[SOLVED] Proxmox mail gateway Clamav error

J

jmaitra

Member
Oct 4, 2020
24
7
23
I successfully setup PMG on a Debian 10 and got it running so far.

First, clamav-freshclam failed so I removed apparmor service (as explained in the forum) and rebooted the machine. Now clamav-freshclam works fine but the clamav-daemon stops after about 30 seconds with the following error message

Oct 04 11:23:01 mars.maitra.biz systemd[1]: Starting Clam AntiVirus userspace daemon...
Oct 04 11:23:01 mars.maitra.biz systemd[1]: Started Clam AntiVirus userspace daemon.
Oct 04 11:23:01 mars.maitra.biz clamd[830]: Received 0 file descriptor(s) from systemd.
Oct 04 11:23:01 mars.maitra.biz clamd[830]: clamd daemon 0.102.4 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Oct 04 11:23:01 mars.maitra.biz clamd[830]: Running as user clamav (UID 109, GID 116)
Oct 04 11:23:01 mars.maitra.biz clamd[830]: Log file size limited to 4294967295 bytes.
Oct 04 11:23:01 mars.maitra.biz clamd[830]: Reading databases from /var/lib/clamav/
Oct 04 11:23:01 mars.maitra.biz clamd[830]: Not loading PUA signatures.
Oct 04 11:23:01 mars.maitra.biz clamd[830]: Bytecode: Security mode set to "TrustSigned".
Oct 04 11:23:45 mars.maitra.biz systemd[1]: clamav-daemon.service: Main process exited, code=killed, status=9/KILL
Oct 04 11:23:45 mars.maitra.biz systemd[1]: clamav-daemon.service: Failed with result 'signal'.
Oct 04 11:32:45 mars.maitra.biz systemd[1]: Starting Clam AntiVirus userspace daemon...
Oct 04 11:32:45 mars.maitra.biz mkdir[5222]: /bin/mkdir: cannot create directory â/run/clamavâ: File exists
Oct 04 11:32:45 mars.maitra.biz systemd[1]: Started Clam AntiVirus userspace daemon.
Oct 04 11:33:19 mars.maitra.biz systemd[1]: clamav-daemon.service: Main process exited, code=killed, status=9/KILL
Oct 04 11:33:19 mars.maitra.biz systemd[1]: clamav-daemon.service: Failed with result 'signal'.

Reinstall apparmor didn't fix the problem.

Any help would be greatly appreciated. Many thanks in advance
Jens
 
does the system have enough memory?
please post the output of:
* `dmesg`
* the content of the logfiles in '/var/log/clamav'
 
Thanks for the fast reply. It seems that you are right - there is an out "of memory-error".


[81472.533565] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/system.slice/clamav-daemon.service,task=clamd,pid=15850,uid=109

[81472.533583] Out of memory: Killed process 15850 (clamd) total-vm:1363408kB, anon-rss:1271548kB, file-rss:0kB, shmem-rss:0kB, UID:109 pgtables:2624kB oom_score_adj:0

[81472.688651] oom_reaper: reaped process 15850 (clamd), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB


But I only use about 40% of the available memory (see attached snapshot).
 

Attachments

  • 2020-10-05_10h34_48.png
    2020-10-05_10h34_48.png
    13.4 KB · Views: 10
How much memory does the PMG installation have assigned?

4g should work fine in the default setup
 
* anything interesting in the clamav logs during the time when the OOM kill happened?
* if you can easily reproduce the issue it would be great if you could keep an eye on `htop` and see which processes eat up the memory.

Thanks
 
Stoiko,

thank you for your response. The issue is easily reproducable by starting clamav-daemon

# systemctl start clamav-daemon

analysis results with "htop":
clamd - process uses consumes all cpu-ressources
clamd - process uses consumes all memory ressources
after 20 seconds it will be killed by OOM

CLAMAV logs in /var/log/clamav remain empty


Best regards
Jens
 
jmaitra said:
thank you for your response. The issue is easily reproducable by starting clamav-daemon
Click to expand...
hmm - do you have PMG running inside a VM or a container? (tried reproducing the issue here with a debian container having 2G and the issue does not occur)
* do you have any additional signatures (or other config modifications for clamAV)?

Thanks!
 
I installed based on a debian 10 VM (1 vcpu, 2 GB RAM, 40GB SSD) i ordered at NETCUP GmbH

First I changed the hostname, afterwards, i changed /etc/apt/sources.list (due to test-evironment without subscription) and then

apt install proxmox-mailgateway

That's it (finally i only removed apparmor for getting clamav-freshclam started)
 
Ok - managed to reproduce this here - seems clamav has gotten a bit more memory-hungry since we last updated the docs/specs (will send a patch)

The setup works with 2GB ram, if you have some swap-space available (1G should be enough)
also 3GB should be enough to get clamav started

I hope this helps!
 
I added 2GB of swapspace and configured clamav-daemon to a maximum of 30%cpu and 384mBytes of RAM

  • vi etc/systemd/system/clamav-daemon.service.d/extend.conf

    IOSchedulingPriority = 7
    CPUSchedulingPolicy = 5
    MemoryLimit=384M
    CPUQuota=30%
    Nice = 19

all services are running so far :)

Thank you for your great support !
 
  • Like
Reactions: Stoiko Ivanov
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom