clone 775112 -1 -2
reassign -1 systemd
retitle -1 systemd: don't start services every few ms if condition fails
reassign -2 systemd
retitle -2 systemd: log if a condition prevents starting a unit
thanks
Hi,
On 12.01.2015 10:42, Russell Coker wrote:
On Sun, 11 Jan 2015 07:56:31 PM Andreas Cadhalpun wrote:
On 11.01.2015 20:17, Michael Biebl wrote:
Am 11.01.2015 um 16:14 schrieb Russell Coker:
After a fresh install of a mail server running Jessie I get the above
repeatedly in my daemon.log until the filesystem becomes full.
When I run "journalctl -u clamav-daemon" I just get the same as the
above with no additional information. What should I do next to try and
track this down?
Please provide the output of:
sudo systemctl status clamav-daemon.service
# systemctl status clamav-daemon.service
● clamav-daemon.service - Clam AntiVirus userspace daemon
Loaded: loaded (/lib/systemd/system/clamav-daemon.service; enabled)
Active: inactive (dead)
start condition failed at Mon 2015-01-12 09:39:42 UTC; 4ms ago
ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc} was not
met
So this condition fails and systemd retries to start the service every
few milliseconds.
Docs: man:clamd(8)
man:clamd.conf(5)
http://www.clamav.net/lang/en/doc/
Jan 12 09:39:26 newsmtp systemd[1]: Started Clam AntiVirus userspace daemon.
Jan 12 09:39:26 newsmtp systemd[1]: Started Clam AntiVirus userspace daemon.
Jan 12 09:39:26 newsmtp systemd[1]: Started Clam AntiVirus userspace daemon.
Jan 12 09:39:26 newsmtp systemd[1]: Started Clam AntiVirus userspace daemon.
Jan 12 09:39:26 newsmtp systemd[1]: Started Clam AntiVirus userspace daemon.
Jan 12 09:39:26 newsmtp systemd[1]: Started Clam AntiVirus userspace daemon.
Jan 12 09:39:26 newsmtp systemd[1]: Started Clam AntiVirus userspace daemon.
Jan 12 09:39:26 newsmtp systemd[1]: Started Clam AntiVirus userspace daemon.
Jan 12 09:39:26 newsmtp systemd[1]: Started Clam AntiVirus userspace daemon.
Jan 12 09:39:26 newsmtp systemd[1]: Started Clam AntiVirus userspace daemon.
Apparently nothing is logged about the condition failure.
sudo systemctl status clamav-daemon.socket
# systemctl status clamav-daemon.socket
● clamav-daemon.socket - Socket for Clam AntiVirus userspace daemon
Loaded: loaded (/lib/systemd/system/clamav-daemon.socket; enabled)
Active: active (running) since Mon 2015-01-12 09:32:59 UTC; 7min ago
Docs: man:clamd(8)
man:clamd.conf(5)
http://www.clamav.net/lang/en/doc/
Listen: /run/clamav/clamd.ctl (Stream)
Process: 289 ExecStartPost=/bin/chown -R clamav:clamav /run/clamav/
(code=exited, status=0/SUCCESS)
Jan 12 09:32:59 newsmtp systemd[1]: Starting Socket for Clam AntiVirus
user...n.
Jan 12 09:32:59 newsmtp systemd[1]: Listening on Socket for Clam AntiVirus
...n.
Hint: Some lines were ellipsized, use -l to show in full.
sudo systemctl status clamav-freshclam.service
# systemctl status clamav-freshclam.service
● clamav-freshclam.service - ClamAV virus database updater
Loaded: loaded (/lib/systemd/system/clamav-freshclam.service; enabled)
Active: active (running) since Mon 2015-01-12 09:38:43 UTC; 1min 44s ago
Docs: man:freshclam(1)
man:freshclam.conf(5)
http://www.clamav.net/lang/en/doc/
Main PID: 682 (freshclam)
CGroup: /system.slice/clamav-freshclam.service
└─682 /usr/bin/freshclam -d --foreground=true
Jan 12 09:38:58 newsmtp freshclam[682]: ClamAV update process started at
Mon...5
Jan 12 09:38:58 newsmtp freshclam[682]: WARNING: Can't download main.cvd
fro...t
Jan 12 09:38:58 newsmtp freshclam[682]: Trying again in 5 secs...
Jan 12 09:39:03 newsmtp freshclam[682]: ClamAV update process started at
Mon...5
Jan 12 09:39:03 newsmtp freshclam[682]: ERROR: Can't download main.cvd from
...t
Jan 12 09:39:03 newsmtp freshclam[682]: Giving up on db.local.clamav.net...
Jan 12 09:39:03 newsmtp freshclam[682]: ClamAV update process started at
Mon...5
Jan 12 09:39:04 newsmtp freshclam[682]: ERROR: Can't download main.cvd from
...t
Jan 12 09:39:04 newsmtp freshclam[682]: Giving up on database.clamav.net...
Jan 12 09:39:04 newsmtp freshclam[682]: Update failed. Your network may be
d....
Hint: Some lines were ellipsized, use -l to show in full.
ls -l /var/lib/clamav
# ls -l /var/lib/clamav
total 4
-rw------- 1 clamav clamav 1248 Jan 12 09:39 mirrors.dat
Somehow freshclam can't download the virus definition databases.
I'm going to re-assign this bug report to clamav-daemon (not sure, if
it's actually a bug), since its package maintainer is probably more able
to help you.
If this turns out to be an actual bug in systemd, please re-assign back.
Should systemd be able to limit the frequency of starting the daemon? I don't
think it's reasonable for it to take the entire CPU power of a core of a 64bit
CPU for repeatedly starting a daemon.
I think systemd should handle this case better, either with a mechanism
like you suggest, or by simply changing the socket state from active to
failed if the associated service can't be started due to a condition
failure. That is what systemd does if the service fails to start.
Thus I've cloned a bug for that issue.
Let's keep this bug (#775112) about improving the situation from the
clamav side. I see two options. Either we add the conditions also to the
socket unit, or we remove them from the service unit. In the latter
case, clamd will fail to start and both service and socket will enter
failed state, if no databases are present.
My guess is that the clamav databases are not present.
The clamav-daemon.service contains:
ConditionPathExistsGlob=/var/lib/clamav/main.{c[vl]d,inc}
ConditionPathExistsGlob=/var/lib/clamav/daily.{c[vl]d,inc}
So systemd will not start clamav-daemon, if the databases are absent
(and if it did, clamd would fail to start).
But these conditions should probably also be in the socket, so that the
socket is not created, if no databases are present.
It should log the reason why it doesn't start.
It should, so I've made another clone.
Anyway, freshclam should have downloaded the databases in the mean time,
so it should work now.
No, it's still having problems doing that, but that's another issue.
You probably need to check your network connection, firewall settings etc..
Best regards,
Andreas
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
