On 2019-03-25 15:39, Nils Fahldieck - Profihost AG wrote:
libc6 Version: 2.24-11+deb9u4
systemd Version: 232-25+deb9u9
Debian Version: Debian GNU/Linux 9 (stretch)
The `postrotate` script in `/etc/logrotate.d/clamav-freshclam` executes
this code if systemd is used:
$ cat /etc/logrotate.d/clamav-freshclam
postrotate
if [ -d /run/systemd/system ]; then
systemctl -q is-active clamav-freshclam && systemctl kill
--signal=SIGHUP clamav-freshclam || true
Whenever logrotate rotates freshclam's logfile, the service is inactive
(dead) afterwards.
Reproducer:
$ systemctl is-active clamav-freshclam
active
$ systemctl -q is-active clamav-freshclam && systemctl kill
--signal=SIGHUP clamav-freshclam || true
$ systemctl is-active clamav-freshclam
inactive
$ systemctl status clamav-freshclam.service
● clamav-freshclam.service - ClamAV virus database updater
Loaded: loaded (/lib/systemd/system/clamav-freshclam.service;
enabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/clamav-freshclam.service.d
└─limits.conf
Active: inactive (dead) since Mon 2019-03-25 16:28:25 CET; 2s ago
Docs: man:freshclam(1)
fwiw, I can't reproduce this.
clamav-freshclam 0.100.2+dfsg-0+deb9u1
libc6 2.24-11+deb9u4
systemd 232-25+deb9u9
● clamav-freshclam.service - ClamAV virus database updater
Loaded: loaded (/lib/systemd/system/clamav-freshclam.service;
enabled; vendor preset: enabled)
Active: active (running) since Sun 2019-03-10 19:07:03 GMT; 2 weeks 0
days ago
..
-rw-r----- 1 clamav adm 4754 Mar 11 06:25
/var/log/clamav/freshclam.log.3.gz
-rw-r----- 1 clamav adm 3544 Mar 17 06:25
/var/log/clamav/freshclam.log.2.gz
-rw-r----- 1 clamav adm 312142 Mar 24 06:25
/var/log/clamav/freshclam.log.1
-rw-r----- 1 clamav adm 65671 Mar 25 17:25
/var/log/clamav/freshclam.log
also:
# systemctl is-active clamav-freshclam
active
# systemctl -q is-active clamav-freshclam && systemctl kill
--signal=SIGHUP clamav-freshclam || true
# systemctl is-active clamav-freshclam
active
Aaaaaahhh... My guess would be that this is due to your local
customisation:
Drop-In: /etc/systemd/system/clamav-freshclam.service.d
└─limits.conf
...
Process: 15231 ExecStart=/usr/bin/cpulimit -f -l 5 --
/usr/bin/freshclam -d --foreground=true (code=killed, signal=HUP)
which means that the HUP will be being sent to cpulimit, not to
freshclam.
I'm not a clamav maintainer, but I'd be inclined at this point to say
that this is not a problem with the package, and "you get to keep the
pieces", I'm afraid. From a quick bit of research, I would suggest that
you want to be using systemd's built-in
https://www.freedesktop.org/software/systemd/man/systemd.resource-control.html#CPUQuota=
, which would entirely avoid this issue.
Regards,
Adam
