Hi Darren,
I believe I am having a problem caused by the change you've made
> here - the clamd process is constantly running at 100% cpu all
> the time. The maillog shows this repeated continuously:>
clamd[232355]: TCP: Cannot bind to [127.0.0.1]:7358: Address already in use
clamd[232355]: Not listening on any interfaces
Netstat shows this:
tcp6 436 0 :::7358 :::* LISTEN 0 25723 1/system
even if I disable the clam av av-spam service, it continues.
Yeah, I'm not entirely happy with the latest change either, as the
attempts to bind Clam AV to the TCP port produces some weird results
without rhyme or reason.
First of all: Make sure you have the latest AV-SPAM installed. This
should be 7.2.7-1 (5209R/5211R) or 7.2.7-2 (5210R).
If that's already the case and/or the problem persists, open this file
in an editor (as root):
/usr/lib/systemd/system/clamav-daemon.socket
There should be a section like this in it:
--------------------------------------------------------------------
[Socket]
ListenStream=/run/clamav/clamd.ctl
# Default:
ListenStream=127.0.0.1:7358
# Use this instead if 'No clamd server appears to be available' persists:
# ListenStream=127.0.0.1:1024
--------------------------------------------------------------------
As you can see: It tries to bind to 127.0.0.1:7358, which works for most
installs where I tested this. But it doesn't for some, like in your case.
Comment out the line ...
ListenStream=127.0.0.1:7358
... and removed the leading "#" (and the space) from the other line:
# ListenStream=127.0.0.1:1024
So it should look like this when done:
ListenStream=127.0.0.1:1024
Save the changes and then run the following:
systemctl daemon-reload
systemctl stop clamav-daemon clamav-daemon.socket
systemctl restart clamav
Then give it a minute, as clamav-daemon.socket will only be able to
finalize its task once Clam AV is fully started up.
At first it will bind to 127.0.0.1:1024 and the process list (as well as
netstat) will show that Systemd is holding that port open. Then after
Clam AV has fully started up it will bind to 127.0.0.1:7358 as well and
will show that Clam AV is holding that port open.
I'm still looking into fixing this for good, but I haven't yet managed
to identify why I don't get fully reproducible and consistent behavior
for this across several different virtualization platforms and physical
server installs. It's a pretty weird issue between Systemd and this
current Clam AV release.
--
With best regards
Michael Stauber
_______________________________________________
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
