Mailing List Archive

Am 09.11.2019 10:46, schrieb Frans de Boer:
> LS,
>
> I use several machines and found that most of the time the use of the
> 'clamav-daemon.socket' file only leads to a startup failure of clamd.
> Why is this file file in the first place? I ask this because clamd is
> already creating the socket - that is, when the socket was not created
> earlier.
>
> In my current configurations, I just disabled the
> clamav-clamonacc.socket file without problem.
>
> So, what is it's intended use?
>
> --- Frans.

Hi Frans,

the socket file is used for local communication with clamd. So clamdscan
can give scanjobs to clamd.
Also clamdtop can get info from clamd.

It is also possible to configure a TCP socket for remote (also local)
communication.

I don't know why you have 2 different sockets...
clamav-daemon.socket/clamav-clamonacc.socket?!

Do you use different config files for clamonacc and clamd?
Both should use the same socket. Clamonacc gives the jobs to clamd and
so needs the socket of clamd.

There is also an option FixStaleSocket which should handle your startup
problems.
But this is per default enabled and so might be disabled in your config.

If you run multiple clamd on one system each need to have a different
socket filename.

cu
Markus

_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

On 09-11-2019 14:39, Markus Kolb wrote:
> Am 09.11.2019 10:46, schrieb Frans de Boer:
>> LS,
>>
>> I use several machines and found that most of the time the use of the
>> 'clamav-daemon.socket' file only leads to a startup failure of clamd.
>> Why is this file file in the first place? I ask this because clamd is
>> already creating the socket - that is, when the socket was not created
>> earlier.
>>
>> In my current configurations, I just disabled the
>> clamav-clamonacc.socket file without problem.
>>
>> So, what is it's intended use?
>>
>> --- Frans.
>
> Hi Frans,
>
> the socket file is used for local communication with clamd. So
> clamdscan can give scanjobs to clamd.
> Also clamdtop can get info from clamd.
>
> It is also possible to configure a TCP socket for remote (also local)
> communication.
>
> I don't know why you have 2 different sockets...
> clamav-daemon.socket/clamav-clamonacc.socket?!
>
> Do you use different config files for clamonacc and clamd?
> Both should use the same socket. Clamonacc gives the jobs to clamd and
> so needs the socket of clamd.
>
> There is also an option FixStaleSocket which should handle your
> startup problems.
> But this is per default enabled and so might be disabled in your config.
>
> If you run multiple clamd on one system each need to have a different
> socket filename.
>
> cu
> Markus

I have a) clamav-daemon.service and b) clamav-daemon-socket (NOT
clamav-clamonacc.socket - sorry my mistake). c) would than be
clamav-clamonacc.service which uses the clamd.ctl socket to communicate
with clamd.

b) does start faster then a) which causes a) to fail - regardless the
implicit/explicit setting of the FixStaleSocket.

Removing b) from the a) service file is the only solution and avoids the
circular dependencies when using After= and/or Before= as well as Wants=
instead of Requires= directives.

Why making b) available in the first place? The socket is anyhow created
by clamd, and the b) file is only useful if there is some action
specified and the output is either another socket, other file or journal
output.

And no, I use one instance of clamd per system. Using the TCP socket
does not speed things up either ;). The latter is useful in
multiple-clients single-scan engine.

--- Frans


_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

On 11/9/19 2:46 AM, Frans de Boer wrote:
> LS,
>
> I use several machines and found that most of the time the use of the
> 'clamav-daemon.socket' file only leads to a startup failure of clamd.
> Why is this file file in the first place? I ask this because clamd is
> already creating the socket - that is, when the socket was not created
> earlier.
>
> In my current configurations, I just disabled the
> clamav-clamonacc.socket file without problem.
>
> So, what is it's intended use?
>
> --- Frans.

In the abstract, systemd .socket units are intended to avoid startup
load and/or consuming resources for services that do not run all the
time. They are generally only useful to services that start up quickly.
I started looking at the possibility of shipping it with the Fedora
package but decided that clamd does not meet these expectations. It has
a very long startup time and so systems almost always what it started
immediately so that it can respond quickly when needed. I would
recommend just dropping it.

--
Orion Poplawski
Manager of NWRA Technical Systems 720-772-5637
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane orion@nwra.com
Boulder, CO 80301 https://www.nwra.com/

For my install, I had multiple instances of clamd running (in order to have
different databases loaded for different purposes) and the systemd sockets
were throwing errors about other processes using them, which in turn caused
the additional instances of clamd service units to fail. However, the clamd
service units started perfectly fine when the socket units were removed
entirely since clamd creates the sockets if they're not present.

I'm not sure how those files get created, but it looks like it might be
from the SysV Generator for SystemD. The best bet is to remove the
/etc/init.d files and only use proper SystemD service unit files on
systemd-based OS.

The Unit file that works for me is below. It's deployed by Puppet so please
excuse the stuff inside <% %>. You could probably turn it into a SystemD
service template and use instances instead, but I had issues getting those
to be properly enabled inside SystemD and just went with separate service
definitions for each of my instances.

--Maarten

[Unit]
Description=Clam AntiVirus daemon <%= $service_name %>
Documentation=man:clamd(8) man:clamd.conf(5)
https://www.clamav.net/documents/
# Check for database existence
ConditionPathExistsGlob=/opt/clamav/share/<%= $service_name -%>/*.[hn]db

[Service]
ExecStart=/opt/clamav/clamav/sbin/clamd -c /opt/clamav/etc/<%=
$service_name -%>.conf --foreground=true

# Reload the database
ExecReload=/bin/kill -USR2 $MAINPID
StandardOutput=syslog
TimeoutStartSec=420

[Install]
WantedBy=multi-user.target




On Wed, Nov 13, 2019 at 11:41 PM Orion Poplawski <orion@nwra.com> wrote:

> On 11/9/19 2:46 AM, Frans de Boer wrote:
> > LS,
> >
> > I use several machines and found that most of the time the use of the
> > 'clamav-daemon.socket' file only leads to a startup failure of clamd.
> > Why is this file file in the first place? I ask this because clamd is
> > already creating the socket - that is, when the socket was not created
> > earlier.
> >
> > In my current configurations, I just disabled the
> > clamav-clamonacc.socket file without problem.
> >
> > So, what is it's intended use?
> >
> > --- Frans.
>
> In the abstract, systemd .socket units are intended to avoid startup
> load and/or consuming resources for services that do not run all the
> time. They are generally only useful to services that start up quickly.
> I started looking at the possibility of shipping it with the Fedora
> package but decided that clamd does not meet these expectations. It has
> a very long startup time and so systems almost always what it started
> immediately so that it can respond quickly when needed. I would
> recommend just dropping it.
>
> --
> Orion Poplawski
> Manager of NWRA Technical Systems 720-772-5637
> NWRA, Boulder/CoRA Office FAX: 303-415-9702
> 3380 Mitchell Lane orion@nwra.com
> Boulder, CO 80301 https://www.nwra.com/
>
>
> _______________________________________________
>
> clamav-users mailing list
> clamav-users@lists.clamav.net
> https://lists.clamav.net/mailman/listinfo/clamav-users
>
>
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>