Das hat mir zumindest erst einmal ein Stück weitergeholfen, Danke Dir
Nun kann ich das Problem mit ClamAV nicht nachvollziehen: Hier ein Auszug aus den Logs bevor gar nicht funktioniert hat:
Code: Select all
Mon Oct 4 19:37:57 2021 -> Reading databases from /var/lib/clamav
Mon Oct 4 19:38:21 2021 -> Database correctly reloaded (8712782 signatures)
Mon Oct 4 19:38:21 2021 -> Activating the newly loaded database...
Mon Oct 4 20:38:22 2021 -> SelfCheck: Database modification detected. Forcing reload.
Mon Oct 4 20:38:22 2021 -> Reading databases from /var/lib/clamav
Mon Oct 4 20:38:46 2021 -> Database correctly reloaded (8712998 signatures)
Mon Oct 4 20:38:46 2021 -> Activating the newly loaded database...
Mon Oct 4 21:38:46 2021 -> SelfCheck: Database modification detected. Forcing reload.
Mon Oct 4 21:38:46 2021 -> Reading databases from /var/lib/clamav
Mon Oct 4 21:39:07 2021 -> ERROR: reload_th: Database load failed: Malformed database
Mon Oct 4 21:39:11 2021 -> WARNING: Database reload failed, keeping the previous instance
Mon Oct 4 22:39:04 2021 -> SelfCheck: Database modification detected. Forcing reload.
Mon Oct 4 22:39:04 2021 -> Reading databases from /var/lib/clamav
Mon Oct 4 22:39:24 2021 -> Database correctly reloaded (8713027 signatures)
Mon Oct 4 22:39:24 2021 -> Activating the newly loaded database...
Mon Oct 4 23:39:25 2021 -> SelfCheck: Database modification detected. Forcing reload.
Mon Oct 4 23:39:25 2021 -> Reading databases from /var/lib/clamav
Mon Oct 4 23:39:40 2021 -> ERROR: reload_th: Database load failed: Malformed database
Mon Oct 4 23:39:43 2021 -> WARNING: Database reload failed, keeping the previous instance
Tue Oct 5 00:39:43 2021 -> SelfCheck: Database modification detected. Forcing reload.
Tue Oct 5 00:39:43 2021 -> Reading databases from /var/lib/clamav
Tue Oct 5 00:39:59 2021 -> ERROR: reload_th: Database load failed: Malformed database
Tue Oct 5 00:40:02 2021 -> WARNING: Database reload failed, keeping the previous instance
Tue Oct 5 01:00:21 2021 -> Reading databases from /var/lib/clamav
Tue Oct 5 01:00:28 2021 -> ERROR: reload_th: Database load failed: Malformed database
Dann hatte ich den Server gestern neu gestartet und dann kommt das:
Code: Select all
....
Wed Oct 13 08:47:16 2021 -> SelfCheck: Database modification detected. Forcing reload.
Wed Oct 13 08:47:16 2021 -> Reading databases from /var/lib/clamav
Wed Oct 13 08:47:36 2021 -> Database correctly reloaded (8719659 signatures)
Wed Oct 13 08:47:36 2021 -> Activating the newly loaded database...
[b]Wed Oct 13 09:32:57 2021 -> --- Stopped at Wed Oct 13 09:32:57 2021
Wed Oct 13 09:32:57 2021 -> Socket file removed.
Wed Oct 13 09:34:01 2021 -> +++ Started at Wed Oct 13 09:34:01 2021[/b]
Wed Oct 13 09:34:02 2021 -> Received 0 file descriptor(s) from systemd.
Wed Oct 13 09:34:02 2021 -> clamd daemon 0.103.3 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64)
Wed Oct 13 09:34:02 2021 -> Log file size limited to 4294967295 bytes.
Wed Oct 13 09:34:02 2021 -> Reading databases from /var/lib/clamav
Wed Oct 13 09:34:02 2021 -> Not loading PUA signatures.
Wed Oct 13 09:34:02 2021 -> Bytecode: Security mode set to "TrustSigned".
Wed Oct 13 09:34:23 2021 -> Loaded 8719659 signatures.
Wed Oct 13 09:34:27 2021 -> LOCAL: Unix socket file /var/run/clamav/clamd.ctl
Wed Oct 13 09:34:27 2021 -> LOCAL: Setting connection queue length to 15
Wed Oct 13 09:34:27 2021 -> Limits: Global time limit set to 120000 milliseconds.
Wed Oct 13 09:34:27 2021 -> Limits: Global size limit set to 104857600 bytes.
Wed Oct 13 09:34:27 2021 -> Limits: File size limit set to 26214400 bytes.
Wed Oct 13 09:34:27 2021 -> Limits: Recursion level limit set to 16.
Wed Oct 13 09:34:27 2021 -> Limits: Files limit set to 10000.
Wed Oct 13 09:34:27 2021 -> Limits: MaxEmbeddedPE limit set to 10485760 bytes.
Wed Oct 13 09:34:27 2021 -> Limits: MaxHTMLNormalize limit set to 10485760 bytes.
Wed Oct 13 09:34:27 2021 -> Limits: MaxHTMLNoTags limit set to 2097152 bytes.
Wed Oct 13 09:34:27 2021 -> Limits: MaxScriptNormalize limit set to 5242880 bytes.
Wed Oct 13 09:34:27 2021 -> Limits: MaxZipTypeRcg limit set to 1048576 bytes.
Wed Oct 13 09:34:27 2021 -> Limits: MaxPartitions limit set to 50.
....
Habe jetzt gerade noch einmal ClamAV aus dem Admin Panel gestartet:
Code: Select all
[14-Oct-2021 08:16:01] INFO --> start av scanner
[14-Oct-2021 08:16:38] ERROR --> av scanner failed: "Abort, anti virus scanner failed."
[14-Oct-2021 08:16:38] INFO --> av scanner report:
------------- AV SCAN --------------
Start: 2021-10-14 08:16:01
---------- SCAN LOCATIONS ----------
/home/users
/tmp
/var/tmp
------ UPDATE VIRUS DATABASE -------
Start: 2021-10-14 08:16:01
End: 2021-10-14 08:16:32
Status: Success
--------------- END ----------------
End: 2021-10-14 08:16:38
Status: Abort, anti virus scanner failed.
====
/var/log/clamav
Code: Select all
Thu Oct 14 08:16:17 2021 -> Reading databases from /var/lib/clamav
Thu Oct 14 08:16:38 2021 -> Database correctly reloaded (8718758 signatures)
Thu Oct 14 08:16:38 2021 -> Activating the newly loaded database...
Thu Oct 14 08:18:01 2021 -> Reading databases from /var/lib/clamav
Thu Oct 14 08:18:23 2021 -> Database correctly reloaded (8712828 signatures)
Thu Oct 14 08:18:23 2021 -> Activating the newly loaded database...
Was mir hier halt auffällt das ne Socketdatei fehlen soll? Ich habe seit ich Keyhelp installiert habe nichts verändert, außer fleißig die Updates von Debian eingespielt, und natürlich die von KeyHelp
Ich hoffe das irgendwer was damit anfangen kann, denn ich weiß echt nicht was das Problem von ClamAV ist :/