HELP! clamd keeps stopping
Re: HELP! clamd keeps stopping
Your psmon cannot be installed is what I meant. I posted the problem from the logs and you commented on it.
Can you put the required parts of psmon in it so I can install your version?
Can you put the required parts of psmon in it so I can install your version?
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: HELP! clamd keeps stopping
And I told you that they're available from rpmforge. I could put them up but it will take another week or so before I have the time
Re: HELP! clamd keeps stopping
I tried and just got this far:
[root@godslove ~]# rpm -Uhv rpmforge-release-0.3.6-1.el5.rf.i386.rpm
warning: rpmforge-release-0.3.6-1.el5.rf.i386.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
Preparing... ########################################### [100%]
1:rpmforge-release ########################################### [100%]
[root@godslove ~]#
I cannot find a key to install at rpmforge.
[root@godslove ~]# rpm -Uhv rpmforge-release-0.3.6-1.el5.rf.i386.rpm
warning: rpmforge-release-0.3.6-1.el5.rf.i386.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
Preparing... ########################################### [100%]
1:rpmforge-release ########################################### [100%]
[root@godslove ~]#
I cannot find a key to install at rpmforge.
Re: HELP! clamd keeps stopping
Either sign the package with your own key
rpm --resign package.rpm
Or install via yum
yum install package.rpm --nogpgcheck
I only use rpm when I have too yum much better.
rpm --resign package.rpm
Or install via yum
yum install package.rpm --nogpgcheck
I only use rpm when I have too yum much better.
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: HELP! clamd keeps stopping
No jeez, dont do what he said. Thats silly. If you look at the contents of the rpmforge-release package (rpm -ql rpmforge-release) the key is not only in it, its set up to install itself automatically when you run yum.
/etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
and from /etc/yum.repos.d/rpmforge.repo
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
We all configure our -release packages like that (centos, atomic, dag, etc).
/etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
and from /etc/yum.repos.d/rpmforge.repo
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
We all configure our -release packages like that (centos, atomic, dag, etc).
Re: HELP! clamd keeps stopping
Ok I see the contents now for rpmforge and ran yum list and it showed the rpmforge listings along with atomics and there is no psmon in rpmforge. The only one is listed is psmon.noarch as atomic so what should I do now?
Also, in case I have this wrong where exactly is your key suppose to go Scott?
Right now it is listed in # of my server and not in /etc/pki/rpm-gpg/
Should the atomic key be in /etc/pdi/rpm-gpg/ or does it matter? When I first got the key I was in # in my server and just imported it from there and that's where it is now.
Thanks for your help!
Also, in case I have this wrong where exactly is your key suppose to go Scott?
Right now it is listed in # of my server and not in /etc/pki/rpm-gpg/
Should the atomic key be in /etc/pdi/rpm-gpg/ or does it matter? When I first got the key I was in # in my server and just imported it from there and that's where it is now.
Thanks for your help!
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: HELP! clamd keeps stopping
Just: yum install psmon
Re: HELP! clamd keeps stopping
Oh I see now!!!
It pulled psmon from art and the other ones from rmpforge.
Could you please help me with the configuration? I'm on centos5, mysql and php5.
There are 2 that say Disabled True so both of those would change to Disabled False or just comment out with #?
# Please read through your configuration file before using it in production!
Disabled True
# Defines the email address where notification emails should be sent to.
# This may be also be used in a Process scope which will take priority over
# a global declaration. All AdminEmail entries in the configuration file
# will be overridden if it is specified on the command line as an option.
# Defaults to: root@localhost
AdminEmail info@designhosting.biz
# Defines which method should be used by default to try and send
# notification emails. Legal values are "SMTP" or "sendmail".
# Defaults to: sendmail
DefaultEmailMethod sendmail
# Defines which syslog facility to log to. Refer to your syslogd and/or
# operating system documentation for a list of valid facilities.
# Defaults to: LOG_DAEMON
Facility LOG_DAEMON
# Defines the frequency (in seconds) of process table queries.
# Defaults to: 60
Frequency 60
# When defined, psmon will never attempt to kill a process ID which is
# numerically less than or equal to the value defined by lastsafepid. It
# should be noted that psmon will never attempt to kill itself, or a process
# ID less than or equal to 1.
# Defaults to: 100
LastSafePID 100
# Defines the loglevel priority that notifications to syslog will be marked
# as. Refer to your operating system's kernel.h documentation for a list of
# valid priorities.
# Defaults to: LOG_NOTICE
LogLevel LOG_NOTICE
# Accepts a space delimited list of PIDs which will never be killed.
# Defaults to: 1
NeverKillPID 1
# Accepts a space delimited list of process names which will never be
# killed.
# Defaults to: kswapd kupdated mdrecoveryd pageout sched init
NeverKillProcessName kswapd kupdated mdrecoveryd pageout sched init
# Defines the email address that notification email should be addresses
# from.
# Defaults to: username@hostname
### NotifyEmailFrom joe.bloggs@foobar.com
# Accepts a boolean value of On or Off. Surpresses all notifications of
# preserved process IDs when used in conjunction with the lastsafepid
# directive.
# Defaults to: Off
ProtectSafePIDsQuietly Off
# Defines the IP address or hostname of the SMTP server to used to send
# email notifications.
# Defaults to: localhost
SMTPHost localhost
# Defines the timeout in seconds to be used during SMTP connections.
# Defaults to: 20
SMTPTimeout 20
# Defines the sendmail command to use to send notification emails if there
# is a failure with the SMTP connection to the host defined by SMTPHost.
# PSMon will attempt to locate the sendmail command for you by looking in
# common locations.
### SendmailCMD /usr/sbin/sendmail -t
# You need to remove BOTH of these 'Disabled' directives before using this
# configuration file. Please make sure you have read and understood everything
# in this file before using it in a live production environment!
Disabled True
# The <Process *> scope is commented out by default. It should be used with
# *EXTREME* care. If you do decide to use it, may I suggest that you run psmon
# in 'DryRun' mode by adding the 'DryRun' directive in this configuration
# file. READ THE DOCUMENTATION THOROUGHLY BEFORE ENABLING THIS FEATURE!!!
#<Process *>
# PctCpu 80
# PctMem 50
#</Process>
There is a list of all these processes but don't see clamd. I'm definitely not sure what to do here and am scared because of the warning to not use on production servers.
# I have included a set of commonly required processes. They are all vital
# services which must be running on all of my workstations and servers. It's
# a pretty good guess you'll want them to always be running too.
# Secure Shell Daemon
#<Process sshd>
# LogLevel LOG_CRITICAL
# SpawnCmd /sbin/service sshd restart
# PidFile /var/run/sshd.pid
# # Instances 30
# # PctCPU 90
#</Process>
# Cron Daemon
#<Process crond>
# spawncmd /sbin/service crond restart
# pidfile /var/run/crond.pid
#</Process>
# System Logger Daemon
#<Process syslogd>
# spawncmd /sbin/service syslog restart
# pidfile /var/run/syslogd.pid
#</Process>
It pulled psmon from art and the other ones from rmpforge.
Could you please help me with the configuration? I'm on centos5, mysql and php5.
There are 2 that say Disabled True so both of those would change to Disabled False or just comment out with #?
# Please read through your configuration file before using it in production!
Disabled True
# Defines the email address where notification emails should be sent to.
# This may be also be used in a Process scope which will take priority over
# a global declaration. All AdminEmail entries in the configuration file
# will be overridden if it is specified on the command line as an option.
# Defaults to: root@localhost
AdminEmail info@designhosting.biz
# Defines which method should be used by default to try and send
# notification emails. Legal values are "SMTP" or "sendmail".
# Defaults to: sendmail
DefaultEmailMethod sendmail
# Defines which syslog facility to log to. Refer to your syslogd and/or
# operating system documentation for a list of valid facilities.
# Defaults to: LOG_DAEMON
Facility LOG_DAEMON
# Defines the frequency (in seconds) of process table queries.
# Defaults to: 60
Frequency 60
# When defined, psmon will never attempt to kill a process ID which is
# numerically less than or equal to the value defined by lastsafepid. It
# should be noted that psmon will never attempt to kill itself, or a process
# ID less than or equal to 1.
# Defaults to: 100
LastSafePID 100
# Defines the loglevel priority that notifications to syslog will be marked
# as. Refer to your operating system's kernel.h documentation for a list of
# valid priorities.
# Defaults to: LOG_NOTICE
LogLevel LOG_NOTICE
# Accepts a space delimited list of PIDs which will never be killed.
# Defaults to: 1
NeverKillPID 1
# Accepts a space delimited list of process names which will never be
# killed.
# Defaults to: kswapd kupdated mdrecoveryd pageout sched init
NeverKillProcessName kswapd kupdated mdrecoveryd pageout sched init
# Defines the email address that notification email should be addresses
# from.
# Defaults to: username@hostname
### NotifyEmailFrom joe.bloggs@foobar.com
# Accepts a boolean value of On or Off. Surpresses all notifications of
# preserved process IDs when used in conjunction with the lastsafepid
# directive.
# Defaults to: Off
ProtectSafePIDsQuietly Off
# Defines the IP address or hostname of the SMTP server to used to send
# email notifications.
# Defaults to: localhost
SMTPHost localhost
# Defines the timeout in seconds to be used during SMTP connections.
# Defaults to: 20
SMTPTimeout 20
# Defines the sendmail command to use to send notification emails if there
# is a failure with the SMTP connection to the host defined by SMTPHost.
# PSMon will attempt to locate the sendmail command for you by looking in
# common locations.
### SendmailCMD /usr/sbin/sendmail -t
# You need to remove BOTH of these 'Disabled' directives before using this
# configuration file. Please make sure you have read and understood everything
# in this file before using it in a live production environment!
Disabled True
# The <Process *> scope is commented out by default. It should be used with
# *EXTREME* care. If you do decide to use it, may I suggest that you run psmon
# in 'DryRun' mode by adding the 'DryRun' directive in this configuration
# file. READ THE DOCUMENTATION THOROUGHLY BEFORE ENABLING THIS FEATURE!!!
#<Process *>
# PctCpu 80
# PctMem 50
#</Process>
There is a list of all these processes but don't see clamd. I'm definitely not sure what to do here and am scared because of the warning to not use on production servers.
# I have included a set of commonly required processes. They are all vital
# services which must be running on all of my workstations and servers. It's
# a pretty good guess you'll want them to always be running too.
# Secure Shell Daemon
#<Process sshd>
# LogLevel LOG_CRITICAL
# SpawnCmd /sbin/service sshd restart
# PidFile /var/run/sshd.pid
# # Instances 30
# # PctCPU 90
#</Process>
# Cron Daemon
#<Process crond>
# spawncmd /sbin/service crond restart
# pidfile /var/run/crond.pid
#</Process>
# System Logger Daemon
#<Process syslogd>
# spawncmd /sbin/service syslog restart
# pidfile /var/run/syslogd.pid
#</Process>
-
- Forum User
- Posts: 29
- Joined: Mon Jan 12, 2009 2:31 pm
Re: HELP! clamd keeps stopping
I have been getting this problem too. I'm seeing this on a PLESK CentOS 5.2 installation with qmail-scanner/SA/ClamAV.
Once it's stopped working, if I run "service clamd status", I notice I've been getting an error message like this:
clamd dead but subsys locked
try that.... maybe we have the same problem?
I have narrowed the problem down to an issue with logrotate. It seems to happen every week for me exactly after the cron.daily is run and the logs are changed. However, perms are good and restarting the service brings it back online.
I've deleted a duplicate freshclam file in logrotate.d, set the perms on the freshclam log file to qscand but no luck. I've just changed the /etc/logrotate.d/clamav file to run "service clamd restart" instead of the killall command, but I'll have to wait for a week to know for sure.
Anyone have any ideas?
Once it's stopped working, if I run "service clamd status", I notice I've been getting an error message like this:
clamd dead but subsys locked
try that.... maybe we have the same problem?
I have narrowed the problem down to an issue with logrotate. It seems to happen every week for me exactly after the cron.daily is run and the logs are changed. However, perms are good and restarting the service brings it back online.
I've deleted a duplicate freshclam file in logrotate.d, set the perms on the freshclam log file to qscand but no luck. I've just changed the /etc/logrotate.d/clamav file to run "service clamd restart" instead of the killall command, but I'll have to wait for a week to know for sure.
Anyone have any ideas?
Re: HELP! clamd keeps stopping
Hi,
I find clamd stopped again and again.
If someone has psmon installed could you please post your configuration file?
Thanks!
I find clamd stopped again and again.
If someone has psmon installed could you please post your configuration file?
Thanks!
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: HELP! clamd keeps stopping
type:
psmon-config
or:
man psmon
psmon-config
or:
man psmon
Re: HELP! clamd keeps stopping
Hi,
I had listed the psmon.conf file above. Could you please tell me which processes to enable? I don't see clamd in there as a process...is there suppose to be a listing for it to keep it restarted?
I had listed the psmon.conf file above. Could you please tell me which processes to enable? I don't see clamd in there as a process...is there suppose to be a listing for it to keep it restarted?
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: HELP! clamd keeps stopping
ASL will set this up for you. Are you setting up psmon on your own without ASL?
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
Re: HELP! clamd keeps stopping
I don't have asl but only the clamd and spamassassin from atomic and wanted to be emailed when clamd stops running because it stops all the time and I cannot find when it is stopping.
-
- Forum User
- Posts: 29
- Joined: Mon Jan 12, 2009 2:31 pm
Re: HELP! clamd keeps stopping
http://atomicrocketturtle.com/forum/vie ... f=4&t=2842 , last post.modom46 wrote:I don't have asl but only the clamd and spamassassin from atomic and wanted to be emailed when clamd stops running because it stops all the time and I cannot find when it is stopping.
It won't email you but it will restart it for you.