![[PukiWiki]](image/pukiwiki.png "[PukiWiki]")
#author("2023-08-08T17:54:43+09:00","default:kuji","kuji") #author("2023-08-08T17:55:38+09:00","default:kuji","kuji") CONTENTS #contents ---- Lastmodified &lastmod; ---- *Amavisd-new [#abd16bb9] /etc/rc.conf での起動順 Starting clamav_clamd. Starting clamav_freshclam. Starting amavisd. 良く?w起こるエラー Aug 8 00:19:31 macinename amavis[40589]: (!!)TROUBLE in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 8 00:19:31 macinename amavis[40589]: (!)_DIE: Suicide in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 8 00:19:31 macinename amavis[2504]: sd_notify (no socket): STATUS=Starting child process(es), ready for work. Aug 8 00:19:31 macinename amavis[40591]: (!!)TROUBLE in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 8 00:19:31 macinename amavis[40591]: (!)_DIE: Suicide in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 8 00:19:31 macinename amavis[2504]: sd_notify (no socket): STATUS=Starting child process(es), ready for work. Aug 8 00:19:31 macinename amavis[40592]: (!!)TROUBLE in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 8 00:19:35 macinename postfix/error[40807]: 877053C9E75A: to=<root@macinename.example.com>, relay=none, delay=146075, delays=146074/1/0/0.01, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection reset by peer) Aug 8 00:19:35 macinename postfix/error[40810]: 8091B3C9E787: to=<root@macinename.example.com>, relay=none, delay=137975, delays=137974/1/0/0.01, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection reset by peer) Aug 8 00:19:35 macinename postfix/error[40781]: 8BB7A3C9E723: to=<root@macinename.example.com>, relay=none, delay=155975, delays=155974/1/0/0.03, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection reset by peer) Aug 8 00:19:35 macinename postfix/error[40780]: 8BAC03C9E7F4: to=<root@macinename.example.com>, relay=none, delay=118475, delays=118474/1/0/0.03, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to 127.0.0.1[127.0.0.1]:10024: Connection reset by peer) Aug 8 00:19:35 macinename postfix/error[40782]: 8A9E23C9E551: to=<root@macinename.example.com>, relay=none, delay=314375, delays=314374/1/0/0, dsn=4. ---- *amavisd-new TROUBLE 20230804 [#k9c16353] FreeBSD 13.1 を 13.2 へUpgradeした後辺りから、/var/log/maillog に Aug 7 02:33:08 guard amavis[63433]: (!!)TROUBLE in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 7 02:33:08 guard amavis[63434]: (!!)TROUBLE in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 7 02:33:08 guard amavis[63430]: (!)_DIE: Suicide in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 7 02:33:08 guard amavis[63433]: (!)_DIE: Suicide in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 7 02:33:08 guard amavis[63434]: (!)_DIE: Suicide in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 7 02:33:08 guard amavis[63431]: (!)_DIE: Suicide in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 7 02:33:08 guard amavis[63432]: (!)_DIE: Suicide in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 7 02:33:08 guard amavis[63435]: (!!)TROUBLE in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 7 02:33:08 guard amavis[63436]: (!!)TROUBLE in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 7 02:33:08 guard amavis[63435]: (!)_DIE: Suicide in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. Aug 7 02:33:08 guard amavis[63436]: (!)_DIE: Suicide in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery, No such file or directory. at (eval 145) line 338. のようなエラーがでて、mailq が増加するトラブル。amavisd--new が落ちる機体は、/usr/ports/security/amavisd-new/Makefile のUse:group=clamav:clamav に変更してClamavと連携を取るという、obsorute なもの。なので、この際、amavisd-new は本来のvscan:vscanにもどし、clamav の権限をroot にする形へ変更する。 **amavisd-new deinstall install again [#ma998c41] 966 11:11 cd /usr/ports/security/amavisd-new/ /usr/ports/security/amavisd-new/makefile の usr:group がvscan:vscan で有ることを確認 967 11:11 make deinstall 968 11:12 make install clean ***/usr/local/etc/amavisd.conf の確認 [#n756f2c6] /usr/local/etc/amavisd.conf.sample を /usr/local/etc/amavisd.conf へコピーし、 23 $mydomain = ''; # a convenient default for other settings 384 ### http://www.clamav.net/ 385 ['ClamAV-clamd', 386 \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"], 387 qr/\bOK$/m, qr/\bFOUND$/m, 388 qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ], のコメントアウトを外す。 **clamav もついでに最新版へ [#qed5ba6f] 994 11:27 cd /usr/ports/security/clamav 995 11:27 make deinstall 996 11:27 make install clean 997 11:38 /usr/local/etc/rc.d/amavisd start 998 11:38 /usr/local/etc/rc.d/amavisd restart /usr/local/etc/clamd.sample を /usr/local/etc/clamd.conf へ /usr/local/etc/clamd.conf の226行目をコメントアウト #User clamav User root さらに、 /usr/local/etc/freshclam.conf は、 59 #DatabaseOwner clamav DatabaseOwner root ---- *amavisd-new TROUBLE 2020 [#bd9469dc] **TCP port 10024 on 127.0.0.1 [Address already in use] [#k702993f] 2020年正月休みにあれこれ ports を upgrade したら、それまで正常に動作していたamavisd-new が起動しなくなった(様に見えた?)。amavisd-new はUPgradeしてないのに。 以下をアップグレードした後かも知れない。 oniguruma-6.9.3 < needs updating (port has 6.9.4) python36-3.6.9_3 < needs updating (port has 3.7.6) と、同時に、以下の様なエラーも発生。 (!)Net::Server: 2020/01/07-15:57:40 Can't connect to TCP port 10024 on 127.0.0.1 [Address already in use]\n at line 64 in file /usr/local/lib/perl5/site_perl/Net/Server/Proto/TCP.pm 1基のamavisd-newだけではなく、複数のサーバ機で発生したので、ちょっと焦る(?_?) 調べて見ると、実はamavisd-new は起動してるのに、amavis.pid が生成されていないか書き込み失敗して /var/amavis に無いため、死活監視で起動していないと判断され、延々再起動しようとしてエラーを吐いていたようだ。 **Clamav との連携について [#x63e4fca] Clamav と併用して使用する場合、以前は amavisd-new のMake.conf のユーザ・グループを clamav:clamav にして、clamav との連携を図るコトになっていたのだが、どうやらそれが非推奨となった模様。(と、思ったが、ちゃんと設定すれば起動する事がわかった。本記事の最後の項目の通り)結果、make は通ってエラー無く終了するが、プロセスの起動はしない。という状態に成ってしまっていた機体がある。 amavisd-new のユーザ・グループは、ports のオリジナル設定の vscan:vscan と戻して、amavisd-new は起動はするようにはなった。 また、clamav の側はrootで動作させるため、 /usr/local/etc/clamd.conf の226行目をコメントアウト #User clamav User root さらに、 /usr/local/etc/freshclam.conf は、 #DatabaseOwner clamav DatabaseOwner root とする事でこのamavisd-new と clamav とのDB連携エラーは回避出来る。 【参考サイト】 https://www.mk-mode.com/blog/2014/10/25/freebsd-10-0-installation-of-clamav/# # top -a 3778 vscan 1 20 0 81980K 76876K select 1 0:00 0.00% /usr/local/sbin/amavisd (master) (perl) 3779 vscan 1 52 0 83444K 77208K select 0 0:00 0.00% /usr/local/sbin/amavisd (virgin child) (perl) 3780 vscan 1 52 0 83436K 77200K lockf 1 0:00 0.00% /usr/local/sbin/amavisd (virgin child) (perl) Jan 10 08:39:23 blackcube amavis[3778]: Using primary internal av scanner code for ClamAV-clamd Jan 10 08:39:23 blackcube amavis[3778]: Found secondary av scanner ClamAV-clamscan at /usr/local/bin/clamscan Jan 10 08:39:23 blackcube amavis[3778]: Deleting db files __db.001,__db.002,__db.003,snmp.db,nanny.db in /var/amavis/db Jan 10 08:39:23 blackcube amavis[3778]: Creating db in /var/amavis/db/; BerkeleyDB 0.63, libdb 5.3 Jan 10 08:39:23 blackcube amavis[3778]: sd_notify (no socket): READY=1\nSTATUS=Initialization done. Jan 10 08:39:23 blackcube amavis[3778]: sd_notify (no socket): STATUS=Starting child process(es), ready for work. Jan 10 08:39:24 blackcube monit[659]: 'amavisd' started Jan 10 08:39:54 blackcube monit[659]: 'amavisd' process is running with pid 3778 * amavisd-new usr:group clamav:clamav de run [#k95e14a7] FreeBSD smb212 12.0-RELEASE-p12 FreeBSD 12.0-RELEASE-p12 GENERIC amd64 で動作確認 0)古いamavisd-new があれば、deinstall し、/var/amavis も削除 1)/usr/ports/security/Makefile vscan ⇒ clamav AMAVISUSER?= clamav AMAVISGROUP?= clamav 2)古い/usr/local/etc/amavisd.conf を削除または改名 3)amavisd-new install 4)# /usr/local/etc/rc.d/amavisd reload で、エラーがないようなら、 5) /usr/local/etc/rc.d/amavisd start 42204 clamav 1 20 0 161M 151M select 0 0:01 0.00% /usr/local/sbin/amavisd (master) (perl) 42205 clamav 1 52 0 163M 151M select 0 0:00 0.00% /usr/local/sbin/amavisd (virgin child) (perl) 42206 clamav 1 52 0 163M 151M lockf 1 0:00 0.00% /usr/local/sbin/amavisd (virgin child) (perl) * Permission denied [#o161ae41] /usr/local/etc/rc.d/amavisd start Starting amavisd. PID file /var/amavis/amavisd.pid is inaccessible: Permission denied /usr/local/etc/rc.d/amavisd: WARNING: failed to start amavisd portupgrade -rRf などをしたとき、clamd も強制upgrade されて、設定ファイルがデフルトにもどったため /usr/local/etc/clamd.conf の200行目付近のこれが、User vscan となっていて、 # Run as another user (clamd must be started by root for this option to work) # Default: don't drop privileges #User clamav #User vscan User root amavisd がプロセスファイルの書き込み権限が・・・ということらしい。 ---- Total access &counter(total);:本日 &counter(today);:昨日 &counter(yesterday); #counter([total|today|yesterday]);
