- 追加された行はこの色です。
- 削除された行はこの色です。
#author("2019-01-23T10:25:20+09:00","default:kuji","kuji")
#author("2020-01-07T17:52:09+09:00","default:kuji","kuji")
#contents
*TCP port 10024 on 127.0.0.1 [Address already in use] [#k702993f]
2020年正月休みにあれこれ ports を upgrade した、ら、amavisd-new が起動しなくなったった。
(!)Net::Server: 2020/01/07-15:57:40 Can't connect to TCP port 10024 on 127.0.0.1 [Address already in use]\n at line 64
in file /usr/local/lib/perl5/site_perl/Net/Server/Proto/TCP.pm
1基のamavisd-newだけではなく、複数のサーバ機で発生したので、ちょっと焦る(^^ゞ
Clamav と併用して使用する場合、以前は amavisd-new のユーザ・グループを clamav:clamav にして、clamav との連携を図るコトになっていたのだが、どうやらそれが非推奨となった模様。
結果として amavisd-new のユーザ・グループは、ports のオリジナル設定の vscan:vscan として、clamav の側はroot:wheelとする事でこのエラーを回避出来ました。
/usr/ports/security/amavisd-new/Makefile
AMAVISUSER?= vscan
AMAVISGROUP?= vscan
# rm -r /var/amavis
# pkg delete amavisd-new-2.12.0,1
# portinstall security/amavisd-new
/usr/local/etc/amavisd.conf
$daemon_user = 'vscan'; # (no default; customary: vscan or amavis), -u
$daemon_group = 'vscan'; # (no default; customary: vscan or amavis), -g
/usr/local/etc/clamd.conf の206行目をコメントアウト
#User clamav
以上
*(!)_DIE: Suicide in child_init_hook: [#p5fe332f]
# portupgrade -fr --batch amavisd-new-2.11.1_1,1 && reboot
したところ、
(!)_DIE: Suicide in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY:
Fatal error, run database recovery, No such file or directory. at (eval 93) line 338.
というエラーログが延々でつづける・・・。
/usr/local/etc/amavisd.conf 338行めを
# ['doc', \&do_ole, 'ripole'],
/usr/local/etc/rc.d/amavisd restart
して、復活。 したかと思いきや・・・
(!)_DIE: register_proc: BDB N db_cursor: BDB0060 PANIC: fatal region error detected; run recovery, . at (eval 93) line 220.
(!!)TROUBLE in child_init_hook: BDB can't connect db env. at /var/amavis/db: BDB0087 DB_RUNRECOVERY:
Fatal error, run database recovery, No such file or directory. at (eval 93) line 338.
となった。
どうやら、古い2015年製w /usr/local/etc/amavisd.conf の設定ファイルの不整合のようなので、amavisd.conf.sample を amavisd.conf へリネームして以下を変更。
13c13
< # @bypass_spam_checks_maps = (1); # controls running of anti-spam code
---
> @bypass_spam_checks_maps = (1); # controls running of anti-spam code
20c20
< $mydomain = 'example.com'; # a convenient default for other settings
---
> $mydomain = 'smb.net'; # a convenient default for other settings
119c119
< $virus_admin = "virusalert\@$mydomain"; # notifications recip.
---
> # $virus_admin = "virusalert\@$mydomain"; # notifications recip.
382,391c382,391
< # ### http://www.clamav.net/
< # ['ClamAV-clamd',
< # \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
< # qr/\bOK$/m, qr/\bFOUND$/m,
< # qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
< # # NOTE: run clamd under the same user as amavisd - or run it under its own
< # # uid such as clamav, add user clamav to the amavis group, and then add
< # # AllowSupplementaryGroups to clamd.conf;
< # # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
< # # this entry; when running chrooted one may prefer a socket under $MYHOME.
---
> ### http://www.clamav.net/
> ['ClamAV-clamd',
> \&ask_daemon, ["CONTSCAN {}\n", "/var/run/clamav/clamd.sock"],
> qr/\bOK$/m, qr/\bFOUND$/m,
> qr/^.*?: (?!Infected Archive)(.*) FOUND$/m ],
> # NOTE: run clamd under the same user as amavisd - or run it under its own
> # uid such as clamav, add user clamav to the amavis group, and then add
> # AllowSupplementaryGroups to clamd.conf;
> # NOTE: match socket name (LocalSocket) in clamav.conf to the socket name in
> # this entry; when running chrooted one may prefer a socket under $MYHOME.
* (!!)TROUBLE in process_request: Can't create directory /var/amavis/tmp [#g298e22d]
Sep 1 00:13:11 guard amavis[23846]: (23846-01) (!!)TROUBLE in process_request: Can't create directory /var/amavis/tmp/amavis-20100901T001311-23846: Too many links at /usr/local/sbin/amavisd line 5291, <GEN14> line 2.
Sep 1 00:13:11 guard amavis[23846]: (23846-01) (!)Requesting process rundown after fatal error
Sep 1 00:13:11 guard amavis[23847]: (23847-01) (!!)TROUBLE in process_request: Can't create directory /var/amavis/tmp/amavis-20100901T001311-23847: Too many links at /usr/local/sbin/amavisd line 5291, <GEN14> line 2.
Sep 1 00:13:11 guard amavis[23847]: (23847-01) (!)Requesting process rundown after fatal error
Sep 1 00:13:11 guard amavis[23849]: (23849-01) (!!)TROUBLE in process_request: Can't create directory /var/amavis/tmp/amavis-20100901T001311-23849: Too many links at /usr/local/sbin/amavisd line 5291, <GEN14> line 2.
Sep 1 00:13:11 guard amavis[23849]: (23849-01) (!)Requesting process rundown after fatal error
111 5:50 mv tmp tmp-toomany
112 5:50 ll
113 5:50 mv tmp tmp tmp-toomany
114 5:51 mv -rp tmp tmp tmp-toomany
115 5:51 mv tmp tmp tmp-toomany
116 5:51 mv tmp tmp-toomany
117 5:54 mv -f tmp tmp-toomany
118 5:54 pwd
119 5:56 ll
120 5:56 cd tmp
121 5:57 ll
122 5:57 rm -r amavis-201004*
123 5:58 rm -r amavis-201005*
124 5:58 rm -r amavis-201006*
125 5:59 rm -r amavis-201007*
126 6:02 echo /var/virusmails/amavis-201007* | xargs rm
127 6:02 pwd
128 6:02 echo /usr/var/amavis/tmp/amavis-201007* | xargs rm
129 6:03 echo /usr/var/amavis/tmp/amavis-201007* | xargs rm -r
130 6:04 history
*amavis[59520]: (!!)TROUBLE in child_init_hook: BDB [#b1115f62]
http://city-rabbit.blogspot.com/2009/09/antivirus-scanner.html
2010年3月25日午前、メールサーバの挙動がおかしい。のに気づく。
Mar 25 04:55:51 hotshot postfix/anvil[5763]: statistics: max connection rate 2/60s for (smtp:116.74.160.186) at Mar 25 04:54:43
Mar 25 04:55:51 hotshot postfix/anvil[5763]: statistics: max connection count 2 for (smtp:173.49.95.140) at Mar 25 04:52:34
Mar 25 04:55:51 hotshot postfix/anvil[5763]: statistics: max cache size 3 at Mar 25 04:52:47
Mar 25 04:55:54 hotshot postfix/smtpd[5761]: connect from unknown[70.99.243.17]
Mar 25 04:56:24 hotshot postfix/smtpd[5761]: warning: 17.243.99.70.list.dsbl.org: RBL lookup error: Host or domain name not found. Name service error for name=17.243.99.70.list.dsbl.org type=A: Host not found, try again
Mar 25 04:56:24 hotshot postfix/smtpd[5761]: 681B456441: client=unknown[70.99.243.17]
Mar 25 04:56:28 hotshot postfix/cleanup[5817]: 681B456441: message-id=<20100324135552.dmcfphohtdbd@mx1.hotpinktrouttree.net>
Mar 25 04:56:28 hotshot postfix/qmgr[1323]: 681B456441: from=<Ashtonaic@hotpinktrouttree.net>, size=10163, nrcpt=1 (queue active)
Mar 25 04:56:31 hotshot postfix/smtpd[5761]: disconnect from unknown[70.99.243.17]
Mar 25 04:56:46 hotshot amavis[5853]: (!!)TROUBLE in child_init_hook: BDB no dbS: Lock table is out of available locker entries, . at (eval 97) line 27.
Mar 25 04:56:46 hotshot amavis[5853]: (!)_DIE: Suicide in child_init_hook: BDB no dbS: Lock table is out of available locker entries, . at (eval 97) line 27.
Mar 25 04:56:46 hotshot postfix/smtp[5850]: 681B456441: to=<swalter@smb.net>, relay=127.0.0.1[127.0.0.1]:10024, delay=46, delays=29/0.01/0.01/17, dsn=4.4.2, status=deferred (lost connection with 127.0.0.1[127.0.0.1] while sending end of data -- message may be sent more than once)
Mar 25 04:56:46 hotshot amavis[5855]: (!!)TROUBLE in child_init_hook: BDB no dbS: Lock table is out of available locker entries, . at (eval 97) line 27.
の様な始まりで、延々
Mar 25 11:18:01 hotshot amavis[46448]: (!!)TROUBLE in child_init_hook: BDB no dbS: Lock table is out of available locker entries, . at (eval 97) line 27.
Mar 25 11:18:01 hotshot amavis[46448]: (!)_DIE: Suicide in child_init_hook: BDB no dbS: Lock table is out of available locker entries, . at (eval 97) line 27.
Mar 25 11:18:01 hotshot amavis[46447]: (!!)TROUBLE in child_init_hook: BDB no dbS: Lock table is out of available locker entries, . at (eval 97) line 27.
Mar 25 11:18:01 hotshot amavis[46447]: (!)_DIE: Suicide in child_init_hook: BDB no dbS: Lock table is out of available locker entries, . at (eval 97) line 27.
頻発する・・・・
Mar 28 21:20:35 hotshot postfix/smtpd[34519]: 8D5995645C: client=bl16-146-28.dsl.telepac.pt[188.81.146.28]
Mar 28 21:20:36 hotshot postfix/cleanup[34532]: 8D5995645C: message-id=<20100328122035.8D5995645C@hotshot.smb.net>
Mar 28 21:20:36 hotshot postfix/qmgr[1325]: 8D5995645C: from=<iqiabyga8190@telepac.pt>, size=7454, nrcpt=1 (queue active)
Mar 28 21:20:37 hotshot postfix/smtpd[34519]: disconnect from bl16-146-28.dsl.telepac.pt[188.81.146.28]
Mar 28 21:20:50 hotshot amavis[34536]: (!!)TROUBLE in child_init_hook: BDB no dbS: Lock table is out of available locker entries, . at (eval 97) line 27.
Mar 28 21:20:50 hotshot amavis[34536]: (!)_DIE: Suicide in child_init_hook: BDB no dbS: Lock table is out of available locker entries, . at (eval 97) line 27.
ので、取り敢えず、
hotshot# portupgrade p5-BerkeleyDB-0.36
---> Upgrading 'p5-BerkeleyDB-0.36' to 'p5-BerkeleyDB-0.41' (databases/p5-BerkeleyDB)
---> Building '/usr/ports/databases/p5-BerkeleyDB'
===> Cleaning for p5-BerkeleyDB-0.41
=> BerkeleyDB-0.41.tar.gz doesn't seem to exist in /usr/ports/distfiles/.
=> Attempting to fetch from ftp://ftp.funet.fi/pub/languages/perl/CPAN/modules/by-module/BerkeleyDB/.
BerkeleyDB-0.41.tar.gz 100% of 180 kB 98 kBps
===> Extracting for p5-BerkeleyDB-0.41
hotshot# amavisd reload
Daemon [1101] terminated by SIGTERM, waiting for dust to settle...
becoming a new daemon...
hotshot#
してみる。
それでも、トラブル。ので、
http://www.mail-archive.com/amavis-user@lists.sourceforge.net/msg14610.html
あたりをみて、db4 をインストールして、DB_CONFIG のサンプルを手に入れる。
164 13:48 locate db4
165 13:49 portinstall databases/db4
166 13:52 rehash
hotshot# portinstall databases/db48
/var/amavis/db/DB_CONFIG
# $OpenLDAP: pkg/ldap/servers/slapd/DB_CONFIG,v 1.3.2.4 2007/12/18 11:53:27 ghenry Exp $
# Example DB_CONFIG file for use with slapd(8) BDB/HDB databases.
#
# See the Oracle Berkeley DB documentation
# <http://www.oracle.com/technology/documentation/berkeley-db/db/ref/env/db_config.html>
# for detail description of DB_CONFIG syntax and semantics.
#
# Hints can also be found in the OpenLDAP Software FAQ
# <http://www.openldap.org/faq/index.cgi?file=2>
# in particular:
# <http://www.openldap.org/faq/index.cgi?file=1075>
# Note: most DB_CONFIG settings will take effect only upon rebuilding
# the DB environment.
# one 0.25 GB cache
set_cachesize 0 268435456 1
# Data Directory
#set_data_dir db
#http://wiki.zimbra.com/index.php?title=OpenLDAP_Performance_Tuning_6.0#Berkeley_DB_DB_CONFIG_tuning
set_lk_max_locks 3000
set_lk_max_objects 1500
set_lk_max_lockers 1500
# Transaction Log settings
set_lg_regionmax 262144
set_lg_bsize 2097152
#set_lg_dir logs
# Note: special DB_CONFIG flags are no longer needed for "quick"
# slapadd(8) or slapindex(8) access (see their -q option).
Apr 6 15:28:20 hotshot amavis[1114]: Module Razor2::Client::Version 2.84
Apr 6 15:28:20 hotshot amavis[1114]: Module Socket6 0.23
Apr 6 15:28:20 hotshot amavis[1114]: Module Time::HiRes 1.9719
Apr 6 15:28:20 hotshot amavis[1114]: Module URI 1.37
Apr 6 15:28:20 hotshot amavis[1114]: Module Unix::Syslog 1.1
Apr 6 15:28:20 hotshot amavis[1114]: Amavis::DB code loaded
Apr 6 15:28:20 hotshot amavis[1114]: Amavis::Cache code loaded
Apr 6 15:28:20 hotshot amavis[1114]: SQL base code NOT loaded
Apr 6 15:28:20 hotshot amavis[1114]: SQL::Log code NOT loaded
Apr 6 15:28:20 hotshot amavis[1114]: SQL::Quarantine NOT loaded
Apr 6 15:28:20 hotshot amavis[1114]: Lookup::SQL code NOT loaded
Apr 6 15:28:20 hotshot amavis[1114]: Lookup::LDAP code NOT loaded
Apr 6 15:28:20 hotshot amavis[1114]: AM.PDP-in proto code loaded
Apr 6 15:28:20 hotshot amavis[1114]: SMTP-in proto code loaded
Apr 6 15:28:20 hotshot amavis[1114]: Courier proto code NOT loaded
Apr 6 15:28:20 hotshot amavis[1114]: SMTP-out proto code loaded
Apr 6 15:28:20 hotshot amavis[1114]: Pipe-out proto code NOT loaded
Apr 6 15:28:20 hotshot amavis[1114]: BSMTP-out proto code NOT loaded
Apr 6 15:28:20 hotshot amavis[1114]: Local-out proto code loaded
Apr 6 15:28:20 hotshot amavis[1114]: OS_Fingerprint code NOT loaded
Apr 6 15:28:20 hotshot amavis[1114]: ANTI-VIRUS code loaded
Apr 6 15:28:20 hotshot amavis[1114]: ANTI-SPAM code loaded
Apr 6 15:28:20 hotshot amavis[1114]: ANTI-SPAM-EXT code NOT loaded
Apr 6 15:28:20 hotshot amavis[1114]: ANTI-SPAM-C code NOT loaded
Apr 6 15:28:20 hotshot amavis[1114]: ANTI-SPAM-SA code loaded
Apr 6 15:28:20 hotshot amavis[1114]: Unpackers code loaded
Apr 6 15:28:20 hotshot amavis[1114]: DKIM code loaded
Apr 6 15:28:20 hotshot amavis[1114]: Tools code NOT loaded
Apr 6 15:28:20 hotshot amavis[1114]: Found $file at /usr/local/bin/file
Apr 6 15:28:20 hotshot amavis[1114]: No $altermime, not using it
Apr 6 15:28:20 hotshot amavis[1114]: Internal decoder for .mail
Apr 6 15:28:20 hotshot amavis[1114]: Internal decoder for .asc
Apr 6 15:28:20 hotshot amavis[1114]: Internal decoder for .uue
Apr 6 15:28:20 hotshot amavis[1114]: Internal decoder for .hqx
Apr 6 15:28:20 hotshot amavis[1114]: Internal decoder for .ync
Apr 6 15:28:20 hotshot amavis[1114]: Found decoder for .F at /usr/local/bin/unfreeze
Apr 6 15:28:20 hotshot amavis[1114]: Found decoder for .Z at /usr/bin/uncompress
Apr 6 15:28:20 hotshot amavis[1114]: Found decoder for .gz at /usr/bin/gzip -d
Apr 6 17:00:44 hotshot amavis[1113]: Amavis::Cache code loaded
Apr 6 17:00:44 hotshot amavis[1113]: SQL base code NOT loaded
Apr 6 17:00:44 hotshot amavis[1113]: SQL::Log code NOT loaded
Apr 6 17:00:44 hotshot amavis[1113]: SQL::Quarantine NOT loaded
Apr 6 17:00:44 hotshot amavis[1113]: Lookup::SQL code NOT loaded
Apr 6 17:00:44 hotshot amavis[1113]: Lookup::LDAP code NOT loaded
Apr 6 17:00:44 hotshot amavis[1113]: AM.PDP-in proto code loaded
Apr 6 17:00:44 hotshot amavis[1113]: SMTP-in proto code loaded
Apr 6 17:00:44 hotshot amavis[1113]: Courier proto code NOT loaded
Apr 6 17:00:44 hotshot amavis[1113]: SMTP-out proto code loaded
Apr 6 17:00:44 hotshot amavis[1113]: Pipe-out proto code NOT loaded
Apr 6 17:00:44 hotshot amavis[1113]: BSMTP-out proto code NOT loaded
Apr 6 17:00:44 hotshot amavis[1113]: Local-out proto code loaded
Apr 6 17:00:44 hotshot amavis[1113]: OS_Fingerprint code NOT loaded
Apr 6 17:00:44 hotshot amavis[1113]: ANTI-VIRUS code loaded
Apr 6 17:00:44 hotshot amavis[1113]: ANTI-SPAM code loaded
Apr 6 17:00:44 hotshot amavis[1113]: ANTI-SPAM-EXT code NOT loaded
Apr 6 17:00:44 hotshot amavis[1113]: ANTI-SPAM-C code NOT loaded
Apr 6 17:00:44 hotshot amavis[1113]: ANTI-SPAM-SA code loaded
Apr 6 17:00:44 hotshot amavis[1113]: Unpackers code loaded
Apr 6 17:00:44 hotshot amavis[1113]: DKIM code loaded
Apr 6 17:00:44 hotshot amavis[1113]: Tools code NOT loaded
Apr 6 17:00:44 hotshot amavis[1113]: Found $file at /usr/local/bin/file
Apr 6 17:00:44 hotshot amavis[1113]: No $altermime, not using it
Apr 6 17:00:44 hotshot amavis[1113]: Internal decoder for .mail