevPerformance disabled DevLiblog disabled DisableCertCheck disabled Config file: freshclam.conf --------------------------- StatsHostID disabled StatsEnabled disabled StatsTimeout disabled LogFileMaxSize = "4294967295" LogTime = "yes" LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" PidFile disabled DatabaseDirectory = "/var/lib/clamav" Foreground disabled Debug disabled AllowSupplementaryGroups disabled UpdateLogFile = "/var/log/clamav/freshclam.log" DatabaseOwner = "clamav" Checks = "24" DNSDatabaseInfo = "current.cvd.clamav.net" DatabaseMirror = "db.local.clamav.net", "database.clamav.net" PrivateMirror disabled MaxAttempts = "5" ScriptedUpdates = "yes" TestDatabases = "yes" CompressLocalDatabase disabled ExtraDatabase disabled DatabaseCustomURL disabled HTTPProxyServer disabled HTTPProxyPort disabled HTTPProxyUsername disabled HTTPProxyPassword disabled HTTPUserAgent disabled NotifyClamd = "/etc/clamav/clamd.conf" OnUpdateExecute disabled OnErrorExecute disabled OnOutdatedExecute disabled LocalIPAddress disabled ConnectTimeout = "30" ReceiveTimeout = "30" SubmitDetectionStats disabled DetectionStatsCountry disabled DetectionStatsHostID disabled SafeBrowsing disabled Bytecode = "yes" clamav-milter.conf not found Software settings ----------------- Version: 0.99.2 Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2 LIBXML2 PCRE ICONV JSON JIT Database information -------------------- Database directory: /var/lib/clamav main.cvd: version 58, sigs: 4566249, built on Wed Jun 7 16:38:10 2017 daily.cld: version 24257, sigs: 1835982, built on Fri Jan 26 03:24:57 2018 bytecode.cld: version 319, sigs: 75, built on Wed Dec 6 20:17:11 2017 Total number of signatures: 6402306 Platform information -------------------- uname: Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.51-3 (2017-12-13) x86_64 OS: linux-gnu, ARCH: x86_64, CPU: x86_64 Full OS version: Debian GNU/Linux 8.10 (jessie) zlib version: 1.2.8 (1.2.8), compile flags: a9 Triple: x86_64-pc-linux-gnu CPU: core-avx2, Little-endian platform id: 0x0a2152520804090201040902 Build information ----------------- GNU C: 4.9.2 (4.9.2) GNU C++: 4.9.2 (4.9.2) CPPFLAGS: -D_FORTIFY_SOURCE=2 CFLAGS: -g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 -fno-strict-aliasing -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE CXXFLAGS: LDFLAGS: -fPIE -pie -Wl,-z,relro -Wl,-z,now -Wl,--as-needed Configure: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=/usr/lib/clamav' '--disable-maintainer-mode' '--disable-dependency-tracking' 'CFLAGS=-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'CPPFLAGS=-D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'LDFLAGS=-fPIE -pie -Wl,-z,relro -Wl,-z,now -Wl,--as-needed' '--with-dbdir=/var/lib/clamav' '--sysconfdir=/etc/clamav' '--disable-clamav' '--disable-unrar' '--enable-milter' '--enable-dns-fix' '--with-libjson' '--with-gnu-ld' '-with-system-llvm=/usr/bin/llvm-config' '--with-llvm-linking=dynamic' '--with-systemdsystemunitdir=/lib/systemd/system' 'build_alias=x86_64-linux-gnu' sizeof(void*) = 8 Engine flevel: 82, dconf: 82 --- data dir --- total 244032 -rw-r--r-- 1 clamav clamav 766976 Dec 6 20:53 bytecode.cld -rw-r--r-- 1 clamav clamav 131212800 Jan 26 03:49 daily.cld -rw-r--r-- 1 clamav clamav 117892267 Dec 5 07:43 main.cvd -rw------- 1 clamav clamav 624 Jan 26 07:52 mirrors.dat -- System Information: Debian Release: 8.10 APT prefers oldstable-updates APT policy: (500, 'oldstable-updates'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages clamav-daemon depends on: ii adduser 3.113+nmu3 ii clamav-base 0.99.2+dfsg-0+deb8u2 ii clamav-freshclam [clamav-data] 0.99.2+dfsg-0+deb8u2 ii debconf [debconf-2.0] 1.5.56+deb8u1 ii dpkg 1.17.27 ii init-system-helpers 1.22 ii libc6 2.19-18+deb8u10 ii libclamav7 0.99.2+dfsg-0+deb8u2 ii libncurses5 5.9+20140913-1+deb8u2 ii libssl1.0.0 1.0.1t-1+deb8u7 ii libsystemd0 215-17+deb8u7 ii libtinfo5 5.9+20140913-1+deb8u2 ii lsb-base 4.1+Debian13+nmu1 ii procps 2:3.3.9-9 ii ucf 3.0030 ii zlib1g 1:1.2.8.dfsg-2+b1 Versions of packages clamav-daemon recommends: ii clamdscan 0.99.2+dfsg-0+deb8u2 Versions of packages clamav-daemon suggests: pn apparmor <none> pn clamav-docs <none> pn daemon <none> -- debconf information: clamav-daemon/debconf: true clamav-daemon/MaxHTMLNoTags: 2M clamav-daemon/MaxHTMLNormalize: 10M clamav-daemon/ScanOnAccess: false clamav-daemon/MaxThreads: 12 clamav-daemon/TCPSocket: 3310 clamav-daemon/OnAccessMaxFileSize: 5M clamav-daemon/LocalSocketMode: 666 clamav-daemon/ScanArchive: true clamav-daemon/TcpOrLocal: UNIX clamav-daemon/FollowFileSymlinks: false clamav-daemon/SelfCheck: 3600 clamav-daemon/DisableCertCheck: false clamav-daemon/FollowDirectorySymlinks: false clamav-daemon/LogFile: /var/log/clamav/clamav.log clamav-daemon/LogSyslog: false clamav-daemon/LocalSocket: /var/run/clamav/clamd.ctl clamav-daemon/StatsHostID: auto clamav-daemon/AllowAllMatchScan: true clamav-daemon/ReadTimeout: 180 clamav-daemon/ForceToDisk: false clamav-daemon/StatsTimeout: 10 clamav-daemon/Bytecode: true clamav-daemon/User: clamav clamav-daemon/MaxEmbeddedPE: 10M clamav-daemon/LogTime: true clamav-daemon/MaxScriptNormalize: 5M clamav-daemon/MaxZipTypeRcg: 1M clamav-daemon/AddGroups: clamav-daemon/LocalSocketGroup: clamav clamav-daemon/BytecodeSecurity: TrustSigned clamav-daemon/ScanSWF: true clamav-daemon/MaxDirectoryRecursion: 0 clamav-daemon/StatsEnabled: false clamav-daemon/BytecodeTimeout: 60000 clamav-daemon/LogRotate: true clamav-daemon/TCPAddr: any clamav-daemon/ScanMail: true clamav-daemon/MaxConnectionQueueLength: 15 clamav-daemon/StreamMaxLength: 25 clamav-daemon/StatsPEDisabled: true clamav-daemon/FixStaleSocket: true