[Pkg-clamav-devel] Bug#752518: clamav-freshclam: freshclam does not restart on host when openvz guest also runs freshclam

Gwenn Gueguen ggueguen at gmail.com
Tue Jun 24 12:05:49 UTC 2014 

Package: clamav-freshclam
Version: 0.98.1+dfsg-1+deb7u3
Severity: normal

Dear Maintainer,

Startup script for clamav-freshclam uses pidofproc to find if freshclam
is already running. If the PID file does not exist, it will look for
freshclam processes by name.

On a host having openvz containers (maybe lxc containers too) running
freshclam daemon, pidofproc will find freshclam processes running into
containers.

"service clamav-freshclam restart" will try to kill freshclam processes
running into containers and will not start freshclam on host because it
thinks freshclam is already running.

Output on a host with three openvz containers, each running freshclam:

# service clamav-freshclam restart
Stopping ClamAV virus database updater: freshclam/etc/init.d/clamav-freshclam: 346: kill: Illegal number: 25356 24140 21711
 failed!


-- Package-specific info:
--- configuration ---
#Automatically Generated by clamav-base postinst
#To reconfigure clamd run #dpkg-reconfigure clamav-base
#Please read /usr/share/doc/clamav-base/README.Debian.gz for details
LocalSocket /var/run/clamav/clamd.ctl
FixStaleSocket true
LocalSocketGroup clamav
LocalSocketMode 666
# TemporaryDirectory is not set to its default /tmp here to make overriding
# the default with environment variables TMPDIR/TMP/TEMP possible
User clamav
AllowSupplementaryGroups true
ScanMail true
ScanArchive true
ArchiveBlockEncrypted false
MaxDirectoryRecursion 15
FollowDirectorySymlinks false
FollowFileSymlinks false
ReadTimeout 180
MaxThreads 12
MaxConnectionQueueLength 15
LogSyslog false
LogRotate true
LogFacility LOG_LOCAL6
LogClean false
LogVerbose false
PidFile /var/run/clamav/clamd.pid
DatabaseDirectory /var/lib/clamav
SelfCheck 3600
Foreground false
Debug false
ScanPE true
MaxEmbeddedPE 10M
ScanOLE2 true
ScanHTML true
MaxHTMLNormalize 10M
MaxHTMLNoTags 2M
MaxScriptNormalize 5M
MaxZipTypeRcg 1M
ScanSWF true
DetectBrokenExecutables false
ExitOnOOM false
LeaveTemporaryFiles false
AlgorithmicDetection true
ScanELF true
IdleTimeout 30
PhishingSignatures true
PhishingScanURLs true
PhishingAlwaysBlockSSLMismatch false
PhishingAlwaysBlockCloak false
DetectPUA false
ScanPartialMessages false
HeuristicScanPrecedence false
StructuredDataDetection false
CommandReadTimeout 5
SendBufTimeout 200
MaxQueue 100
ExtendedDetectionInfo true
OLE2BlockMacros false
ScanOnAccess false
AllowAllMatchScan true
ForceToDisk false
DisableCertCheck false
StreamMaxLength 25M
LogFile /var/log/clamav/clamav.log
LogTime true
LogFileUnlock false
LogFileMaxSize 0
Bytecode true
BytecodeSecurity TrustSigned
BytecodeTimeout 60000
OfficialDatabaseOnly false
CrossFilesystems true
# Automatically created by the clamav-freshclam postinst
# Comments will get lost when you reconfigure the clamav-freshclam package

DatabaseOwner clamav
UpdateLogFile /var/log/clamav/freshclam.log
LogVerbose false
LogSyslog false
LogFacility LOG_LOCAL6
LogFileMaxSize 0
LogRotate true
LogTime true
Foreground false
Debug false
MaxAttempts 5
DatabaseDirectory /var/lib/clamav
DNSDatabaseInfo current.cvd.clamav.net
AllowSupplementaryGroups false
PidFile /var/run/clamav/freshclam.pid
ConnectTimeout 30
ReceiveTimeout 30
TestDatabases yes
ScriptedUpdates yes
CompressLocalDatabase no
Bytecode true
# Check for new database 24 times a day
Checks 24
DatabaseMirror db.local.clamav.net
DatabaseMirror database.clamav.net
PrivateMirror clamav

--- data dir ---
total 88060
-rw-r--r-- 1 clamav clamav    73081 Jun 11 16:43 bytecode.cvd
-rw-r--r-- 1 clamav clamav 25265284 Jun 22 11:55 daily.cvd
-rw-r--r-- 1 clamav clamav 64720632 Jun 11 16:43 main.cvd
-rw------- 1 clamav clamav       52 Jun 11 16:43 mirrors.dat

-- System Information:
Debian Release: 7.5
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-20-pve (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages clamav-freshclam depends on:
ii  clamav-base            0.98.1+dfsg-1+deb7u3
ii  debconf [debconf-2.0]  1.5.49
ii  libc6                  2.13-38+deb7u1
ii  libclamav6             0.98.1+dfsg-1+deb7u3
ii  logrotate              3.8.1-4
ii  lsb-base               4.1+Debian8+deb7u1
ii  ucf                    3.0025+nmu3
ii  zlib1g                 1:1.2.7.dfsg-13

clamav-freshclam recommends no packages.

Versions of packages clamav-freshclam suggests:
pn  clamav-docs  <none>

-- debconf information:
* clamav-freshclam/autoupdate_freshclam: daemon
* clamav-freshclam/proxy_user:
* clamav-freshclam/NotifyClamd: false
* clamav-freshclam/local_mirror: db.local.clamav.net
* clamav-freshclam/http_proxy:
* clamav-freshclam/update_interval: 24
* clamav-freshclam/PrivateMirror: clamav
* clamav-freshclam/internet_interface:

More information about the Pkg-clamav-devel mailing list