Package: clamav-daemon Version: 0.102.4+dfsg-0+deb10u1 Severity: normal Dear Maintainer,
I noticed that clamd now uses large amounts of memory: clamav 1006 1.9 3.6 1405692 1186776 ? Ssl 17:53 0:12 /usr/sbin/clamd --foreground=true I don’t remember it doing so until the last few weeks. Restarting it or even rebooting doesn’t fix things. What can I do to help investigate the causes? Regards, Stephen -- Package-specific info: --- configuration --- Checking configuration files in /etc/clamav Config file: clamd.conf ----------------------- AlertExceedsMax disabled PreludeEnable disabled PreludeAnalyzerName = "ClamAV" LogFile = "/var/log/clamav/clamav.log" LogFileUnlock disabled LogFileMaxSize = "4294967295" LogTime = "yes" LogClean disabled LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" ExtendedDetectionInfo = "yes" PidFile disabled TemporaryDirectory = "/tmp" DatabaseDirectory = "/var/lib/clamav/" OfficialDatabaseOnly disabled LocalSocket = "/var/run/clamav/clamd.ctl" LocalSocketGroup = "clamav" LocalSocketMode = "666" FixStaleSocket = "yes" TCPSocket disabled TCPAddr disabled MaxConnectionQueueLength = "15" StreamMaxLength = "10485760" StreamMinPort = "1024" StreamMaxPort = "2048" MaxThreads = "12" ReadTimeout = "180" CommandReadTimeout = "5" SendBufTimeout = "200" MaxQueue = "100" IdleTimeout = "30" ExcludePath disabled MaxDirectoryRecursion = "15" FollowDirectorySymlinks disabled FollowFileSymlinks disabled CrossFilesystems = "yes" SelfCheck = "3600" DisableCache disabled VirusEvent disabled ExitOnOOM disabled AllowAllMatchScan = "yes" Foreground disabled Debug disabled LeaveTemporaryFiles disabled User = "clamav" Bytecode = "yes" BytecodeSecurity = "TrustSigned" BytecodeTimeout = "60000" BytecodeUnsigned disabled BytecodeMode = "Auto" DetectPUA disabled ExcludePUA disabled IncludePUA disabled ScanPE = "yes" ScanELF = "yes" ScanMail = "yes" ScanPartialMessages disabled PhishingSignatures = "yes" PhishingScanURLs = "yes" HeuristicAlerts = "yes" HeuristicScanPrecedence disabled StructuredDataDetection disabled StructuredMinCreditCardCount = "3" StructuredMinSSNCount = "3" StructuredSSNFormatNormal = "yes" StructuredSSNFormatStripped disabled ScanHTML = "yes" ScanOLE2 = "yes" AlertBrokenExecutables disabled AlertEncrypted disabled AlertEncryptedArchive disabled AlertEncryptedDoc disabled AlertOLE2Macros disabled AlertPhishingSSLMismatch disabled AlertPhishingCloak disabled AlertPartitionIntersection disabled ScanPDF = "yes" ScanSWF = "yes" ScanXMLDOCS = "yes" ScanHWP3 = "yes" ScanArchive = "yes" ForceToDisk disabled MaxScanTime = "120000" MaxScanSize = "104857600" MaxFileSize = "26214400" MaxRecursion = "16" MaxFiles = "10000" MaxEmbeddedPE = "10485760" MaxHTMLNormalize = "10485760" MaxHTMLNoTags = "2097152" MaxScriptNormalize = "5242880" MaxZipTypeRcg = "1048576" MaxPartitions = "50" MaxIconsPE = "100" MaxRecHWP3 = "16" PCREMatchLimit = "10000" PCRERecMatchLimit = "5000" PCREMaxFileSize = "26214400" OnAccessMountPath disabled OnAccessIncludePath disabled OnAccessExcludePath disabled OnAccessExcludeRootUID disabled OnAccessExcludeUID disabled OnAccessExcludeUname disabled OnAccessMaxFileSize = "5242880" OnAccessDisableDDD disabled OnAccessPrevention disabled OnAccessExtraScanning disabled OnAccessCurlTimeout = "5000" OnAccessMaxThreads = "5" OnAccessRetryAttempts disabled OnAccessDenyOnError disabled DevACOnly disabled DevACDepth disabled DevPerformance disabled DevLiblog disabled DisableCertCheck disabled AlgorithmicDetection = "yes" BlockMax disabled PhishingAlwaysBlockSSLMismatch disabled PhishingAlwaysBlockCloak disabled PartitionIntersection disabled OLE2BlockMacros disabled ArchiveBlockEncrypted disabled Config file: freshclam.conf --------------------------- LogFileMaxSize = "4294967295" LogTime disabled LogSyslog disabled LogFacility = "LOG_LOCAL6" LogVerbose disabled LogRotate = "yes" PidFile disabled DatabaseDirectory = "/var/lib/clamav/" Foreground disabled Debug disabled UpdateLogFile = "/var/log/clamav/freshclam.log" DatabaseOwner = "clamav" Checks = "12" DNSDatabaseInfo = "current.cvd.clamav.net" DatabaseMirror = "db.local.clamav.net", "database.clamav.net" PrivateMirror disabled MaxAttempts = "5" ScriptedUpdates = "yes" TestDatabases = "yes" CompressLocalDatabase disabled ExtraDatabase disabled ExcludeDatabase disabled DatabaseCustomURL disabled HTTPProxyServer = "localhost" HTTPProxyPort = "3128" HTTPProxyUsername disabled HTTPProxyPassword disabled HTTPUserAgent disabled NotifyClamd = "/etc/clamav/clamd.conf" OnUpdateExecute disabled OnErrorExecute disabled OnOutdatedExecute disabled LocalIPAddress disabled ConnectTimeout = "30" ReceiveTimeout = "30" SafeBrowsing disabled Bytecode = "yes" clamav-milter.conf not found Software settings ----------------- Version: 0.102.4 Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2 LIBXML2 PCRE2 ICONV JSON Database information -------------------- Database directory: /var/lib/clamav/ daily.cld: version 25995, sigs: 4347666, built on Sat Nov 21 14:16:39 2020 bytecode.cld: version 331, sigs: 94, built on Thu Sep 19 18:12:33 2019 main.cld: version 59, sigs: 4564902, built on Mon Nov 25 14:56:15 2019 Total number of signatures: 8912662 Platform information -------------------- uname: Linux 4.19.0-12-amd64 #1 SMP Debian 4.19.152-1 (2020-10-18) x86_64 OS: linux-gnu, ARCH: x86_64, CPU: x86_64 Full OS version: Debian GNU/Linux 10 (buster) zlib version: 1.2.11 (1.2.11), compile flags: a9 platform id: 0x0a2173730800000000080300 Build information ----------------- GNU C: 8.3.0 (8.3.0) CPPFLAGS: -Wdate-time -D_FORTIFY_SOURCE=2 CFLAGS: -g -O2 -fdebug-prefix-map=/build/clamav-sSz0eR/clamav-0.102.4+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 CXXFLAGS: -g -O2 -fdebug-prefix-map=/build/clamav-sSz0eR/clamav-0.102.4+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64 LDFLAGS: -Wl,-z,relro -Wl,-z,now -Wl,--as-needed Configure: '--build=x86_64-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--disable-silent-rules' '--libdir=/usr/lib/x86_64-linux-gnu' '--libexecdir=/usr/lib/x86_64-linux-gnu' '--runstatedir=/run' '--disable-maintainer-mode' '--disable-dependency-tracking' 'CFLAGS=-g -O2 -fdebug-prefix-map=/build/clamav-sSz0eR/clamav-0.102.4+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'CPPFLAGS=-Wdate-time -D_FORTIFY_SOURCE=2' 'CXXFLAGS=-g -O2 -fdebug-prefix-map=/build/clamav-sSz0eR/clamav-0.102.4+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security -Wall -D_FILE_OFFSET_BITS=64' 'LDFLAGS=-Wl,-z,relro -Wl,-z,now -Wl,--as-needed' '--with-dbdir=/var/lib/clamav' '--sysconfdir=/etc/clamav' '--disable-clamav' '--disable-unrar' '--enable-milter' '--enable-dns-fix' '--with-libjson' '--with-system-libmspack' '--with-libcurl=/usr' '--with-gnu-ld' '--with-systemdsystemunitdir=/lib/systemd/system' 'build_alias=x86_64-linux-gnu' 'OBJCFLAGS=-g -O2 -fdebug-prefix-map=/build/clamav-sSz0eR/clamav-0.102.4+dfsg=. -fstack-protector-strong -Wformat -Werror=format-security' sizeof(void*) = 8 Engine flevel: 115, dconf: 115 --- data dir --- total 644024 -rw-r--r-- 1 clamav clamav 1458176 Sep 19 2019 bytecode.cld -rw-r--r-- 1 clamav clamav 115496 Aug 13 2004 clamav-9cf5c5af91bef25a -rw-r--r-- 1 clamav clamav 114048 Aug 5 2004 clamav-9d39da1493642b84 -rw-r--r-- 1 clamav clamav 111152 Aug 4 2004 clamav-9e8ac33e38b57818 drwxr-xr-x 2 clamav clamav 4096 Jun 21 2015 clamav-a0cf74401e8333c5fc885b9fc30365b8.tmp -rw-r--r-- 1 root root 66 May 10 2004 clamav-daemon.md5sum -rw-r--r-- 1 root root 48 Oct 4 2003 clamav-freshclam.debconf -rw-r--r-- 1 clamav clamav 350221824 Nov 21 15:43 daily.cld drwxr-xr-x 2 clamav clamav 4096 May 19 2008 daily.inc -rw-r--r-- 1 root root 66 May 10 2004 etc.clamav.conf.md5sum -rw-r--r-- 1 root root 33 Sep 6 2004 etc.freshclam.conf.md5sum -rw-r--r-- 1 uml-net iocard 4029 Jun 21 2003 ff6d47135e931668 -rw-r--r-- 1 clamav clamav 307403264 Nov 25 2019 main.cld drwxr-xr-x 2 clamav clamav 4096 May 19 2008 main.inc -rw-r--r-- 1 root root 86 Jul 3 2003 mirrors.txt.OLD -- System Information: Debian Release: 10.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-debug'), (500, 'stable'), (100, 'unstable-debug'), (100, 'testing-debug'), (100, 'unstable'), (100, 'testing'), (1, 'experimental-debug'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386, arm64 Kernel: Linux 4.19.0-12-amd64 (SMP w/8 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages clamav-daemon depends on: ii adduser 3.118 ii clamav-base 0.102.4+dfsg-0+deb10u1 ii clamav-freshclam [clamav-data] 0.102.4+dfsg-0+deb10u1 ii debconf [debconf-2.0] 1.5.71 ii dpkg 1.19.7 ii libc6 2.28-10 ii libclamav9 0.102.4+dfsg-0+deb10u1 ii libcurl4 7.64.0-4+deb10u1 ii libncurses6 6.1+20181013-2+deb10u2 ii libssl1.1 1.1.1d-0+deb10u3 ii libsystemd0 241-7~deb10u4 ii libtinfo6 6.1+20181013-2+deb10u2 ii lsb-base 10.2019051400 ii procps 2:3.3.15-2 ii ucf 3.0038+nmu1 ii zlib1g 1:1.2.11.dfsg-1 Versions of packages clamav-daemon recommends: ii clamdscan 0.102.4+dfsg-0+deb10u1 Versions of packages clamav-daemon suggests: pn apparmor <none> pn clamav-docs <none> pn daemon <none> pn libclamunrar <none> -- Configuration Files: /etc/logcheck/ignore.d.paranoid/clamav-daemon [Errno 13] Permission denied: '/etc/logcheck/ignore.d.paranoid/clamav-daemon' /etc/logcheck/ignore.d.server/clamav-daemon [Errno 13] Permission denied: '/etc/logcheck/ignore.d.server/clamav-daemon' -- debconf information: clamav-daemon/LocalSocketMode: 666 clamav-daemon/ReadTimeout: 180 clamav-daemon/MaxHTMLNormalize: 10M clamav-daemon/MaxHTMLNoTags: 2M clamav-daemon/StreamMaxLength: 10 clamav-daemon/ScanMail: true clamav-daemon/LogRotate: true clamav-daemon/FollowDirectorySymlinks: false clamav-daemon/StatsPEDisabled: true clamav-daemon/TCPSocket: 3310 clamav-daemon/User: clamav clamav-daemon/ForceToDisk: false clamav-daemon/OnAccessMaxFileSize: 5M clamav-daemon/MaxThreads: 12 clamav-daemon/FixStaleSocket: true clamav-daemon/ScanOnAccess: false clamav-daemon/ScanSWF: true clamav-daemon/FollowFileSymlinks: false clamav-daemon/MaxZipTypeRcg: 1M clamav-daemon/AllowAllMatchScan: true clamav-daemon/LogSyslog: false clamav-daemon/MaxScriptNormalize: 5M clamav-daemon/SelfCheck: 3600 clamav-daemon/StatsHostID: auto clamav-daemon/LogFile: /var/log/clamav/clamav.log clamav-daemon/MaxEmbeddedPE: 10M clamav-daemon/MaxDirectoryRecursion: 15 clamav-daemon/ScanArchive: true clamav-daemon/LocalSocketGroup: clamav clamav-daemon/LocalSocket: /var/run/clamav/clamd.ctl clamav-daemon/StatsEnabled: false clamav-daemon/LogTime: true clamav-daemon/StatsTimeout: 10 clamav-daemon/BytecodeTimeout: 60000 clamav-daemon/debconf: true clamav-daemon/AddGroups: amavis clamav-daemon/DisableCertCheck: false clamav-daemon/Bytecode: true clamav-daemon/BytecodeSecurity: TrustSigned clamav-daemon/TCPAddr: any clamav-daemon/TcpOrLocal: UNIX clamav-daemon/MaxConnectionQueueLength: 15
