clamav-daemon socket activation doesn't work
Task Info (Flyspray) | |
---|---|
Opened By | Neil Darlow (neildarlow) |
Task ID | 57669 |
Type | Bug Report |
Project | Arch Linux |
Category | Packages: Extra |
Version | None |
OS | All |
Opened | 2018-02-27 19:34:08 UTC |
Status | Assigned |
Assignee | Levente Polyak (anthraxx) |
Details
Description: The clamav-daemon service is configured with a dependency on a socket activation. This method of operation doesn't work and isn't recommended by the Clamav developers.
Additional info:
clamav-0.99.3-1
/etc/systemd/system/clamav-daemon.socket.d/override.conf [Socket] BindToDevice=tap0 ListenStream= ListenStream=192.168.1.1:3310
To explain the above. I run clamd to listen on a TUN/TAP interface at address 192.168.1.1. Multiple clients running a clamav-milter instance are on the 192.168.1.x/24 subnet. The BindToInterface assures that clamd only listens on that subnet and forces an After= dependency on the tap0 interface.
Examining the clamav-milter logfiles of the clients shows that no clamd servers are available at one minute intervals. Executing a systemctl status clamav-daemon.service returns the daemon being in a dead state due to a failed dependency. clamd does not run. Executing systemctl start clamav-daemon manually results in clamd starting and the clamav-milter clients then successfully connect.
Prior to the package update which introduced socket activation my use case worked. After the introduction of socket activation operation is broken.
Steps to reproduce:
- Put the above clamav-daemon.socket drop-in in place
- Execute systemctl enable clamav-freshclam.service
- Execute systemctl start clamav-freshclam.service and allow time for the databases to download
- Execute systemctl enable clamav-daemon.service (which also adds the clamav-daemon.socket symlink)
- Wait some time and observe that clamav-milter clients cannot connect to clamd and no clamd process is started
- Execute systemctl start clamav-daemon.service and note that operation proceeds as expected