Exim paniclog has non-zero size

bomla · August 29, 2023, 7:48am

Hello

Last week I increased one extra CPU to my VPS, and since then I’m getting the below email daily at 12:06 AM

exim paniclog /var/log/exim4/paniclog on mydomain.com has non-zero size, mail system might be broken. Up to 10 lines are quoted below.

2023-08-18 19:56:29 1qX2lx-0000k0-Bd malware acl condition: clamd /var/run/clamav/clamd.ctl : unable to connect to UNIX socket (/var/run/clamav/clamd.ctl): No such file or directory

Here’s the troubleshooting I did:
• Stopped clamav

• rm /var/log/clamav/freshclam.log

• Started clamav
Active, (running)

• sudo freshclam
Mon Aug 28 10:00:48 2023 → ClamAV update process started at Mon Aug 28 10:00:48 2023
Mon Aug 28 10:00:48 2023 → daily.cld database is up-to-date (version: 27013, sigs: 2040037, f-level: 90, builder: raynman)
Mon Aug 28 10:00:48 2023 → main.cvd database is up-to-date (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
Mon Aug 28 10:00:48 2023 → bytecode.cld database is up-to-date (version: 334, sigs: 91, f-level: 90, builder: anvilleg)

However sometimes I run sudo freshclam and I get this message

ERROR: /var/log/clamav/freshclam.log is locked by another process
ERROR: Problem with internal logger (UpdateLogFile = /var/log/clamav/freshclam.log).ERROR: initialize: libfreshclam init failed.
ERROR: Initialization error!

Then I ran lsof | grep freshclam, but I’m not sure which process to kill

freshclam 1003 clamav cwd freshclam 1003 clamav rtd freshclam 1003 clamav txt freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav mem freshclam 1003 clamav 0r freshclam 1003 clamav 1u freshclam 1003 clamav 2u freshclam 1003 clamav 3wW DIR 8,1 4096 1300404 /var/lib/clamav
DIR 8,1 4096 2 /
REG 8,1 38872 5896 /usr/bin/freshclam
REG 8,1 22776 22082 /usr/lib/aarch64-linux-gnu/libnss_dns-2.31.so
REG 8,1 239864 5875 /usr/lib/aarch64-linux-gnu/libnss_systemd.so.2
REG 8,1 51616 22083 /usr/lib/aarch64-linux-gnu/libnss_files-2.31.so
REG 8,1 198584 3384 /usr/lib/aarch64-linux-gnu/libcrypt.so.1.1.0
REG 8,1 1188160 3343 /usr/lib/aarch64-linux-gnu/libsqlite3.so.0.8.6
REG 8,1 300456 9087 /usr/lib/aarch64-linux-gnu/libhx509.so.5.0.0
REG 8,1 60256 7042 /usr/lib/aarch64-linux-gnu/libheimbase.so.1.0.0
REG 8,1 165816 3329 /usr/lib/aarch64-linux-gnu/libwind.so.0.0.0
REG 8,1 35144 3408 /usr/lib/aarch64-linux-gnu/libffi.so.7.1.0
REG 8,1 88696 3742 /usr/lib/aarch64-linux-gnu/libroken.so.18.1.0
REG 8,1 221336 3335 /usr/lib/aarch64-linux-gnu/libhcrypto.so.4.1.0
REG 8,1 611320 2246 /usr/lib/aarch64-linux-gnu/libasn1.so.8.0.0
REG 8,1 572720 7340 /usr/lib/aarch64-linux-gnu/libkrb5.so.26.0.0
REG 8,1 39376 9086 /usr/lib/aarch64-linux-gnu/libheimntlm.so.0.1.0
REG 8,1 18280 4512 /usr/lib/aarch64-linux-gnu/libkeyutils.so.1.8
REG 8,1 75704 3767 /usr/lib/aarch64-linux-gnu/libtasn1.so.6.6.0
REG 8,1 1293912 3428 /usr/lib/aarch64-linux-gnu/libp11-kit.so.0.3.0
REG 8,1 133392 4744 /usr/lib/aarch64-linux-gnu/libbrotlicommon.so.1.0.7
REG 8,1 257344 7023 /usr/lib/aarch64-linux-gnu/libgssapi.so.3.0.0
REG 8,1 109312 5757 /usr/lib/aarch64-linux-gnu/libsasl2.so.2.0.25
REG 8,1 51800 3125 /usr/lib/aarch64-linux-gnu/libkrb5support.so.0.1
REG 8,1 14184 2444 /usr/lib/aarch64-linux-gnu/libcom_err.so.2.1
REG 8,1 182608 3726 /usr/lib/aarch64-linux-gnu/libk5crypto.so.3.1
REG 8,1 876592 7072 /usr/lib/aarch64-linux-gnu/libkrb5.so.3.3
REG 8,1 489776 4760 /usr/lib/aarch64-linux-gnu/libgmp.so.10.4.0
REG 8,1 219232 3827 /usr/lib/aarch64-linux-gnu/libnettle.so.7.0
REG 8,1 219912 3399 /usr/lib/aarch64-linux-gnu/libhogweed.so.5.0
REG 8,1 1959152 9349 /usr/lib/aarch64-linux-gnu/libgnutls.so.30.27.0
REG 8,1 1542072 3771 /usr/lib/aarch64-linux-gnu/libunistring.so.2.1.0
REG 8,1 80200 20280 /usr/lib/aarch64-linux-gnu/libgcc_s.so.1
REG 8,1 1907976 3752 /usr/lib/aarch64-linux-gnu/libstdc++.so.6.0.28
REG 8,1 28042880 3845 /usr/lib/aarch64-linux-gnu/libicudata.so.66.1
REG 8,1 43088 4745 /usr/lib/aarch64-linux-gnu/libbrotlidec.so.1.0.7
REG 8,1 59496 3009 /usr/lib/aarch64-linux-gnu/liblber-2.4.so.2.10.12
REG 8,1 326904 3010 /usr/lib/aarch64-linux-gnu/libldap_r-2.4.so.2.10.12
REG 8,1 293072 6168 /usr/lib/aarch64-linux-gnu/libgssapi_krb5.so.2.2
REG 8,1 67352 4704 /usr/lib/aarch64-linux-gnu/libpsl.so.5.3.2
REG 8,1 433304 4498 /usr/lib/aarch64-linux-gnu/libssh.so.4.8.4
REG 8,1 113440 4782 /usr/lib/aarch64-linux-gnu/librtmp.so.1
REG 8,1 128872 3709 /usr/lib/aarch64-linux-gnu/libidn2.so.0.3.7
REG 8,1 157808 2064 /usr/lib/aarch64-linux-gnu/libnghttp2.so.14.19.0
REG 8,1 145648 2272 /usr/lib/aarch64-linux-gnu/liblzma.so.5.2.4
REG 8,1 1943712 3850 /usr/lib/aarch64-linux-gnu/libicuuc.so.66.1
REG 8,1 14528 22077 /usr/lib/aarch64-linux-gnu/libdl-2.31.so
REG 8,1 564864 12582 /usr/lib/aarch64-linux-gnu/libssl.so.1.1
REG 8,1 551264 9282 /usr/lib/aarch64-linux-gnu/libcurl.so.4.6.0
REG 8,1 80584 22089 /usr/lib/aarch64-linux-gnu/libresolv-2.31.so
REG 8,1 514520 3715 /usr/lib/aarch64-linux-gnu/libpcre2-8.so.0.10.4
REG 8,1 268136 44945 /usr/lib/aarch64-linux-gnu/libtfm.so.1.0.0
REG 8,1 629704 22078 /usr/lib/aarch64-linux-gnu/libm-2.31.so
REG 8,1 104608 3242 /usr/lib/aarch64-linux-gnu/libz.so.1.2.11
REG 8,1 2600672 12575 /usr/lib/aarch64-linux-gnu/libcrypto.so.1.1
REG 8,1 71560 44939 /usr/lib/aarch64-linux-gnu/libmspack.so.0.1.0
REG 8,1 1712848 4954 /usr/lib/aarch64-linux-gnu/libxml2.so.2.9.12
REG 8,1 39144 4796 /usr/lib/aarch64-linux-gnu/libltdl.so.7.3.1
REG 8,1 70504 3421 /usr/lib/aarch64-linux-gnu/libbz2.so.1.0.4
REG 8,1 63568 3822 /usr/lib/aarch64-linux-gnu/libjson-c.so.4.0.0
REG 8,1 1450736 22076 /usr/lib/aarch64-linux-gnu/libc-2.31.so
REG 8,1 158008 22088 /usr/lib/aarch64-linux-gnu/libpthread-2.31.so
REG 8,1 211048 4362 /usr/lib/aarch64-linux-gnu/libfreshclam.so.2.0.1
REG 8,1 1939768 4341 /usr/lib/aarch64-linux-gnu/libclamav.so.9.0.5
REG 8,1 146320 22072 /usr/lib/aarch64-linux-gnu/ld-2.31.so
CHR 1,3 0t0 6 /dev/null
unix 0xffff0000c5260440 0t0 24639 type=STREAM
unix 0xffff0000c5260440 0t0 24639 type=STREAM
REG 8,1 20253 1296670 /var/log/clamav/freshclam.log (deleted)

sahsanu · August 29, 2023, 7:59am

If you only get that error from 18th August then maybe it was just a one time error and you could empty paniclog so you won’t receive daily messages (at least till a new paniclog error).

To empty paniclog file:
> /var/log/exim4/paniclog