CONTENTS
Lastmodified 2022-02-08 (火) 10:47:02
わらわらとportupgrade -r したら、amavisd がうごかなくなった。
再インストールしても、状況変わらず。
どうやら、なんか、依存しているパッケージがおかしくなったっぽい。で、portの依存関係をしらべてみる。
# cd /usr/ports/security/amavisd-new root@blackcube:/usr/ports/security/amavisd-new # make all-depends-list /usr/ports/sysutils/p5-Unix-Syslog /usr/ports/mail/p5-MIME-Tools /usr/ports/converters/p5-Convert-TNEF /usr/ports/converters/p5-Convert-UUlib /usr/ports/archivers/p5-Archive-Zip /usr/ports/net/p5-Net-Server /usr/ports/mail/p5-Mail-DKIM /usr/ports/net/p5-IO-Socket-INET6 /usr/ports/databases/p5-BerkeleyDB /usr/ports/databases/p5-DBD-mysql /usr/ports/mail/p5-Mail-SpamAssassin /usr/ports/sysutils/file /usr/ports/archivers/unrar /usr/ports/archivers/arj /usr/ports/archivers/lha /usr/ports/archivers/arc /usr/ports/archivers/cabextract /usr/ports/archivers/rpm2cpio /usr/ports/archivers/zoo /usr/ports/archivers/lzop /usr/ports/archivers/freeze /usr/ports/archivers/p7zip /usr/ports/textproc/ripole /usr/ports/lang/perl5.14 /usr/ports/converters/p5-Convert-BinHex /usr/ports/devel/p5-IO-stringy /usr/ports/mail/p5-Mail-Tools /usr/ports/devel/p5-IO-Multiplex /usr/ports/net/p5-Socket6 /usr/ports/security/p5-Crypt-OpenSSL-RSA /usr/ports/dns/p5-Net-DNS /usr/ports/databases/db47 /usr/ports/databases/p5-DBI /usr/ports/security/p5-Crypt-SSLeay /usr/ports/databases/mysql51-client /usr/ports/net-mgmt/p5-NetAddr-IP /usr/ports/www/p5-HTML-Parser /usr/ports/www/p5-libwww /usr/ports/converters/p5-Encode-Detect /usr/ports/security/p5-IO-Socket-SSL /usr/ports/security/gnupg1 /usr/ports/mail/razor-agents /usr/ports/devel/libtool /usr/ports/devel/gmake /usr/ports/devel/autoconf /usr/ports/archivers/lzo2 /usr/ports/devel/p5-TimeDate /usr/ports/security/p5-Crypt-OpenSSL-Bignum /usr/ports/security/p5-Crypt-OpenSSL-Random /usr/ports/security/p5-Digest-HMAC /usr/ports/dns/p5-Net-LibIDN /usr/ports/www/p5-LWP-Protocol-https /usr/ports/www/p5-HTML-Tagset /usr/ports/security/p5-Authen-NTLM /usr/ports/converters/p5-Encode-Locale /usr/ports/sysutils/p5-File-Listing /usr/ports/www/p5-HTTP-Cookies /usr/ports/www/p5-HTTP-Daemon /usr/ports/www/p5-HTTP-Date /usr/ports/www/p5-HTTP-Message /usr/ports/www/p5-HTTP-Negotiate /usr/ports/www/p5-LWP-MediaTypes /usr/ports/net/p5-Net-HTTP /usr/ports/net/p5-URI /usr/ports/www/p5-WWW-RobotRules /usr/ports/devel/p5-ExtUtils-CBuilder /usr/ports/devel/p5-Module-Build /usr/ports/security/p5-Net-SSLeay /usr/ports/net/p5-IO-Socket-IP /usr/ports/net/p5-Socket /usr/ports/ftp/curl /usr/ports/devel/gettext /usr/ports/security/p5-Digest-SHA1 /usr/ports/converters/libiconv /usr/ports/devel/m4 /usr/ports/misc/help2man /usr/ports/devel/autoconf-wrapper /usr/ports/dns/libidn /usr/ports/www/p5-Mozilla-CA /usr/ports/devel/p5-IO-HTML /usr/ports/security/ca_root_nss /usr/ports/devel/p5-Locale-gettext /usr/ports/devel/pkgconf root@blackcube:/usr/ports/security/amavisd-new #
うわっ、こんなにある・・・。ということで、まず、リーフパッケージを掃除してみてから・・・ってことにする
# pkg_cleanup
で、amavisd-new とその依存リーフパッケージを削除。
http://gihyo.jp/admin/clip/01/fdt/201111/28
portinstall security/amavisd-new
依然として起動せず。(;。;)
reload オプションを試してみる。
root@blackcube:/root # /usr/local/etc/rc.d/amavisd reload ERROR: MISSING REQUIRED BASIC MODULES: IO::Stringy Unix::Syslog BEGIN failed--compilation aborted at /usr/local/sbin/amavisd line 246.
root@blackcube:/root # portupgrade -fr p5-IO-stringy-2.110 root@blackcube:/root # /usr/local/etc/rc.d/amavisd reload ERROR: MISSING REQUIRED BASIC MODULES: Unix::Syslog BEGIN failed--compilation aborted at /usr/local/sbin/amavisd line 246.
root@blackcube:/root # portupgrade -rf p5-Unix-Syslog-1.1
root@blackcube:/root # /usr/local/etc/rc.d/amavisd reload Problem in Amavis::DKIM code: Can't locate Crypt/OpenSSL/RSA.pm in @INC (@INC contains: /usr/local/lib/perl5/5.14/BSDPAN /usr/local/lib/perl5/site_perl/5.14/mach /usr/local/lib/perl5/site_perl/5.14 /usr/local/lib/perl5/5.14/mach /usr/local/lib/perl5/5.14) at (eval 97) line 50. BEGIN failed--compilation aborted at (eval 97) line 50.
root@blackcube:/root # portupgrade -rf p5-Crypt-OpenSSL-RSA-0.28
root@blackcube:/root # /usr/local/etc/rc.d/amavisd reload Problem in Amavis::Unpackers code: Can't locate Archive/Zip.pm in @INC (@INC contains: /usr/local/lib/perl5/5.14/BSDPAN /usr/local/lib/perl5/site_perl/5.14/mach /usr/local/lib/perl5/site_perl/5.14 /usr/local/lib/perl5/5.14/mach /usr/local/lib/perl5/5.14) at (eval 119) line 33. BEGIN failed--compilation aborted at (eval 119) line 33.
root@blackcube:/root # portupgrade -rf p5-Archive-Zip-1.30_1
root@blackcube:/root # /usr/local/etc/rc.d/amavisd reload Problem in Amavis::Unpackers code: Can't locate Convert/UUlib.pm in @INC (@INC contains: /usr/local/lib/perl5/5.14/BSDPAN /usr/local/lib/perl5/site_perl/5.14/mach /usr/local/lib/perl5/site_perl/5.14 /usr/local/lib/perl5/5.14/mach /usr/local/lib/perl5/5.14) at (eval 119) line 35. BEGIN failed--compilation aborted at (eval 119) line 35.
root@blackcube:/root # portupgrade -rf p5-Convert-UUlib-1.40,1
root@blackcube:/root # /usr/local/etc/rc.d/amavisd reload The amavisd daemon is apparently not running, no PID file /var/amavis/amavisd.pid
root@blackcube:/root # /usr/local/etc/rc.d/amavisd start Starting amavisd.
うっ・・・うごいた!ヽ(^。^)丿
と思ったら、エラー吐かずに動かない状態ですた。大泣き
どうやら、p5-関連で転けてる風味なので、
root@blackcube:/usr/ports/security/amavisd-new # make all-depends-list | grep p5- /usr/ports/sysutils/p5-Unix-Syslog /usr/ports/mail/p5-MIME-Tools /usr/ports/converters/p5-Convert-TNEF /usr/ports/converters/p5-Convert-UUlib /usr/ports/archivers/p5-Archive-Zip /usr/ports/net/p5-Net-Server /usr/ports/mail/p5-Mail-DKIM /usr/ports/net/p5-IO-Socket-INET6 /usr/ports/databases/p5-BerkeleyDB /usr/ports/databases/p5-DBD-mysql /usr/ports/mail/p5-Mail-SpamAssassin /usr/ports/converters/p5-Convert-BinHex /usr/ports/devel/p5-IO-stringy /usr/ports/mail/p5-Mail-Tools /usr/ports/devel/p5-IO-Multiplex /usr/ports/net/p5-Socket6 /usr/ports/security/p5-Crypt-OpenSSL-RSA /usr/ports/dns/p5-Net-DNS /usr/ports/databases/p5-DBI /usr/ports/security/p5-Crypt-SSLeay /usr/ports/net-mgmt/p5-NetAddr-IP /usr/ports/www/p5-HTML-Parser /usr/ports/www/p5-libwww /usr/ports/converters/p5-Encode-Detect /usr/ports/security/p5-IO-Socket-SSL /usr/ports/devel/p5-TimeDate /usr/ports/security/p5-Crypt-OpenSSL-Bignum /usr/ports/security/p5-Crypt-OpenSSL-Random /usr/ports/security/p5-Digest-HMAC /usr/ports/dns/p5-Net-LibIDN /usr/ports/www/p5-LWP-Protocol-https /usr/ports/www/p5-HTML-Tagset /usr/ports/security/p5-Authen-NTLM /usr/ports/converters/p5-Encode-Locale /usr/ports/sysutils/p5-File-Listing /usr/ports/www/p5-HTTP-Cookies /usr/ports/www/p5-HTTP-Daemon /usr/ports/www/p5-HTTP-Date /usr/ports/www/p5-HTTP-Message /usr/ports/www/p5-HTTP-Negotiate /usr/ports/www/p5-LWP-MediaTypes /usr/ports/net/p5-Net-HTTP /usr/ports/net/p5-URI /usr/ports/www/p5-WWW-RobotRules /usr/ports/devel/p5-ExtUtils-CBuilder /usr/ports/devel/p5-Module-Build /usr/ports/security/p5-Net-SSLeay /usr/ports/net/p5-IO-Socket-IP /usr/ports/net/p5-Socket /usr/ports/security/p5-Digest-SHA1 /usr/ports/www/p5-Mozilla-CA /usr/ports/devel/p5-IO-HTML /usr/ports/devel/p5-Locale-gettext root@blackcube:/usr/ports/security/amavisd-new #
もう、上から順番に、
portupgrade -rf devel/p5-IO-Multiplex net/p5-Socket6 security/p5-Crypt-OpenSSL-RSA dns/p5-Net-DNS databases/p5-DBI security/p5-Crypt-SSLeay net-mgmt/p5-NetAddr-IP www/p5-HTML-Parser www/p5-libwww converters/p5-Encode-Detect security/p5-IO-Socket-SSL devel/p5-TimeDate
みたいに、強制UPさせて、/usr/local/etc/rc.d/amavisd start /usr/local/etc/rc.d/amavisd reload してみたら、
root@blackcube:/usr/ports/security/amavisd-new # /usr/local/etc/rc.d/amavisd start Starting amavisd. root@blackcube:/usr/ports/security/amavisd-new # /usr/local/etc/rc.d/amavisd reload Signalling a SIGHUP to a running daemon [12278] root@blackcube:/usr/ports/security/amavisd-new # /usr/local/etc/rc.d/amavisd start amavisd already running? (pid=12278).
なんか、今度は、動いたっぽい! (?_?)
http://forums.freebsd.org/showthread.php?t=16379
WARNING: failed to start amavisdと言ってamavisdが起ち上がらない。 こうなると、connect to 127.0.0.1[127.0.0.1]:10024: Connection refused となって、メールがmailqにたまって不達となる。
コンソールで、
# /usr/local/etc/rc.d/amavisd start
してもダメなときは、さっさと
# rm -r /var/amavis
して、amavisd-newを再インストールする、ヨロシ。( ̄^ ̄)ゞ
VirusScan on FreeBSD 9.0R
amavisd-new のインストール
# cd /usr/ports/security/amavisd-new # make deinstall # cp Makefile Makefile_dist # vi Makefile
--------------------------------- - AMAVISUSER?= vscan #この部分を - AMAVISGROUP?= vscan --------------------------------- + AMAVISUSER?= clamav #このように編集 + AMAVISGROUP?= clamav ---------------------------------
# portinstall security/amavisd-new # rehash # /usr/local/etc/rc.d/amavisd start # /usr/local/etc/rc.d/amavisd status amavisd is running as pid 12663.
k222# sh -x /usr/local/etc/rc.d/amavisd start + . /etc/rc.subr + : rc.conf(5) + : 45291 + export RC_PID + [ -z ] + _rc_subr_loaded=YES + SYSCTL=/sbin/sysctl + SYSCTL_N=/sbin/sysctl -n + CMD_OSTYPE=/sbin/sysctl -n kern.ostype + /sbin/sysctl -n kern.ostype + OSTYPE=FreeBSD + ID=/usr/bin/id + IDCMD=if [ -x /usr/bin/id ]; then /usr/bin/id -un; fi + PS=/bin/ps -ww + /bin/ps -ww -p 45291 -o jid= + JID= 0 + SYSCTL_W=/sbin/sysctl + _rc_subr_loaded=: + name=amavisd + rcvar=amavisd_enable + load_rc_config amavisd + _name=amavisd + [ -z amavisd ] + false + [ -r /etc/defaults/rc.conf ] + debug Sourcing /etc/defaults/rc.conf + . /etc/defaults/rc.conf + rc_debug=NO + rc_info=NO + rcshutdown_timeout=30 + early_late_divider=FILESYSTEMS + swapfile=NO + apm_enable=NO + apmd_enable=NO + apmd_flags= + ddb_enable=NO + ddb_config=/etc/ddb.conf + devd_enable=YES + devd_flags= + kldxref_enable=NO + kldxref_clobber=NO + kldxref_module_path= + powerd_enable=NO + powerd_flags= + tmpmfs=AUTO + tmpsize=20m + tmpmfs_flags=-S + varmfs=AUTO + varsize=32m + varmfs_flags=-S + populate_var=AUTO + cleanvar_enable=YES + local_startup=/usr/local/etc/rc.d + script_name_sep= + rc_conf_files=/etc/rc.conf /etc/rc.conf.local + zfs_enable=NO + gbde_autoattach_all=NO + gbde_devices=NO + gbde_attach_attempts=3 + gbde_lockdir=/etc + geli_devices= + geli_tries= + geli_default_flags= + geli_autodetach=YES + geli_swap_flags=-e aes -l 256 -s 4096 -d + root_rw_mount=YES + fsck_y_enable=NO + background_fsck=YES + background_fsck_delay=60 + netfs_types=nfs:NFS nfs4:NFS4 smbfs:SMB portalfs:PORTAL nwfs:NWFS + extra_netfs_types=NO + hostname= + hostid_enable=YES + hostid_file=/etc/hostid + nisdomainname=NO + dhclient_program=/sbin/dhclient + dhclient_flags= + background_dhclient=NO + synchronous_dhclient=YES + firewall_enable=NO + firewall_script=/etc/rc.firewall + firewall_type=UNKNOWN + firewall_quiet=NO + firewall_logging=NO + firewall_flags= + firewall_client_net=192.0.2.0/24 + firewall_simple_iif=ed1 + firewall_simple_inet=192.0.2.16/28 + firewall_simple_oif=ed0 + firewall_simple_onet=192.0.2.0/28 + firewall_myservices= + firewall_allowservices= + firewall_trusted= + firewall_logdeny=NO + firewall_nologports=135-139,445 1026,1027 1433,1434 + firewall_nat_enable=NO + firewall_nat_interface= + firewall_nat_flags= + dummynet_enable=NO + ip_portrange_first=NO + ip_portrange_last=NO + ike_enable=NO + ike_program=/usr/local/sbin/isakmpd + ike_flags= + ipsec_enable=NO + ipsec_file=/etc/ipsec.conf + natd_program=/sbin/natd + natd_enable=NO + natd_interface= + natd_flags= + ipfilter_enable=NO + ipfilter_program=/sbin/ipf + ipfilter_rules=/etc/ipf.rules + ipfilter_flags= + ipnat_enable=NO + ipnat_program=/sbin/ipnat + ipnat_rules=/etc/ipnat.rules + ipnat_flags= + ipmon_enable=NO + ipmon_program=/sbin/ipmon + ipmon_flags=-Ds + ipfs_enable=NO + ipfs_program=/sbin/ipfs + ipfs_flags= + pf_enable=NO + pf_rules=/etc/pf.conf + pf_program=/sbin/pfctl + pf_flags= + pflog_enable=NO + pflog_logfile=/var/log/pflog + pflog_program=/sbin/pflogd + pflog_flags= + ftpproxy_enable=NO + ftpproxy_flags= + pfsync_enable=NO + pfsync_syncdev= + pfsync_syncpeer= + pfsync_ifconfig= + tcp_extensions=YES + log_in_vain=0 + tcp_keepalive=YES + tcp_drop_synfin=NO + icmp_drop_redirect=NO + icmp_log_redirect=NO + network_interfaces=auto + cloned_interfaces= + ifconfig_lo0=inet 127.0.0.1 + sppp_interfaces= + gif_interfaces= + fec_interfaces= + ppp_enable=NO + ppp_program=/usr/sbin/ppp + ppp_mode=auto + ppp_nat=YES + ppp_profile=papchap + ppp_user=root + hostapd_enable=NO + syslogd_enable=YES + syslogd_program=/usr/sbin/syslogd + syslogd_flags=-s + inetd_enable=NO + inetd_program=/usr/sbin/inetd + inetd_flags=-wW -C 60 + named_enable=NO + named_program=/usr/sbin/named + named_pidfile=/var/run/named/pid + named_uid=bind + named_chrootdir=/var/named + named_chroot_autoupdate=YES + named_symlink_enable=YES + kerberos5_server_enable=NO + kerberos5_server=/usr/libexec/kdc + kerberos5_server_flags=--detach + kadmind5_server_enable=NO + kadmind5_server=/usr/libexec/kadmind + kpasswdd_server_enable=NO + kpasswdd_server=/usr/libexec/kpasswdd + rwhod_enable=NO + rwhod_flags= + rarpd_enable=NO + rarpd_flags=-a + bootparamd_enable=NO + bootparamd_flags= + pppoed_enable=NO + pppoed_provider=* + pppoed_flags=-P /var/run/pppoed.pid + pppoed_interface=fxp0 + sshd_enable=NO + sshd_program=/usr/sbin/sshd + sshd_flags= + ftpd_enable=NO + ftpd_program=/usr/libexec/ftpd + ftpd_flags= + amd_enable=NO + amd_program=/usr/sbin/amd + amd_flags=-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map + amd_map_program=NO + nfs_client_enable=NO + nfs_access_cache=60 + nfs_server_enable=NO + nfs_server_flags=-u -t -n 4 + idmapd_enable=NO + idmapd_flags= + mountd_enable=NO + mountd_flags=-r + weak_mountd_authentication=NO + nfs_reserved_port_only=NO + nfs_bufpackets= + rpc_lockd_enable=NO + rpc_lockd_flags= + rpc_statd_enable=NO + rpc_statd_flags= + rpcbind_enable=NO + rpcbind_program=/usr/sbin/rpcbind + rpcbind_flags= + rpc_ypupdated_enable=NO + keyserv_enable=NO + keyserv_flags= + timed_enable=NO + timed_flags= + ntpdate_enable=NO + ntpdate_program=/usr/sbin/ntpdate + ntpdate_flags=-b + ntpdate_config=/etc/ntp.conf + ntpdate_hosts= + ntpd_enable=NO + ntpd_program=/usr/sbin/ntpd + ntpd_config=/etc/ntp.conf + ntpd_sync_on_start=NO + ntpd_flags=-p /var/run/ntpd.pid -f /var/db/ntpd.drift + nis_client_enable=NO + nis_client_flags= + nis_ypset_enable=NO + nis_ypset_flags= + nis_server_enable=NO + nis_server_flags= + nis_ypxfrd_enable=NO + nis_ypxfrd_flags= + nis_yppasswdd_enable=NO + nis_yppasswdd_flags= + bsnmpd_enable=NO + bsnmpd_flags= + defaultrouter=NO + static_routes= + natm_static_routes= + gateway_enable=NO + router_enable=NO + router=/sbin/routed + router_flags=-q + mrouted_enable=NO + mrouted_program=/usr/local/sbin/mrouted + mrouted_flags= + ipxgateway_enable=NO + ipxrouted_enable=NO + ipxrouted_flags= + arpproxy_all=NO + forward_sourceroute=NO + accept_sourceroute=NO + atm_enable=NO + atm_pvcs= + atm_arps= + isdn_enable=NO + isdn_fsdev=NO + isdn_flags=-dn -d0x1f9 + isdn_ttype=cons25 + isdn_screenflags=NO + isdn_trace=NO + isdn_traceflags=-f /var/tmp/isdntrace0 + hcsecd_enable=NO + hcsecd_config=/etc/bluetooth/hcsecd.conf + sdpd_enable=NO + sdpd_control=/var/run/sdp + sdpd_groupname=nobody + sdpd_username=nobody + bthidd_enable=NO + bthidd_config=/etc/bluetooth/bthidd.conf + bthidd_hids=/var/db/bthidd.hids + rfcomm_pppd_server_enable=NO + rfcomm_pppd_server_profile=one two + rfcomm_pppd_server_one_channel=1 + rfcomm_pppd_server_two_channel=3 + icmp_bmcastecho=NO + ipv6_enable=NO + ipv6_network_interfaces=auto + ipv6_defaultrouter=NO + ipv6_static_routes= + ipv6_gateway_enable=NO + ipv6_router_enable=NO + ipv6_router=/usr/sbin/route6d + ipv6_router_flags= + ipv6_default_interface=NO + rtsol_flags= + rtadvd_enable=NO + rtadvd_interfaces= + mroute6d_enable=NO + mroute6d_program=/usr/local/sbin/pim6dd + mroute6d_flags= + stf_interface_ipv4addr= + stf_interface_ipv4plen=0 + stf_interface_ipv6_ifid=0:0:0:1 + stf_interface_ipv6_slaid=0000 + ipv6_faith_prefix=NO + ipv6_ipv4mapping=NO + ipv6_firewall_enable=NO + ipv6_firewall_script=/etc/rc.firewall6 + ipv6_firewall_type=UNKNOWN + ipv6_firewall_quiet=NO + ipv6_firewall_logging=NO + ipv6_firewall_flags= + ipv6_ipfilter_rules=/etc/ipf6.rules + ip6addrctl_enable=YES + ip6addrctl_verbose=NO + keyboard= + keymap=NO + keyrate=NO + keybell=NO + keychange=NO + cursor=NO + scrnmap=NO + font8x16=NO + font8x14=NO + font8x8=NO + blanktime=300 + saver=NO + moused_nondefault_enable=YES + moused_enable=NO + moused_type=auto + moused_port=/dev/psm0 + moused_flags= + mousechar_start=NO + allscreens_flags= + allscreens_kbdflags= + mta_start_script=/etc/rc.sendmail + sendmail_enable=NO + sendmail_pidfile=/var/run/sendmail.pid + sendmail_procname=/usr/sbin/sendmail + sendmail_flags=-L sm-mta -bd -q30m + sendmail_submit_enable=YES + sendmail_submit_flags=-L sm-mta -bd -q30m -ODaemonPortOptions=Addr=localhost + sendmail_outbound_enable=YES + sendmail_outbound_flags=-L sm-queue -q30m + sendmail_msp_queue_enable=YES + sendmail_msp_queue_flags=-L sm-msp-queue -Ac -q30m + sendmail_rebuild_aliases=NO + auditd_enable=NO + auditd_program=/usr/sbin/auditd + auditd_flags= + cron_enable=YES + cron_program=/usr/sbin/cron + cron_dst=YES + cron_flags= + lpd_enable=NO + lpd_program=/usr/sbin/lpd + lpd_flags= + nscd_enable=NO + chkprintcap_enable=NO + chkprintcap_flags=-d + dumpdev=AUTO + dumpdir=/var/crash + savecore_flags= + crashinfo_enable=NO + crashinfo_program=/usr/sbin/crashinfo + enable_quotas=NO + check_quotas=YES + quotaon_flags=-a + quotaoff_flags=-a + quotacheck_flags=-a + accounting_enable=NO + ibcs2_enable=NO + ibcs2_loaders=coff + sysvipc_enable=NO + linux_enable=NO + svr4_enable=NO + clear_tmp_enable=NO + clear_tmp_X=YES + ldconfig_insecure=NO + ldconfig_paths=/usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg + ldconfig32_paths=/usr/lib32 + ldconfig_paths_aout=/usr/lib/compat/aout /usr/local/lib/aout + ldconfig_local_dirs=/usr/local/libdata/ldconfig + ldconfig_local32_dirs=/usr/local/libdata/ldconfig32 + kern_securelevel_enable=NO + kern_securelevel=-1 + update_motd=YES + entropy_file=/entropy + entropy_dir=/var/db/entropy + entropy_save_sz=2048 + entropy_save_num=8 + harvest_interrupt=YES + harvest_ethernet=YES + harvest_p_to_p=YES + dmesg_enable=YES + watchdogd_enable=NO + devfs_rulesets=/etc/defaults/devfs.rules /etc/devfs.rules + devfs_system_ruleset= + devfs_set_rulesets= + performance_cx_lowest=HIGH + performance_cpu_freq=NONE + economy_cx_lowest=HIGH + economy_cpu_freq=NONE + virecover_enable=YES + ugidfw_enable=NO + bsdextended_script=/etc/rc.bsdextended + newsyslog_enable=YES + newsyslog_flags=-CN + mixer_enable=YES + jail_enable=NO + jail_list= + jail_set_hostname_allow=YES + jail_socket_unixiproute_only=YES + jail_sysvipc_allow=NO + [ -z ] + source_rc_confs_defined=yes + source_rc_confs + local i sourced_files + sourced_files=:/etc/rc.conf: + [ -r /etc/rc.conf ] + . /etc/rc.conf + defaultrouter=210.255.122.209 + hostname=k222.kuji-clinic.net + ifconfig_em0=inet 210.255.122.222 netmask 255.255.255.240 + ifconfig_em0_alias0=inet 210.255.122.211 netmask 255.255.255.255 + inetd_enable=NO + keymap=jp.106 + moused_enable=YES + sshd_enable=YES + usbd_enable=YES + ntpd_enable=YES + sendmail_enable=NO + sendmail_submit_enable=NO + sendmail_outbound_enable=NO + sendmail_msp_queue_enable=NO + postfix_enable=YES + apache22_enable=YES + mailman_enable=YES + clamav_clamd_enable=YES + clamav_freshclam_enable=YES + amavisd_enable=YES + spamd_enable=NO + ntpdate_enable=YES + inetd_enable=YES + mysql_enable=YES + svnserve_enable=YES + named_enable=YES + snmpd_enable=YES + snmpd_flags=-a + snmpd_conffile=/usr/local/share/snmp/snmpd.conf /etc/snmpd.config + snmptrapd_enable=YES + snmptrapd_flags=-a -p /var/run/snmptrapd.pid + sourced_files=:/etc/rc.conf::/etc/rc.conf.local: + [ -r /etc/rc.conf.local ] + _rc_conf_loaded=true + [ -f /etc/rc.conf.d/amavisd ] + : YES + pidfile=/var/amavis/amavisd.pid + command=/usr/local/sbin/amavisd + command_args=> /dev/null 2>&1 + required_files=/usr/local/etc/amavisd.conf + extra_commands=reload + start_precmd=start_precmd + stop_postcmd=rm -f /var/amavis/amavisd.pid + reload_cmd=/usr/local/sbin/amavisd reload + run_rc_command start + _return=0 + rc_arg=start + [ -z amavisd ] + shift 1 + rc_extra_args= + _rc_prefix= + eval _override_command=$amavisd_program + _override_command= + command=/usr/local/sbin/amavisd + _keywords=start stop restart rcvar reload + rc_pid= + _pidcmd= + _procname=/usr/local/sbin/amavisd + [ -n /usr/local/sbin/amavisd ] + [ -n /var/amavis/amavisd.pid ] + _pidcmd=rc_pid=$(check_pidfile /var/amavis/amavisd.pid /usr/local/sbin/amavisd ) + [ -n rc_pid=$(check_pidfile /var/amavis/amavisd.pid /usr/local/sbin/amavisd ) ] + _keywords=start stop restart rcvar reload status poll + [ -z start ] + [ -n ] + eval rc_flags=$amavisd_flags + rc_flags= + eval _chdir=$amavisd_chdir _chroot=$amavisd_chroot _nice=$amavisd_nice _user=$amavisd_user _group=$amavisd_group _groups=$amavisd_groups + _chdir= _chroot= _nice= _user= _group= _groups= + [ -n ] + [ -n amavisd_enable -a start != rcvar ] + checkyesno amavisd_enable + eval _value=$amavisd_enable + _value=YES + debug checkyesno: amavisd_enable is set to YES. + return 0 + eval rc_pid=$(check_pidfile /var/amavis/amavisd.pid /usr/local/sbin/amavisd ) + check_pidfile /var/amavis/amavisd.pid /usr/local/sbin/amavisd + _pidfile=/var/amavis/amavisd.pid + _procname=/usr/local/sbin/amavisd + _interpreter= + [ -z /var/amavis/amavisd.pid -o -z /usr/local/sbin/amavisd ] + [ ! -f /var/amavis/amavisd.pid ] + debug pid file (/var/amavis/amavisd.pid): not readable. + return + rc_pid= + [ start != start ] + eval _cmd=$start_cmd _precmd=$start_precmd _postcmd=$start_postcmd + _cmd= _precmd=start_precmd _postcmd= + [ -n ] + [ -z -a -n ] + [ ! -x /usr/local/sbin/amavisd ] + _run_rc_precmd + check_required_before start + local _f + [ ! -r /usr/local/etc/amavisd.conf ] + return 0 + [ -n start_precmd ] + debug run_rc_command: start_precmd: start_precmd + eval start_precmd + start_precmd + rm -rf /var/amavis/tmp/* /var/amavis/tmp/. /var/amavis/tmp/.. + true + [ ] + _return=0 + [ 0 -ne 0 ] + check_required_after start + local _f _args + return 0 + return 0 + echo Starting amavisd. Starting amavisd. + [ -n ] + _doit=/usr/local/sbin/amavisd > /dev/null 2>&1 + [ -n ] + [ -n ] + _run_rc_doit /usr/local/sbin/amavisd > /dev/null 2>&1 + debug run_rc_command: doit: /usr/local/sbin/amavisd > /dev/null 2>&1 + eval /usr/local/sbin/amavisd > /dev/null 2>&1 + /usr/local/sbin/amavisd + _return=2 + [ 2 -ne 0 ] + [ -z ] + return 1 + return 1 k222#
/var/log/console.log
Apr 1 09:24:35 flora kernel: Mon Apr 1 09:24:35 JST 2013 Apr 1 13:35:41 flora kernel: Apr 1 13:35:41 flora kernel: pid 1418 (clamd), uid 110, was killed: out of swap space Apr 1 16:41:59 flora kernel: Apr 1 16:41:59 flora postfix/scache[2967]: fatal: unexpected command-line argument: user=clamav Apr 1 16:43:02 flora kernel: Apr 1 16:43:01 flora postfix/scache[2972]: fatal: unexpected command-line argument: user=clamav
と言うわけで、pid 1418 (clamd)が落ちてるわけで・・・スクリプトで動作確認して落ちてたら上げる、って目論見だけど
flora{102} % ps aux | grep clamd clamav 1420 0.0 6.9 182920 16344 ?? Is 5:43PM 0:00.00 /usr/local/sbin/clamd root 1627 0.0 0.6 9636 1492 0 S+ 5:47PM 0:00.00 grep clamd
flora{103} % ps aux | grep clamav clamav 1415 0.0 1.7 83356 4056 ?? Ss 5:41PM 0:10.83 /usr/local/sbin/amavisd (master) (perl) clamav 1418 0.0 1.4 84172 3300 ?? I 5:42PM 0:00.04 /usr/local/sbin/amavisd (virgin child) (perl) clamav 1419 0.0 0.0 84172 0 ?? IW - 0:00.00 /usr/local/sbin/amavisd (virgin child) (perl) clamav 1420 0.0 6.9 182920 16344 ?? Is 5:43PM 0:00.00 /usr/local/sbin/clamd clamav 1423 0.0 1.5 21100 3592 ?? Is 5:45PM 0:03.57 /usr/local/bin/freshclam --daemon -p /var/run/clamav/freshclam.pid root 1629 0.0 0.6 9636 1492 0 S+ 5:48PM 0:00.00 grep clamav
どっちがよいのでしょうか?
参考URL
多量のspamが来て/usr/local/sbin/spamass-milter が停止
killedでclamd が動かなくなり、spam判定がスルーされて「***UNCHECKED***」がつきます。
これを避ける為にaddhock だけど、スクリプトを仕掛けcronで10分に1回監視する。
以下が /etc/crontab に追加した行、10分に1回立ち上がります。
10 * * * * root /root/bin/checkclamd.sh
checkclamd.shの内容
clamdというプロセスがあるかどうか調べ無かったら立ち上げたあと、再起動したよというレポートをpostmaster に送る。
#!/usr/local/bin/bash r=`ps -ax | grep clamd | grep -v grep` if [ "$r" == "" ] then /usr/local/etc/rc.d/clamav-clamd start echo "clamd@mail was down, it is UP now" | mail -s "clamd @mail_kuji-clinic.info was DOWN!" postmaster@kuji-clinic.info fi exit 0
これで安心。チェックする間隔があまりにも短いとまだswapが足りなくなっている状態で再起動するため起動しないかもしれません。(10分でいいかどうかもわかりませんが)
抜本的には多量のspamが来てもいいよう高速のCPUと大容量のメモリを搭載する、ヨロシ。
Total access 5768:本日 1:昨日 0