CONTENTS


Lastmodified 2022-02-08 (火) 10:47:02


WARNING: failed to start amavisd その2

わらわらとportupgrade -r したら、amavisd がうごかなくなった。

再インストールしても、状況変わらず。

どうやら、なんか、依存しているパッケージがおかしくなったっぽい。で、portの依存関係をしらべてみる。

# cd /usr/ports/security/amavisd-new
root@blackcube:/usr/ports/security/amavisd-new # make all-depends-list
/usr/ports/sysutils/p5-Unix-Syslog
/usr/ports/mail/p5-MIME-Tools
/usr/ports/converters/p5-Convert-TNEF
/usr/ports/converters/p5-Convert-UUlib
/usr/ports/archivers/p5-Archive-Zip
/usr/ports/net/p5-Net-Server
/usr/ports/mail/p5-Mail-DKIM
/usr/ports/net/p5-IO-Socket-INET6
/usr/ports/databases/p5-BerkeleyDB
/usr/ports/databases/p5-DBD-mysql
/usr/ports/mail/p5-Mail-SpamAssassin
/usr/ports/sysutils/file
/usr/ports/archivers/unrar
/usr/ports/archivers/arj
/usr/ports/archivers/lha
/usr/ports/archivers/arc
/usr/ports/archivers/cabextract
/usr/ports/archivers/rpm2cpio
/usr/ports/archivers/zoo
/usr/ports/archivers/lzop
/usr/ports/archivers/freeze
/usr/ports/archivers/p7zip
/usr/ports/textproc/ripole
/usr/ports/lang/perl5.14
/usr/ports/converters/p5-Convert-BinHex
/usr/ports/devel/p5-IO-stringy
/usr/ports/mail/p5-Mail-Tools
/usr/ports/devel/p5-IO-Multiplex
/usr/ports/net/p5-Socket6
/usr/ports/security/p5-Crypt-OpenSSL-RSA
/usr/ports/dns/p5-Net-DNS
/usr/ports/databases/db47
/usr/ports/databases/p5-DBI
/usr/ports/security/p5-Crypt-SSLeay
/usr/ports/databases/mysql51-client
/usr/ports/net-mgmt/p5-NetAddr-IP
/usr/ports/www/p5-HTML-Parser
/usr/ports/www/p5-libwww
/usr/ports/converters/p5-Encode-Detect
/usr/ports/security/p5-IO-Socket-SSL
/usr/ports/security/gnupg1
/usr/ports/mail/razor-agents
/usr/ports/devel/libtool
/usr/ports/devel/gmake
/usr/ports/devel/autoconf
/usr/ports/archivers/lzo2
/usr/ports/devel/p5-TimeDate
/usr/ports/security/p5-Crypt-OpenSSL-Bignum
/usr/ports/security/p5-Crypt-OpenSSL-Random
/usr/ports/security/p5-Digest-HMAC
/usr/ports/dns/p5-Net-LibIDN
/usr/ports/www/p5-LWP-Protocol-https
/usr/ports/www/p5-HTML-Tagset
/usr/ports/security/p5-Authen-NTLM
/usr/ports/converters/p5-Encode-Locale
/usr/ports/sysutils/p5-File-Listing
/usr/ports/www/p5-HTTP-Cookies
/usr/ports/www/p5-HTTP-Daemon
/usr/ports/www/p5-HTTP-Date
/usr/ports/www/p5-HTTP-Message
/usr/ports/www/p5-HTTP-Negotiate
/usr/ports/www/p5-LWP-MediaTypes
/usr/ports/net/p5-Net-HTTP
/usr/ports/net/p5-URI
/usr/ports/www/p5-WWW-RobotRules
/usr/ports/devel/p5-ExtUtils-CBuilder
/usr/ports/devel/p5-Module-Build
/usr/ports/security/p5-Net-SSLeay
/usr/ports/net/p5-IO-Socket-IP
/usr/ports/net/p5-Socket
/usr/ports/ftp/curl
/usr/ports/devel/gettext
/usr/ports/security/p5-Digest-SHA1
/usr/ports/converters/libiconv
/usr/ports/devel/m4
/usr/ports/misc/help2man
/usr/ports/devel/autoconf-wrapper
/usr/ports/dns/libidn
/usr/ports/www/p5-Mozilla-CA
/usr/ports/devel/p5-IO-HTML
/usr/ports/security/ca_root_nss
/usr/ports/devel/p5-Locale-gettext
/usr/ports/devel/pkgconf
root@blackcube:/usr/ports/security/amavisd-new #

うわっ、こんなにある・・・。ということで、まず、リーフパッケージを掃除してみてから・・・ってことにする

# pkg_cleanup

で、amavisd-new とその依存リーフパッケージを削除。

http://gihyo.jp/admin/clip/01/fdt/201111/28

portinstall security/amavisd-new

依然として起動せず。(;。;)

reload オプションを試してみる。

root@blackcube:/root # /usr/local/etc/rc.d/amavisd reload
ERROR: MISSING REQUIRED BASIC MODULES:
  IO::Stringy
  Unix::Syslog
BEGIN failed--compilation aborted at /usr/local/sbin/amavisd line 246.
root@blackcube:/root # portupgrade -fr p5-IO-stringy-2.110

root@blackcube:/root # /usr/local/etc/rc.d/amavisd reload
ERROR: MISSING REQUIRED BASIC MODULES:
  Unix::Syslog
BEGIN failed--compilation aborted at /usr/local/sbin/amavisd line 246.
root@blackcube:/root # portupgrade -rf p5-Unix-Syslog-1.1
root@blackcube:/root # /usr/local/etc/rc.d/amavisd reload
Problem in Amavis::DKIM code: Can't locate Crypt/OpenSSL/RSA.pm in @INC (@INC contains: /usr/local/lib/perl5/5.14/BSDPAN /usr/local/lib/perl5/site_perl/5.14/mach  /usr/local/lib/perl5/site_perl/5.14
/usr/local/lib/perl5/5.14/mach /usr/local/lib/perl5/5.14) at (eval 97) line 50.
BEGIN failed--compilation aborted at (eval 97) line 50.
root@blackcube:/root # portupgrade -rf p5-Crypt-OpenSSL-RSA-0.28
root@blackcube:/root # /usr/local/etc/rc.d/amavisd reload
Problem in Amavis::Unpackers code: Can't locate Archive/Zip.pm in @INC (@INC contains: /usr/local/lib/perl5/5.14/BSDPAN
/usr/local/lib/perl5/site_perl/5.14/mach /usr/local/lib/perl5/site_perl/5.14 /usr/local/lib/perl5/5.14/mach /usr/local/lib/perl5/5.14)
at (eval 119) line 33.
BEGIN failed--compilation aborted at (eval 119) line 33.
root@blackcube:/root # portupgrade -rf p5-Archive-Zip-1.30_1
root@blackcube:/root # /usr/local/etc/rc.d/amavisd reload
Problem in Amavis::Unpackers code: Can't locate Convert/UUlib.pm in @INC (@INC contains: /usr/local/lib/perl5/5.14/BSDPAN
/usr/local/lib/perl5/site_perl/5.14/mach /usr/local/lib/perl5/site_perl/5.14 /usr/local/lib/perl5/5.14/mach /usr/local/lib/perl5/5.14)
at (eval 119) line 35.
BEGIN failed--compilation aborted at (eval 119) line 35.
root@blackcube:/root # portupgrade -rf p5-Convert-UUlib-1.40,1
root@blackcube:/root # /usr/local/etc/rc.d/amavisd reload
The amavisd daemon is apparently not running, no PID file /var/amavis/amavisd.pid
root@blackcube:/root # /usr/local/etc/rc.d/amavisd start
Starting amavisd.

うっ・・・うごいた!ヽ(^。^)丿

と思ったら、エラー吐かずに動かない状態ですた。大泣き

どうやら、p5-関連で転けてる風味なので、

root@blackcube:/usr/ports/security/amavisd-new # make all-depends-list | grep p5-
/usr/ports/sysutils/p5-Unix-Syslog
/usr/ports/mail/p5-MIME-Tools
/usr/ports/converters/p5-Convert-TNEF
/usr/ports/converters/p5-Convert-UUlib
/usr/ports/archivers/p5-Archive-Zip
/usr/ports/net/p5-Net-Server
/usr/ports/mail/p5-Mail-DKIM
/usr/ports/net/p5-IO-Socket-INET6
/usr/ports/databases/p5-BerkeleyDB
/usr/ports/databases/p5-DBD-mysql
/usr/ports/mail/p5-Mail-SpamAssassin
/usr/ports/converters/p5-Convert-BinHex
/usr/ports/devel/p5-IO-stringy
/usr/ports/mail/p5-Mail-Tools
/usr/ports/devel/p5-IO-Multiplex
/usr/ports/net/p5-Socket6
/usr/ports/security/p5-Crypt-OpenSSL-RSA
/usr/ports/dns/p5-Net-DNS
/usr/ports/databases/p5-DBI
/usr/ports/security/p5-Crypt-SSLeay
/usr/ports/net-mgmt/p5-NetAddr-IP
/usr/ports/www/p5-HTML-Parser
/usr/ports/www/p5-libwww
/usr/ports/converters/p5-Encode-Detect
/usr/ports/security/p5-IO-Socket-SSL
/usr/ports/devel/p5-TimeDate
/usr/ports/security/p5-Crypt-OpenSSL-Bignum
/usr/ports/security/p5-Crypt-OpenSSL-Random
/usr/ports/security/p5-Digest-HMAC
/usr/ports/dns/p5-Net-LibIDN
/usr/ports/www/p5-LWP-Protocol-https
/usr/ports/www/p5-HTML-Tagset
/usr/ports/security/p5-Authen-NTLM
/usr/ports/converters/p5-Encode-Locale
/usr/ports/sysutils/p5-File-Listing
/usr/ports/www/p5-HTTP-Cookies
/usr/ports/www/p5-HTTP-Daemon
/usr/ports/www/p5-HTTP-Date
/usr/ports/www/p5-HTTP-Message
/usr/ports/www/p5-HTTP-Negotiate
/usr/ports/www/p5-LWP-MediaTypes
/usr/ports/net/p5-Net-HTTP
/usr/ports/net/p5-URI
/usr/ports/www/p5-WWW-RobotRules
/usr/ports/devel/p5-ExtUtils-CBuilder
/usr/ports/devel/p5-Module-Build
/usr/ports/security/p5-Net-SSLeay
/usr/ports/net/p5-IO-Socket-IP
/usr/ports/net/p5-Socket
/usr/ports/security/p5-Digest-SHA1
/usr/ports/www/p5-Mozilla-CA
/usr/ports/devel/p5-IO-HTML
/usr/ports/devel/p5-Locale-gettext
root@blackcube:/usr/ports/security/amavisd-new #

もう、上から順番に、

portupgrade -rf devel/p5-IO-Multiplex net/p5-Socket6 security/p5-Crypt-OpenSSL-RSA dns/p5-Net-DNS databases/p5-DBI security/p5-Crypt-SSLeay
net-mgmt/p5-NetAddr-IP www/p5-HTML-Parser www/p5-libwww converters/p5-Encode-Detect security/p5-IO-Socket-SSL devel/p5-TimeDate

みたいに、強制UPさせて、/usr/local/etc/rc.d/amavisd start /usr/local/etc/rc.d/amavisd reload してみたら、

root@blackcube:/usr/ports/security/amavisd-new # /usr/local/etc/rc.d/amavisd start
Starting amavisd.
root@blackcube:/usr/ports/security/amavisd-new # /usr/local/etc/rc.d/amavisd reload                                                                             Signalling a SIGHUP   to a running daemon [12278]
root@blackcube:/usr/ports/security/amavisd-new # /usr/local/etc/rc.d/amavisd start
amavisd already running? (pid=12278).

なんか、今度は、動いたっぽい! (?_?)

WARNING: failed to start amavisd

http://forums.freebsd.org/showthread.php?t=16379

WARNING: failed to start amavisdと言ってamavisdが起ち上がらない。 こうなると、connect to 127.0.0.1[127.0.0.1]:10024: Connection refused となって、メールがmailqにたまって不達となる。

コンソールで、

# /usr/local/etc/rc.d/amavisd start

してもダメなときは、さっさと

# rm -r /var/amavis

して、amavisd-newを再インストールする、ヨロシ。( ̄^ ̄)ゞ

VirusScan on FreeBSD 9.0R
amavisd-new のインストール

# cd /usr/ports/security/amavisd-new
# make deinstall
# cp Makefile Makefile_dist
# vi Makefile
---------------------------------
- AMAVISUSER?=	vscan             #この部分を
- AMAVISGROUP?=	vscan
---------------------------------
+ AMAVISUSER?=	clamav      #このように編集
+ AMAVISGROUP?=	clamav
---------------------------------
# portinstall security/amavisd-new
# rehash
# /usr/local/etc/rc.d/amavisd start

# /usr/local/etc/rc.d/amavisd status
amavisd is running as pid 12663.

k222# sh -x /usr/local/etc/rc.d/amavisd start
+ . /etc/rc.subr
+ : rc.conf(5)
+ : 45291
+ export RC_PID
+ [ -z  ]
+ _rc_subr_loaded=YES
+ SYSCTL=/sbin/sysctl
+ SYSCTL_N=/sbin/sysctl -n
+ CMD_OSTYPE=/sbin/sysctl -n kern.ostype
+ /sbin/sysctl -n kern.ostype
+ OSTYPE=FreeBSD
+ ID=/usr/bin/id
+ IDCMD=if [ -x /usr/bin/id ]; then /usr/bin/id -un; fi
+ PS=/bin/ps -ww
+ /bin/ps -ww -p 45291 -o jid=
+ JID=     0
+ SYSCTL_W=/sbin/sysctl
+ _rc_subr_loaded=:
+ name=amavisd
+ rcvar=amavisd_enable
+ load_rc_config amavisd
+ _name=amavisd
+ [ -z amavisd ]
+ false
+ [ -r /etc/defaults/rc.conf ]
+ debug Sourcing /etc/defaults/rc.conf
+ . /etc/defaults/rc.conf
+ rc_debug=NO
+ rc_info=NO
+ rcshutdown_timeout=30
+ early_late_divider=FILESYSTEMS
+ swapfile=NO
+ apm_enable=NO
+ apmd_enable=NO
+ apmd_flags=
+ ddb_enable=NO
+ ddb_config=/etc/ddb.conf
+ devd_enable=YES
+ devd_flags=
+ kldxref_enable=NO
+ kldxref_clobber=NO
+ kldxref_module_path=
+ powerd_enable=NO
+ powerd_flags=
+ tmpmfs=AUTO
+ tmpsize=20m
+ tmpmfs_flags=-S
+ varmfs=AUTO
+ varsize=32m
+ varmfs_flags=-S
+ populate_var=AUTO
+ cleanvar_enable=YES
+ local_startup=/usr/local/etc/rc.d
+ script_name_sep=
+ rc_conf_files=/etc/rc.conf /etc/rc.conf.local
+ zfs_enable=NO
+ gbde_autoattach_all=NO
+ gbde_devices=NO
+ gbde_attach_attempts=3
+ gbde_lockdir=/etc
+ geli_devices=
+ geli_tries=
+ geli_default_flags=
+ geli_autodetach=YES
+ geli_swap_flags=-e aes -l 256 -s 4096 -d
+ root_rw_mount=YES
+ fsck_y_enable=NO
+ background_fsck=YES
+ background_fsck_delay=60
+ netfs_types=nfs:NFS nfs4:NFS4 smbfs:SMB portalfs:PORTAL nwfs:NWFS
+ extra_netfs_types=NO
+ hostname=
+ hostid_enable=YES
+ hostid_file=/etc/hostid
+ nisdomainname=NO
+ dhclient_program=/sbin/dhclient
+ dhclient_flags=
+ background_dhclient=NO
+ synchronous_dhclient=YES
+ firewall_enable=NO
+ firewall_script=/etc/rc.firewall
+ firewall_type=UNKNOWN
+ firewall_quiet=NO
+ firewall_logging=NO
+ firewall_flags=
+ firewall_client_net=192.0.2.0/24
+ firewall_simple_iif=ed1
+ firewall_simple_inet=192.0.2.16/28
+ firewall_simple_oif=ed0
+ firewall_simple_onet=192.0.2.0/28
+ firewall_myservices=
+ firewall_allowservices=
+ firewall_trusted=
+ firewall_logdeny=NO
+ firewall_nologports=135-139,445 1026,1027 1433,1434
+ firewall_nat_enable=NO
+ firewall_nat_interface=
+ firewall_nat_flags=
+ dummynet_enable=NO
+ ip_portrange_first=NO
+ ip_portrange_last=NO
+ ike_enable=NO
+ ike_program=/usr/local/sbin/isakmpd
+ ike_flags=
+ ipsec_enable=NO
+ ipsec_file=/etc/ipsec.conf
+ natd_program=/sbin/natd
+ natd_enable=NO
+ natd_interface=
+ natd_flags=
+ ipfilter_enable=NO
+ ipfilter_program=/sbin/ipf
+ ipfilter_rules=/etc/ipf.rules
+ ipfilter_flags=
+ ipnat_enable=NO
+ ipnat_program=/sbin/ipnat
+ ipnat_rules=/etc/ipnat.rules
+ ipnat_flags=
+ ipmon_enable=NO
+ ipmon_program=/sbin/ipmon
+ ipmon_flags=-Ds
+ ipfs_enable=NO
+ ipfs_program=/sbin/ipfs
+ ipfs_flags=
+ pf_enable=NO
+ pf_rules=/etc/pf.conf
+ pf_program=/sbin/pfctl
+ pf_flags=
+ pflog_enable=NO
+ pflog_logfile=/var/log/pflog
+ pflog_program=/sbin/pflogd
+ pflog_flags=
+ ftpproxy_enable=NO
+ ftpproxy_flags=
+ pfsync_enable=NO
+ pfsync_syncdev=
+ pfsync_syncpeer=
+ pfsync_ifconfig=
+ tcp_extensions=YES
+ log_in_vain=0
+ tcp_keepalive=YES
+ tcp_drop_synfin=NO
+ icmp_drop_redirect=NO
+ icmp_log_redirect=NO
+ network_interfaces=auto
+ cloned_interfaces=
+ ifconfig_lo0=inet 127.0.0.1
+ sppp_interfaces=
+ gif_interfaces=
+ fec_interfaces=
+ ppp_enable=NO
+ ppp_program=/usr/sbin/ppp
+ ppp_mode=auto
+ ppp_nat=YES
+ ppp_profile=papchap
+ ppp_user=root
+ hostapd_enable=NO
+ syslogd_enable=YES
+ syslogd_program=/usr/sbin/syslogd
+ syslogd_flags=-s
+ inetd_enable=NO
+ inetd_program=/usr/sbin/inetd
+ inetd_flags=-wW -C 60
+ named_enable=NO
+ named_program=/usr/sbin/named
+ named_pidfile=/var/run/named/pid
+ named_uid=bind
+ named_chrootdir=/var/named
+ named_chroot_autoupdate=YES
+ named_symlink_enable=YES
+ kerberos5_server_enable=NO
+ kerberos5_server=/usr/libexec/kdc
+ kerberos5_server_flags=--detach
+ kadmind5_server_enable=NO
+ kadmind5_server=/usr/libexec/kadmind
+ kpasswdd_server_enable=NO
+ kpasswdd_server=/usr/libexec/kpasswdd
+ rwhod_enable=NO
+ rwhod_flags=
+ rarpd_enable=NO
+ rarpd_flags=-a
+ bootparamd_enable=NO
+ bootparamd_flags=
+ pppoed_enable=NO
+ pppoed_provider=*
+ pppoed_flags=-P /var/run/pppoed.pid
+ pppoed_interface=fxp0
+ sshd_enable=NO
+ sshd_program=/usr/sbin/sshd
+ sshd_flags=
+ ftpd_enable=NO
+ ftpd_program=/usr/libexec/ftpd
+ ftpd_flags=
+ amd_enable=NO
+ amd_program=/usr/sbin/amd
+ amd_flags=-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map
+ amd_map_program=NO
+ nfs_client_enable=NO
+ nfs_access_cache=60
+ nfs_server_enable=NO
+ nfs_server_flags=-u -t -n 4
+ idmapd_enable=NO
+ idmapd_flags=
+ mountd_enable=NO
+ mountd_flags=-r
+ weak_mountd_authentication=NO
+ nfs_reserved_port_only=NO
+ nfs_bufpackets=
+ rpc_lockd_enable=NO
+ rpc_lockd_flags=
+ rpc_statd_enable=NO
+ rpc_statd_flags=
+ rpcbind_enable=NO
+ rpcbind_program=/usr/sbin/rpcbind
+ rpcbind_flags=
+ rpc_ypupdated_enable=NO
+ keyserv_enable=NO
+ keyserv_flags=
+ timed_enable=NO
+ timed_flags=
+ ntpdate_enable=NO
+ ntpdate_program=/usr/sbin/ntpdate
+ ntpdate_flags=-b
+ ntpdate_config=/etc/ntp.conf
+ ntpdate_hosts=
+ ntpd_enable=NO
+ ntpd_program=/usr/sbin/ntpd
+ ntpd_config=/etc/ntp.conf
+ ntpd_sync_on_start=NO
+ ntpd_flags=-p /var/run/ntpd.pid -f /var/db/ntpd.drift
+ nis_client_enable=NO
+ nis_client_flags=
+ nis_ypset_enable=NO
+ nis_ypset_flags=
+ nis_server_enable=NO
+ nis_server_flags=
+ nis_ypxfrd_enable=NO
+ nis_ypxfrd_flags=
+ nis_yppasswdd_enable=NO
+ nis_yppasswdd_flags=
+ bsnmpd_enable=NO
+ bsnmpd_flags=
+ defaultrouter=NO
+ static_routes=
+ natm_static_routes=
+ gateway_enable=NO
+ router_enable=NO
+ router=/sbin/routed
+ router_flags=-q
+ mrouted_enable=NO
+ mrouted_program=/usr/local/sbin/mrouted
+ mrouted_flags=
+ ipxgateway_enable=NO
+ ipxrouted_enable=NO
+ ipxrouted_flags=
+ arpproxy_all=NO
+ forward_sourceroute=NO
+ accept_sourceroute=NO
+ atm_enable=NO
+ atm_pvcs=
+ atm_arps=
+ isdn_enable=NO
+ isdn_fsdev=NO
+ isdn_flags=-dn -d0x1f9
+ isdn_ttype=cons25
+ isdn_screenflags=NO
+ isdn_trace=NO
+ isdn_traceflags=-f /var/tmp/isdntrace0
+ hcsecd_enable=NO
+ hcsecd_config=/etc/bluetooth/hcsecd.conf
+ sdpd_enable=NO
+ sdpd_control=/var/run/sdp
+ sdpd_groupname=nobody
+ sdpd_username=nobody
+ bthidd_enable=NO
+ bthidd_config=/etc/bluetooth/bthidd.conf
+ bthidd_hids=/var/db/bthidd.hids
+ rfcomm_pppd_server_enable=NO
+ rfcomm_pppd_server_profile=one two
+ rfcomm_pppd_server_one_channel=1
+ rfcomm_pppd_server_two_channel=3
+ icmp_bmcastecho=NO
+ ipv6_enable=NO
+ ipv6_network_interfaces=auto
+ ipv6_defaultrouter=NO
+ ipv6_static_routes=
+ ipv6_gateway_enable=NO
+ ipv6_router_enable=NO
+ ipv6_router=/usr/sbin/route6d
+ ipv6_router_flags=
+ ipv6_default_interface=NO
+ rtsol_flags=
+ rtadvd_enable=NO
+ rtadvd_interfaces=
+ mroute6d_enable=NO
+ mroute6d_program=/usr/local/sbin/pim6dd
+ mroute6d_flags=
+ stf_interface_ipv4addr=
+ stf_interface_ipv4plen=0
+ stf_interface_ipv6_ifid=0:0:0:1
+ stf_interface_ipv6_slaid=0000
+ ipv6_faith_prefix=NO
+ ipv6_ipv4mapping=NO
+ ipv6_firewall_enable=NO
+ ipv6_firewall_script=/etc/rc.firewall6
+ ipv6_firewall_type=UNKNOWN
+ ipv6_firewall_quiet=NO
+ ipv6_firewall_logging=NO
+ ipv6_firewall_flags=
+ ipv6_ipfilter_rules=/etc/ipf6.rules
+ ip6addrctl_enable=YES
+ ip6addrctl_verbose=NO
+ keyboard=
+ keymap=NO
+ keyrate=NO
+ keybell=NO
+ keychange=NO
+ cursor=NO
+ scrnmap=NO
+ font8x16=NO
+ font8x14=NO
+ font8x8=NO
+ blanktime=300
+ saver=NO
+ moused_nondefault_enable=YES
+ moused_enable=NO
+ moused_type=auto
+ moused_port=/dev/psm0
+ moused_flags=
+ mousechar_start=NO
+ allscreens_flags=
+ allscreens_kbdflags=
+ mta_start_script=/etc/rc.sendmail
+ sendmail_enable=NO
+ sendmail_pidfile=/var/run/sendmail.pid
+ sendmail_procname=/usr/sbin/sendmail
+ sendmail_flags=-L sm-mta -bd -q30m
+ sendmail_submit_enable=YES
+ sendmail_submit_flags=-L sm-mta -bd -q30m -ODaemonPortOptions=Addr=localhost
+ sendmail_outbound_enable=YES
+ sendmail_outbound_flags=-L sm-queue -q30m
+ sendmail_msp_queue_enable=YES
+ sendmail_msp_queue_flags=-L sm-msp-queue -Ac -q30m
+ sendmail_rebuild_aliases=NO
+ auditd_enable=NO
+ auditd_program=/usr/sbin/auditd
+ auditd_flags=
+ cron_enable=YES
+ cron_program=/usr/sbin/cron
+ cron_dst=YES
+ cron_flags=
+ lpd_enable=NO
+ lpd_program=/usr/sbin/lpd
+ lpd_flags=
+ nscd_enable=NO
+ chkprintcap_enable=NO
+ chkprintcap_flags=-d
+ dumpdev=AUTO
+ dumpdir=/var/crash
+ savecore_flags=
+ crashinfo_enable=NO
+ crashinfo_program=/usr/sbin/crashinfo
+ enable_quotas=NO
+ check_quotas=YES
+ quotaon_flags=-a
+ quotaoff_flags=-a
+ quotacheck_flags=-a
+ accounting_enable=NO
+ ibcs2_enable=NO
+ ibcs2_loaders=coff
+ sysvipc_enable=NO
+ linux_enable=NO
+ svr4_enable=NO
+ clear_tmp_enable=NO
+ clear_tmp_X=YES
+ ldconfig_insecure=NO
+ ldconfig_paths=/usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg
+ ldconfig32_paths=/usr/lib32
+ ldconfig_paths_aout=/usr/lib/compat/aout /usr/local/lib/aout
+ ldconfig_local_dirs=/usr/local/libdata/ldconfig
+ ldconfig_local32_dirs=/usr/local/libdata/ldconfig32
+ kern_securelevel_enable=NO
+ kern_securelevel=-1
+ update_motd=YES
+ entropy_file=/entropy
+ entropy_dir=/var/db/entropy
+ entropy_save_sz=2048
+ entropy_save_num=8
+ harvest_interrupt=YES
+ harvest_ethernet=YES
+ harvest_p_to_p=YES
+ dmesg_enable=YES
+ watchdogd_enable=NO
+ devfs_rulesets=/etc/defaults/devfs.rules /etc/devfs.rules
+ devfs_system_ruleset=
+ devfs_set_rulesets=
+ performance_cx_lowest=HIGH
+ performance_cpu_freq=NONE
+ economy_cx_lowest=HIGH
+ economy_cpu_freq=NONE
+ virecover_enable=YES
+ ugidfw_enable=NO
+ bsdextended_script=/etc/rc.bsdextended
+ newsyslog_enable=YES
+ newsyslog_flags=-CN
+ mixer_enable=YES
+ jail_enable=NO
+ jail_list=
+ jail_set_hostname_allow=YES
+ jail_socket_unixiproute_only=YES
+ jail_sysvipc_allow=NO
+ [ -z  ]
+ source_rc_confs_defined=yes
+ source_rc_confs
+ local i sourced_files
+ sourced_files=:/etc/rc.conf:
+ [ -r /etc/rc.conf ]
+ . /etc/rc.conf
+ defaultrouter=210.255.122.209
+ hostname=k222.kuji-clinic.net
+ ifconfig_em0=inet 210.255.122.222  netmask 255.255.255.240
+ ifconfig_em0_alias0=inet 210.255.122.211  netmask 255.255.255.255
+ inetd_enable=NO
+ keymap=jp.106
+ moused_enable=YES
+ sshd_enable=YES
+ usbd_enable=YES
+ ntpd_enable=YES
+ sendmail_enable=NO
+ sendmail_submit_enable=NO
+ sendmail_outbound_enable=NO
+ sendmail_msp_queue_enable=NO
+ postfix_enable=YES
+ apache22_enable=YES
+ mailman_enable=YES
+ clamav_clamd_enable=YES
+ clamav_freshclam_enable=YES
+ amavisd_enable=YES
+ spamd_enable=NO
+ ntpdate_enable=YES
+ inetd_enable=YES
+ mysql_enable=YES
+ svnserve_enable=YES
+ named_enable=YES
+ snmpd_enable=YES
+ snmpd_flags=-a
+ snmpd_conffile=/usr/local/share/snmp/snmpd.conf /etc/snmpd.config
+ snmptrapd_enable=YES
+ snmptrapd_flags=-a -p /var/run/snmptrapd.pid
+ sourced_files=:/etc/rc.conf::/etc/rc.conf.local:
+ [ -r /etc/rc.conf.local ]
+ _rc_conf_loaded=true
+ [ -f /etc/rc.conf.d/amavisd ]
+ : YES
+ pidfile=/var/amavis/amavisd.pid
+ command=/usr/local/sbin/amavisd
+ command_args=> /dev/null 2>&1
+ required_files=/usr/local/etc/amavisd.conf
+ extra_commands=reload
+ start_precmd=start_precmd
+ stop_postcmd=rm -f /var/amavis/amavisd.pid
+ reload_cmd=/usr/local/sbin/amavisd reload
+ run_rc_command start
+ _return=0
+ rc_arg=start
+ [ -z amavisd ]
+ shift 1
+ rc_extra_args=
+ _rc_prefix=
+ eval _override_command=$amavisd_program
+ _override_command=
+ command=/usr/local/sbin/amavisd
+ _keywords=start stop restart rcvar reload
+ rc_pid=
+ _pidcmd=
+ _procname=/usr/local/sbin/amavisd
+ [ -n /usr/local/sbin/amavisd ]
+ [ -n /var/amavis/amavisd.pid ]
+ _pidcmd=rc_pid=$(check_pidfile /var/amavis/amavisd.pid /usr/local/sbin/amavisd )
+ [ -n rc_pid=$(check_pidfile /var/amavis/amavisd.pid /usr/local/sbin/amavisd ) ]
+ _keywords=start stop restart rcvar reload status poll
+ [ -z start ]
+ [ -n  ]
+ eval rc_flags=$amavisd_flags
+ rc_flags=
+ eval _chdir=$amavisd_chdir _chroot=$amavisd_chroot _nice=$amavisd_nice _user=$amavisd_user _group=$amavisd_group _groups=$amavisd_groups
+ _chdir= _chroot= _nice= _user= _group= _groups=
+ [ -n  ]
+ [ -n amavisd_enable -a start != rcvar ]
+ checkyesno amavisd_enable
+ eval _value=$amavisd_enable
+ _value=YES
+ debug checkyesno: amavisd_enable is set to YES.
+ return 0
+ eval rc_pid=$(check_pidfile /var/amavis/amavisd.pid /usr/local/sbin/amavisd )
+ check_pidfile /var/amavis/amavisd.pid /usr/local/sbin/amavisd
+ _pidfile=/var/amavis/amavisd.pid
+ _procname=/usr/local/sbin/amavisd
+ _interpreter=
+ [ -z /var/amavis/amavisd.pid -o -z /usr/local/sbin/amavisd ]
+ [ ! -f /var/amavis/amavisd.pid ]
+ debug pid file (/var/amavis/amavisd.pid): not readable.
+ return
+ rc_pid=
+ [ start != start ]
+ eval _cmd=$start_cmd _precmd=$start_precmd _postcmd=$start_postcmd
+ _cmd= _precmd=start_precmd _postcmd=
+ [ -n  ]
+ [ -z  -a -n  ]
+ [ ! -x /usr/local/sbin/amavisd ]
+ _run_rc_precmd
+ check_required_before start
+ local _f
+ [ ! -r /usr/local/etc/amavisd.conf ]
+ return 0
+ [ -n start_precmd ]
+ debug run_rc_command: start_precmd: start_precmd
+ eval start_precmd
+ start_precmd
+ rm -rf /var/amavis/tmp/* /var/amavis/tmp/. /var/amavis/tmp/..
+ true
+ [ ]
+ _return=0
+ [ 0 -ne 0 ]
+ check_required_after start
+ local _f _args
+ return 0
+ return 0
+ echo Starting amavisd.
Starting amavisd.
+ [ -n  ]
+ _doit=/usr/local/sbin/amavisd  > /dev/null 2>&1
+ [ -n  ]
+ [ -n  ]
+ _run_rc_doit /usr/local/sbin/amavisd  > /dev/null 2>&1
+ debug run_rc_command: doit: /usr/local/sbin/amavisd  > /dev/null 2>&1
+ eval /usr/local/sbin/amavisd  > /dev/null 2>&1
+ /usr/local/sbin/amavisd
+ _return=2
+ [ 2 -ne 0 ]
+ [ -z  ]
+ return 1
+ return 1
k222#

タイトルに ***UNCHECKED*** が付く

/var/log/console.log

Apr  1 09:24:35 flora kernel: Mon Apr  1 09:24:35 JST 2013
Apr  1 13:35:41 flora kernel: Apr  1 13:35:41 flora kernel: pid 1418 (clamd), uid 110, was killed: out of swap space
Apr  1 16:41:59 flora kernel: Apr  1 16:41:59 flora postfix/scache[2967]: fatal: unexpected command-line argument: user=clamav
Apr  1 16:43:02 flora kernel: Apr  1 16:43:01 flora postfix/scache[2972]: fatal: unexpected command-line argument: user=clamav

と言うわけで、pid 1418 (clamd)が落ちてるわけで・・・スクリプトで動作確認して落ちてたら上げる、って目論見だけど

flora{102} % ps aux | grep clamd
clamav  1420   0.0  6.9 182920 16344 ??  Is    5:43PM  0:00.00 /usr/local/sbin/clamd
root    1627   0.0  0.6   9636  1492  0  S+    5:47PM  0:00.00 grep clamd
flora{103} % ps aux | grep clamav
clamav  1415   0.0  1.7  83356  4056 ??  Ss    5:41PM  0:10.83 /usr/local/sbin/amavisd (master) (perl)
clamav  1418   0.0  1.4  84172  3300 ??  I     5:42PM  0:00.04 /usr/local/sbin/amavisd (virgin child) (perl)
clamav  1419   0.0  0.0  84172     0 ??  IW   -        0:00.00 /usr/local/sbin/amavisd (virgin child) (perl)
clamav  1420   0.0  6.9 182920 16344 ??  Is    5:43PM  0:00.00 /usr/local/sbin/clamd
clamav  1423   0.0  1.5  21100  3592 ??  Is    5:45PM  0:03.57 /usr/local/bin/freshclam --daemon -p /var/run/clamav/freshclam.pid
root    1629   0.0  0.6   9636  1492  0  S+    5:48PM  0:00.00 grep clamav

どっちがよいのでしょうか?

参考URL

多量のspamが来て/usr/local/sbin/spamass-milter が停止

killedでclamd が動かなくなり、spam判定がスルーされて「***UNCHECKED***」がつきます。

これを避ける為にaddhock だけど、スクリプトを仕掛けcronで10分に1回監視する。

以下が /etc/crontab に追加した行、10分に1回立ち上がります。

10 * * * * root /root/bin/checkclamd.sh

checkclamd.shの内容

clamdというプロセスがあるかどうか調べ無かったら立ち上げたあと、再起動したよというレポートをpostmaster に送る。

#!/usr/local/bin/bash
r=`ps -ax | grep clamd | grep -v grep`

if [ "$r" == "" ]
then 
       /usr/local/etc/rc.d/clamav-clamd start
echo "clamd@mail was down, it is UP now" | mail -s "clamd @mail_kuji-clinic.info was DOWN!" postmaster@kuji-clinic.info
fi

exit 0

これで安心。チェックする間隔があまりにも短いとまだswapが足りなくなっている状態で再起動するため起動しないかもしれません。(10分でいいかどうかもわかりませんが)

抜本的には多量のspamが来てもいいよう高速のCPUと大容量のメモリを搭載する、ヨロシ。


Total access 5768:本日 1:昨日 0

Counter: 5768, today: 1, yesterday: 0

トップ   新規 一覧 検索 最終更新   ヘルプ   最終更新のRSS