![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
CONTENTS
Lastmodified 2022-02-08 (火) 10:47:02
http://forums.freebsd.org/showthread.php?t=16379
WARNING: failed to start amavisdと言ってamavisdが起ち上がらない。 こうなると、connect to 127.0.0.1[127.0.0.1]:10024: Connection refused となって、メールがmailqにたまって不達となる。
コンソールで、
# /usr/local/etc/rc.d/amavisd start
してもダメなときは、さっさと
# rm -r /var/amavis
して、amavisd-newを再インストールする、ヨロシ。( ̄^ ̄)ゞ
VirusScan on FreeBSD 9.0R
amavisd-new のインストール
# cd /usr/ports/security/amavisd-new # make deinstall # cp Makefile Makefile_dist # vi Makefile
--------------------------------- - AMAVISUSER?= vscan #この部分を - AMAVISGROUP?= vscan --------------------------------- + AMAVISUSER?= clamav #このように編集 + AMAVISGROUP?= clamav ---------------------------------
# portinstall security/amavisd-new # rehash # /usr/local/etc/rc.d/amavisd start # /usr/local/etc/rc.d/amavisd status amavisd is running as pid 12663.
k222# sh -x /usr/local/etc/rc.d/amavisd start + . /etc/rc.subr + : rc.conf(5) + : 45291 + export RC_PID + [ -z ] + _rc_subr_loaded=YES + SYSCTL=/sbin/sysctl + SYSCTL_N=/sbin/sysctl -n + CMD_OSTYPE=/sbin/sysctl -n kern.ostype + /sbin/sysctl -n kern.ostype + OSTYPE=FreeBSD + ID=/usr/bin/id + IDCMD=if [ -x /usr/bin/id ]; then /usr/bin/id -un; fi + PS=/bin/ps -ww + /bin/ps -ww -p 45291 -o jid= + JID= 0 + SYSCTL_W=/sbin/sysctl + _rc_subr_loaded=: + name=amavisd + rcvar=amavisd_enable + load_rc_config amavisd + _name=amavisd + [ -z amavisd ] + false + [ -r /etc/defaults/rc.conf ] + debug Sourcing /etc/defaults/rc.conf + . /etc/defaults/rc.conf + rc_debug=NO + rc_info=NO + rcshutdown_timeout=30 + early_late_divider=FILESYSTEMS + swapfile=NO + apm_enable=NO + apmd_enable=NO + apmd_flags= + ddb_enable=NO + ddb_config=/etc/ddb.conf + devd_enable=YES + devd_flags= + kldxref_enable=NO + kldxref_clobber=NO + kldxref_module_path= + powerd_enable=NO + powerd_flags= + tmpmfs=AUTO + tmpsize=20m + tmpmfs_flags=-S + varmfs=AUTO + varsize=32m + varmfs_flags=-S + populate_var=AUTO + cleanvar_enable=YES + local_startup=/usr/local/etc/rc.d + script_name_sep= + rc_conf_files=/etc/rc.conf /etc/rc.conf.local + zfs_enable=NO + gbde_autoattach_all=NO + gbde_devices=NO + gbde_attach_attempts=3 + gbde_lockdir=/etc + geli_devices= + geli_tries= + geli_default_flags= + geli_autodetach=YES + geli_swap_flags=-e aes -l 256 -s 4096 -d + root_rw_mount=YES + fsck_y_enable=NO + background_fsck=YES + background_fsck_delay=60 + netfs_types=nfs:NFS nfs4:NFS4 smbfs:SMB portalfs:PORTAL nwfs:NWFS + extra_netfs_types=NO + hostname= + hostid_enable=YES + hostid_file=/etc/hostid + nisdomainname=NO + dhclient_program=/sbin/dhclient + dhclient_flags= + background_dhclient=NO + synchronous_dhclient=YES + firewall_enable=NO + firewall_script=/etc/rc.firewall + firewall_type=UNKNOWN + firewall_quiet=NO + firewall_logging=NO + firewall_flags= + firewall_client_net=192.0.2.0/24 + firewall_simple_iif=ed1 + firewall_simple_inet=192.0.2.16/28 + firewall_simple_oif=ed0 + firewall_simple_onet=192.0.2.0/28 + firewall_myservices= + firewall_allowservices= + firewall_trusted= + firewall_logdeny=NO + firewall_nologports=135-139,445 1026,1027 1433,1434 + firewall_nat_enable=NO + firewall_nat_interface= + firewall_nat_flags= + dummynet_enable=NO + ip_portrange_first=NO + ip_portrange_last=NO + ike_enable=NO + ike_program=/usr/local/sbin/isakmpd + ike_flags= + ipsec_enable=NO + ipsec_file=/etc/ipsec.conf + natd_program=/sbin/natd + natd_enable=NO + natd_interface= + natd_flags= + ipfilter_enable=NO + ipfilter_program=/sbin/ipf + ipfilter_rules=/etc/ipf.rules + ipfilter_flags= + ipnat_enable=NO + ipnat_program=/sbin/ipnat + ipnat_rules=/etc/ipnat.rules + ipnat_flags= + ipmon_enable=NO + ipmon_program=/sbin/ipmon + ipmon_flags=-Ds + ipfs_enable=NO + ipfs_program=/sbin/ipfs + ipfs_flags= + pf_enable=NO + pf_rules=/etc/pf.conf + pf_program=/sbin/pfctl + pf_flags= + pflog_enable=NO + pflog_logfile=/var/log/pflog + pflog_program=/sbin/pflogd + pflog_flags= + ftpproxy_enable=NO + ftpproxy_flags= + pfsync_enable=NO + pfsync_syncdev= + pfsync_syncpeer= + pfsync_ifconfig= + tcp_extensions=YES + log_in_vain=0 + tcp_keepalive=YES + tcp_drop_synfin=NO + icmp_drop_redirect=NO + icmp_log_redirect=NO + network_interfaces=auto + cloned_interfaces= + ifconfig_lo0=inet 127.0.0.1 + sppp_interfaces= + gif_interfaces= + fec_interfaces= + ppp_enable=NO + ppp_program=/usr/sbin/ppp + ppp_mode=auto + ppp_nat=YES + ppp_profile=papchap + ppp_user=root + hostapd_enable=NO + syslogd_enable=YES + syslogd_program=/usr/sbin/syslogd + syslogd_flags=-s + inetd_enable=NO + inetd_program=/usr/sbin/inetd + inetd_flags=-wW -C 60 + named_enable=NO + named_program=/usr/sbin/named + named_pidfile=/var/run/named/pid + named_uid=bind + named_chrootdir=/var/named + named_chroot_autoupdate=YES + named_symlink_enable=YES + kerberos5_server_enable=NO + kerberos5_server=/usr/libexec/kdc + kerberos5_server_flags=--detach + kadmind5_server_enable=NO + kadmind5_server=/usr/libexec/kadmind + kpasswdd_server_enable=NO + kpasswdd_server=/usr/libexec/kpasswdd + rwhod_enable=NO + rwhod_flags= + rarpd_enable=NO + rarpd_flags=-a + bootparamd_enable=NO + bootparamd_flags= + pppoed_enable=NO + pppoed_provider=* + pppoed_flags=-P /var/run/pppoed.pid + pppoed_interface=fxp0 + sshd_enable=NO + sshd_program=/usr/sbin/sshd + sshd_flags= + ftpd_enable=NO + ftpd_program=/usr/libexec/ftpd + ftpd_flags= + amd_enable=NO + amd_program=/usr/sbin/amd + amd_flags=-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map + amd_map_program=NO + nfs_client_enable=NO + nfs_access_cache=60 + nfs_server_enable=NO + nfs_server_flags=-u -t -n 4 + idmapd_enable=NO + idmapd_flags= + mountd_enable=NO + mountd_flags=-r + weak_mountd_authentication=NO + nfs_reserved_port_only=NO + nfs_bufpackets= + rpc_lockd_enable=NO + rpc_lockd_flags= + rpc_statd_enable=NO + rpc_statd_flags= + rpcbind_enable=NO + rpcbind_program=/usr/sbin/rpcbind + rpcbind_flags= + rpc_ypupdated_enable=NO + keyserv_enable=NO + keyserv_flags= + timed_enable=NO + timed_flags= + ntpdate_enable=NO + ntpdate_program=/usr/sbin/ntpdate + ntpdate_flags=-b + ntpdate_config=/etc/ntp.conf + ntpdate_hosts= + ntpd_enable=NO + ntpd_program=/usr/sbin/ntpd + ntpd_config=/etc/ntp.conf + ntpd_sync_on_start=NO + ntpd_flags=-p /var/run/ntpd.pid -f /var/db/ntpd.drift + nis_client_enable=NO + nis_client_flags= + nis_ypset_enable=NO + nis_ypset_flags= + nis_server_enable=NO + nis_server_flags= + nis_ypxfrd_enable=NO + nis_ypxfrd_flags= + nis_yppasswdd_enable=NO + nis_yppasswdd_flags= + bsnmpd_enable=NO + bsnmpd_flags= + defaultrouter=NO + static_routes= + natm_static_routes= + gateway_enable=NO + router_enable=NO + router=/sbin/routed + router_flags=-q + mrouted_enable=NO + mrouted_program=/usr/local/sbin/mrouted + mrouted_flags= + ipxgateway_enable=NO + ipxrouted_enable=NO + ipxrouted_flags= + arpproxy_all=NO + forward_sourceroute=NO + accept_sourceroute=NO + atm_enable=NO + atm_pvcs= + atm_arps= + isdn_enable=NO + isdn_fsdev=NO + isdn_flags=-dn -d0x1f9 + isdn_ttype=cons25 + isdn_screenflags=NO + isdn_trace=NO + isdn_traceflags=-f /var/tmp/isdntrace0 + hcsecd_enable=NO + hcsecd_config=/etc/bluetooth/hcsecd.conf + sdpd_enable=NO + sdpd_control=/var/run/sdp + sdpd_groupname=nobody + sdpd_username=nobody + bthidd_enable=NO + bthidd_config=/etc/bluetooth/bthidd.conf + bthidd_hids=/var/db/bthidd.hids + rfcomm_pppd_server_enable=NO + rfcomm_pppd_server_profile=one two + rfcomm_pppd_server_one_channel=1 + rfcomm_pppd_server_two_channel=3 + icmp_bmcastecho=NO + ipv6_enable=NO + ipv6_network_interfaces=auto + ipv6_defaultrouter=NO + ipv6_static_routes= + ipv6_gateway_enable=NO + ipv6_router_enable=NO + ipv6_router=/usr/sbin/route6d + ipv6_router_flags= + ipv6_default_interface=NO + rtsol_flags= + rtadvd_enable=NO + rtadvd_interfaces= + mroute6d_enable=NO + mroute6d_program=/usr/local/sbin/pim6dd + mroute6d_flags= + stf_interface_ipv4addr= + stf_interface_ipv4plen=0 + stf_interface_ipv6_ifid=0:0:0:1 + stf_interface_ipv6_slaid=0000 + ipv6_faith_prefix=NO + ipv6_ipv4mapping=NO + ipv6_firewall_enable=NO + ipv6_firewall_script=/etc/rc.firewall6 + ipv6_firewall_type=UNKNOWN + ipv6_firewall_quiet=NO + ipv6_firewall_logging=NO + ipv6_firewall_flags= + ipv6_ipfilter_rules=/etc/ipf6.rules + ip6addrctl_enable=YES + ip6addrctl_verbose=NO + keyboard= + keymap=NO + keyrate=NO + keybell=NO + keychange=NO + cursor=NO + scrnmap=NO + font8x16=NO + font8x14=NO + font8x8=NO + blanktime=300 + saver=NO + moused_nondefault_enable=YES + moused_enable=NO + moused_type=auto + moused_port=/dev/psm0 + moused_flags= + mousechar_start=NO + allscreens_flags= + allscreens_kbdflags= + mta_start_script=/etc/rc.sendmail + sendmail_enable=NO + sendmail_pidfile=/var/run/sendmail.pid + sendmail_procname=/usr/sbin/sendmail + sendmail_flags=-L sm-mta -bd -q30m + sendmail_submit_enable=YES + sendmail_submit_flags=-L sm-mta -bd -q30m -ODaemonPortOptions=Addr=localhost + sendmail_outbound_enable=YES + sendmail_outbound_flags=-L sm-queue -q30m + sendmail_msp_queue_enable=YES + sendmail_msp_queue_flags=-L sm-msp-queue -Ac -q30m + sendmail_rebuild_aliases=NO + auditd_enable=NO + auditd_program=/usr/sbin/auditd + auditd_flags= + cron_enable=YES + cron_program=/usr/sbin/cron + cron_dst=YES + cron_flags= + lpd_enable=NO + lpd_program=/usr/sbin/lpd + lpd_flags= + nscd_enable=NO + chkprintcap_enable=NO + chkprintcap_flags=-d + dumpdev=AUTO + dumpdir=/var/crash + savecore_flags= + crashinfo_enable=NO + crashinfo_program=/usr/sbin/crashinfo + enable_quotas=NO + check_quotas=YES + quotaon_flags=-a + quotaoff_flags=-a + quotacheck_flags=-a + accounting_enable=NO + ibcs2_enable=NO + ibcs2_loaders=coff + sysvipc_enable=NO + linux_enable=NO + svr4_enable=NO + clear_tmp_enable=NO + clear_tmp_X=YES + ldconfig_insecure=NO + ldconfig_paths=/usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg + ldconfig32_paths=/usr/lib32 + ldconfig_paths_aout=/usr/lib/compat/aout /usr/local/lib/aout + ldconfig_local_dirs=/usr/local/libdata/ldconfig + ldconfig_local32_dirs=/usr/local/libdata/ldconfig32 + kern_securelevel_enable=NO + kern_securelevel=-1 + update_motd=YES + entropy_file=/entropy + entropy_dir=/var/db/entropy + entropy_save_sz=2048 + entropy_save_num=8 + harvest_interrupt=YES + harvest_ethernet=YES + harvest_p_to_p=YES + dmesg_enable=YES + watchdogd_enable=NO + devfs_rulesets=/etc/defaults/devfs.rules /etc/devfs.rules + devfs_system_ruleset= + devfs_set_rulesets= + performance_cx_lowest=HIGH + performance_cpu_freq=NONE + economy_cx_lowest=HIGH + economy_cpu_freq=NONE + virecover_enable=YES + ugidfw_enable=NO + bsdextended_script=/etc/rc.bsdextended + newsyslog_enable=YES + newsyslog_flags=-CN + mixer_enable=YES + jail_enable=NO + jail_list= + jail_set_hostname_allow=YES + jail_socket_unixiproute_only=YES + jail_sysvipc_allow=NO + [ -z ] + source_rc_confs_defined=yes + source_rc_confs + local i sourced_files + sourced_files=:/etc/rc.conf: + [ -r /etc/rc.conf ] + . /etc/rc.conf + defaultrouter=210.255.122.209 + hostname=k222.kuji-clinic.net + ifconfig_em0=inet 210.255.122.222 netmask 255.255.255.240 + ifconfig_em0_alias0=inet 210.255.122.211 netmask 255.255.255.255 + inetd_enable=NO + keymap=jp.106 + moused_enable=YES + sshd_enable=YES + usbd_enable=YES + ntpd_enable=YES + sendmail_enable=NO + sendmail_submit_enable=NO + sendmail_outbound_enable=NO + sendmail_msp_queue_enable=NO + postfix_enable=YES + apache22_enable=YES + mailman_enable=YES + clamav_clamd_enable=YES + clamav_freshclam_enable=YES + amavisd_enable=YES + spamd_enable=NO + ntpdate_enable=YES + inetd_enable=YES + mysql_enable=YES + svnserve_enable=YES + named_enable=YES + snmpd_enable=YES + snmpd_flags=-a + snmpd_conffile=/usr/local/share/snmp/snmpd.conf /etc/snmpd.config + snmptrapd_enable=YES + snmptrapd_flags=-a -p /var/run/snmptrapd.pid + sourced_files=:/etc/rc.conf::/etc/rc.conf.local: + [ -r /etc/rc.conf.local ] + _rc_conf_loaded=true + [ -f /etc/rc.conf.d/amavisd ] + : YES + pidfile=/var/amavis/amavisd.pid + command=/usr/local/sbin/amavisd + command_args=> /dev/null 2>&1 + required_files=/usr/local/etc/amavisd.conf + extra_commands=reload + start_precmd=start_precmd + stop_postcmd=rm -f /var/amavis/amavisd.pid + reload_cmd=/usr/local/sbin/amavisd reload + run_rc_command start + _return=0 + rc_arg=start + [ -z amavisd ] + shift 1 + rc_extra_args= + _rc_prefix= + eval _override_command=$amavisd_program + _override_command= + command=/usr/local/sbin/amavisd + _keywords=start stop restart rcvar reload + rc_pid= + _pidcmd= + _procname=/usr/local/sbin/amavisd + [ -n /usr/local/sbin/amavisd ] + [ -n /var/amavis/amavisd.pid ] + _pidcmd=rc_pid=$(check_pidfile /var/amavis/amavisd.pid /usr/local/sbin/amavisd ) + [ -n rc_pid=$(check_pidfile /var/amavis/amavisd.pid /usr/local/sbin/amavisd ) ] + _keywords=start stop restart rcvar reload status poll + [ -z start ] + [ -n ] + eval rc_flags=$amavisd_flags + rc_flags= + eval _chdir=$amavisd_chdir _chroot=$amavisd_chroot _nice=$amavisd_nice _user=$amavisd_user _group=$amavisd_group _groups=$amavisd_groups + _chdir= _chroot= _nice= _user= _group= _groups= + [ -n ] + [ -n amavisd_enable -a start != rcvar ] + checkyesno amavisd_enable + eval _value=$amavisd_enable + _value=YES + debug checkyesno: amavisd_enable is set to YES. + return 0 + eval rc_pid=$(check_pidfile /var/amavis/amavisd.pid /usr/local/sbin/amavisd ) + check_pidfile /var/amavis/amavisd.pid /usr/local/sbin/amavisd + _pidfile=/var/amavis/amavisd.pid + _procname=/usr/local/sbin/amavisd + _interpreter= + [ -z /var/amavis/amavisd.pid -o -z /usr/local/sbin/amavisd ] + [ ! -f /var/amavis/amavisd.pid ] + debug pid file (/var/amavis/amavisd.pid): not readable. + return + rc_pid= + [ start != start ] + eval _cmd=$start_cmd _precmd=$start_precmd _postcmd=$start_postcmd + _cmd= _precmd=start_precmd _postcmd= + [ -n ] + [ -z -a -n ] + [ ! -x /usr/local/sbin/amavisd ] + _run_rc_precmd + check_required_before start + local _f + [ ! -r /usr/local/etc/amavisd.conf ] + return 0 + [ -n start_precmd ] + debug run_rc_command: start_precmd: start_precmd + eval start_precmd + start_precmd + rm -rf /var/amavis/tmp/* /var/amavis/tmp/. /var/amavis/tmp/.. + true + [ ] + _return=0 + [ 0 -ne 0 ] + check_required_after start + local _f _args + return 0 + return 0 + echo Starting amavisd. Starting amavisd. + [ -n ] + _doit=/usr/local/sbin/amavisd > /dev/null 2>&1 + [ -n ] + [ -n ] + _run_rc_doit /usr/local/sbin/amavisd > /dev/null 2>&1 + debug run_rc_command: doit: /usr/local/sbin/amavisd > /dev/null 2>&1 + eval /usr/local/sbin/amavisd > /dev/null 2>&1 + /usr/local/sbin/amavisd + _return=2 + [ 2 -ne 0 ] + [ -z ] + return 1 + return 1 k222#
/var/log/console.log
Apr 1 09:24:35 flora kernel: Mon Apr 1 09:24:35 JST 2013 Apr 1 13:35:41 flora kernel: Apr 1 13:35:41 flora kernel: pid 1418 (clamd), uid 110, was killed: out of swap space Apr 1 16:41:59 flora kernel: Apr 1 16:41:59 flora postfix/scache[2967]: fatal: unexpected command-line argument: user=clamav Apr 1 16:43:02 flora kernel: Apr 1 16:43:01 flora postfix/scache[2972]: fatal: unexpected command-line argument: user=clamav
と言うわけで、pid 1418 (clamd)が落ちてるわけで・・・スクリプトで動作確認して落ちてたら上げる、って目論見だけど
flora{102} % ps aux | grep clamd
clamav 1420 0.0 6.9 182920 16344 ?? Is 5:43PM 0:00.00 /usr/local/sbin/clamd
root 1627 0.0 0.6 9636 1492 0 S+ 5:47PM 0:00.00 grep clamd
flora{103} % ps aux | grep clamav
clamav 1415 0.0 1.7 83356 4056 ?? Ss 5:41PM 0:10.83 /usr/local/sbin/amavisd (master) (perl)
clamav 1418 0.0 1.4 84172 3300 ?? I 5:42PM 0:00.04 /usr/local/sbin/amavisd (virgin child) (perl)
clamav 1419 0.0 0.0 84172 0 ?? IW - 0:00.00 /usr/local/sbin/amavisd (virgin child) (perl)
clamav 1420 0.0 6.9 182920 16344 ?? Is 5:43PM 0:00.00 /usr/local/sbin/clamd
clamav 1423 0.0 1.5 21100 3592 ?? Is 5:45PM 0:03.57 /usr/local/bin/freshclam --daemon -p /var/run/clamav/freshclam.pid
root 1629 0.0 0.6 9636 1492 0 S+ 5:48PM 0:00.00 grep clamav
どっちがよいのでしょうか?
参考URL
多量のspamが来て/usr/local/sbin/spamass-milter が停止
killedでclamd が動かなくなり、spam判定がスルーされて「***UNCHECKED***」がつきます。
これを避ける為にaddhock だけど、スクリプトを仕掛けcronで10分に1回監視する。
以下が /etc/crontab に追加した行、10分に1回立ち上がります。
10 * * * * root /root/bin/checkclamd.sh
checkclamd.shの内容
clamdというプロセスがあるかどうか調べ無かったら立ち上げたあと、再起動したよというレポートをpostmaster に送る。
#!/usr/local/bin/bash
r=`ps -ax | grep clamd | grep -v grep`
if [ "$r" == "" ]
then
/usr/local/etc/rc.d/clamav-clamd start
echo "clamd@mail was down, it is UP now" | mail -s "clamd @mail_kuji-clinic.info was DOWN!" postmaster@kuji-clinic.info
fi
exit 0
これで安心。チェックする間隔があまりにも短いとまだswapが足りなくなっている状態で再起動するため起動しないかもしれません。(10分でいいかどうかもわかりませんが)
抜本的には多量のspamが来てもいいよう高速のCPUと大容量のメモリを搭載する、ヨロシ。
Total access 5764:本日 1:昨日 0
