After the Efa-Init. ( tested it several times with same result)
High cpu usage ( 1 cpu 100%) caused by clamd@scan.service. Caused by /var/lib/clamav/sanesecurity.ftm being 0 bytes
If something goes wrong in this script, there must be some additional logic to remove files that are 0 bytes
Code: Select all
systemctl status clamd@scan.service
Loaded: loaded (/usr/lib/systemd/system/clamd@scan.service; enabled;
vendor preset: disabled)
Active: failed (Result: exit-code) since Fri 2019-03-01 15:47:05
CET; 1min 16s ago
Docs: man:clamd(8)
man:clamd.conf(5)
https://www.clamav.net/documents/
Process: 17234 ExecStart=/usr/sbin/clamd -c /etc/clamd.d/%i.conf
(code=exited, status=1/FAILURE)
Mar 01 15:46:43 efa4RC3 clamd[17234]: Bytecode: Security mode set to "TrustSigned".
Mar 01 15:47:05 efa4RC3 clamd[17234]: LibClamAV Error: Empty external filetype database
Mar 01 15:47:05 efa4RC3 clamd[17234]: LibClamAV Error: Can't load /var/lib/clamav/sanesecurity.ftm: Malformed database
Mar 01 15:47:05 efa4RC3 clamd[17234]: LibClamAV Error: cli_loaddbdir(): error loading database /var/lib/clamav/sanesecurity.ftm
Mar 01 15:47:05 efa4RC3 clamd[17234]: Malformed database
Mar 01 15:47:05 efa4RC3 clamd[17234]: ERROR: Malformed database
Mar 01 15:47:05 efa4RC3 systemd[1]: clamd@scan.service: control process exited, code=exited status=1
Mar 01 15:47:05 efa4RC3 systemd[1]: Failed to start Generic clamav scanner daemon.
Mar 01 15:47:05 efa4RC3 systemd[1]: Unit clamd@scan.service entered failed state.
Mar 01 15:47:05 efa4RC3 systemd[1]: clamd@scan.service failed.
Solved by:
1# remove /var/lib/clamav/sanesecurity.ftm
2# temp disable Restart = on-failure
/lib/systemd/system/clamd@.service
Code: Select all
[Unit]
Description = clamd scanner (%i) daemon
Documentation=man:clamd(8) man:clamd.conf(5)
https://www.clamav.net/documents/
# Check for database existence
# ConditionPathExistsGlob=@DBDIR@/main.{c[vl]d,inc}
# ConditionPathExistsGlob=@DBDIR@/daily.{c[vl]d,inc}
After = syslog.target nss-lookup.target network.target
[Service]
Type = forking
ExecStart = /usr/sbin/clamd -c /etc/clamd.d/%i.conf
#Restart = on-failure
Code: Select all
systemctl daemon-reload
Code: Select all
/usr/sbin/clamav-unofficial-sigs.sh
5.
Code: Select all
systemctl daemon-reload