Re: [clamav-users] ClamAV 1.0.1

Wed, 24 May 2023 11:55:32 -0700 

Hi Steve

Note it would be nice if clamd said which db it did not like ..
I reckon the start of the problem is "Database reload failed, keeping the previous instance" when there is no previous instance. 

Mon May 22 13:04:40 2023 -> Reading databases from /var/lib/clamav/
Mon May 22 13:05:01 2023 -> ERROR: reload_th: Database load failed: Malformed da 
tabase
Mon May 22 13:05:02 2023 -> Database reload completed.
Mon May 22 13:05:02 2023 -> WARNING: Database reload failed, keeping the previou 
s instance
Mon May 22 13:06:30 2023 -> ERROR: cl_engine_addref() failed
Mon May 22 13:06:30 2023 -> ERROR: Command dispatch failed
Mon May 22 13:06:30 2023 -> ERROR: INSTREAM: Can't write to temporary file.
Mon May 22 13:06:30 2023 -> ERROR: cl_engine_addref() failed
Mon May 22 13:06:30 2023 -> ERROR: Command dispatch failed
Mon May 22 13:06:30 2023 -> ERROR: INSTREAM: Can't write to temporary file.
Mon May 22 13:06:46 2023 -> ERROR: cl_engine_addref() failed
Mon May 22 13:06:46 2023 -> ERROR: Command dispatch failed
Mon May 22 13:08:31 2023 -> ERROR: cl_engine_addref() failed
Mon May 22 13:08:31 2023 -> ERROR: Command dispatch failed

    Lots more of the above snipped
Note a /tmp/clamav-*** is created for each connection containing whatever was submitted till max files open limit is reached. 


Then this starts

Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files
Mon May 22 13:45:02 2023 -> ERROR: accept() failed: Too many open files

3.5 G later /var/ is full !!

On 24/05/2023 19:39, Steve Basford via clamav-users wrote:


On 24 May 2023 18:52:04 Paul Netpresto <p...@netpresto.co.uk> wrote:


Hi
I have found that 1.0.1 and 0.103.8 both behave badly if they find a malformed db. Agreed freshclam checks out the clamav/cisco db's.
I have yet to determine what unofficial db caused the failure. They should all have been verified before being placed in /var/lib/clamav/ 



How are you downloading the 3rd party sigs...

This script checks integrity... before copying to live folder...


https://github.com/extremeshok/clamav-unofficial-sigs

I check db integrity before uploading to mirrors.

Please email me off list with some logs....

Cheers,

Steve
Twitter: @sanesecurity

_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat
_______________________________________________

Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation

https://docs.clamav.net/#mailing-lists-and-chat

Reply via email to