Hi,
From about 02:59 today (26/01) our we saw a pattern update, and we also
noticed freshclam logged, "DON'T PANIC! Read
http://www.clamav.net/documents/upgrading-clamav";
'freshclam' output shows:
main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder:
sigmgr)
daily.cld is up to date (version: 24256, sigs: 1835772, f-level: 63,
builder: neo)
bytecode.cld is up to date (version: 319, sigs: 75, f-level: 63, builder:
neo)
We're currently running clamav 0.99.2 (technically shown as 0.99.2_8) under
FreeBSD 10.3 amd64 - since then we've seen an issue where clamd "kind of
dies" - it's still running, there are no errors logged anywhere (we log to
syslog) - but whilst it's accepting connections to scan things - for lots
of them it doesn't seem to either be accepting data sent to it's socket
(causing the caller to hang/timeout eventually) - or return results.
This ends up with a lot of wedged mail processes (and we slowly run out of
fd's as the process table fills up).
I can't yet update to 0.99.3 (as we use FreeBSD's pkg system - and it's not
available yet).
Anyone else seen any similar issues? This literally just started with the
update at 02:59 - Any ideas how we can get some kind of logging out of it?
Worst case, is it possible / easy to roll back to a previous pattern file?
We only use clamd / freshclam - as our mail system accesses clamd direct
via it's unix socket. We've tried rebuilding the exe that talks to clamd
(just in case it got left behind in the last clamav binaries update) and
that hasn't made any difference :(
Thanks,
-Karl
_______________________________________________
clamav-users mailing list
[email protected]
http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
