アクティブにして起動し、再び触れることなく終了できるように、持続可能なClamAVオンアクセス検索システムサービスを作成しました。
サービスを手動で開始でき、正常に実行されます。ただし、期待どおりにログインした後は自動的に起動しません。どちらの場合も、アクティブなネットワーク接続はありません。
次のログ出力(投稿の最後の出力セクションにあります)が手がかりになる可能性があると思います。
rc.local[1188]: ERROR: ClamClient: could not connect to remote clam daemon, Couldn't connect to server
rc.local[1188]: ERROR: Clamonacc: daemon is local, but a connection could not be established
しかし、サービスを手動で開始することはできますが、自動的に起動できない理由はまだ理解されていません。
システムメッセージ
$ uname -a
Linux debian 4.19.0-12-amd64 #1 SMP Debian 4.19.152-1 (2020-10-18) x86_64 GNU/Linux
rc-local.serviceファイル
$ sudo cat /etc/systemd/system/rc-local.service
[Unit]
Description=ClamAV On-Access Scanner
ConditionPathExists=/etc/rc.local
[Service]
Type=forking
User=root
Require=network.target
RemainAfterExit=yes
ExecStart=/etc/rc.local start
TimeoutSec=200
Restart=on-failure
StartLimitInterval=10
[Install]
WantedBy=multi-user.target
rc.localスクリプト
$ sudo cat /etc/rc.local
#!/bin/sh -e
/usr/bin/clamonacc --log=/var/log/clamav/clamonacc.log
exit 0
ログイン後のステータス
● rc-local.service - ClamAV On-Access Scanner
Loaded: loaded (/etc/systemd/system/rc-local.service; enabled; vendor preset: enabled)
Drop-In: /lib/systemd/system/rc-local.service.d
└─debian.conf
Active: failed (Result: exit-code) since Wed 2020-10-21 08:06:33 BST; 12min ago
Process: 1483 ExecStart=/etc/rc.local start (code=exited, status=2)
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 5.
Oct 21 08:06:33 debian systemd[1]: Stopped ClamAV On-Access Scanner.
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Start request repeated too quickly.
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 08:06:33 debian systemd[1]: Failed to start ClamAV On-Access Scanner.
サービスを手動で開始した後の状態
● rc-local.service - ClamAV On-Access Scanner
Loaded: loaded (/etc/systemd/system/rc-local.service; enabled; vendor preset: enabled)
Drop-In: /lib/systemd/system/rc-local.service.d
└─debian.conf
Active: active (running) since Wed 2020-10-21 08:23:04 BST; 52s ago
Process: 7171 ExecStart=/etc/rc.local start (code=exited, status=0/SUCCESS)
Main PID: 7173 (clamonacc)
Tasks: 8 (limit: 4915)
Memory: 2.6M
CGroup: /system.slice/rc-local.service
└─7173 /usr/bin/clamonacc --log=/var/log/clamav/clamonacc.log
Oct 21 08:23:04 debian systemd[1]: Starting ClamAV On-Access Scanner...
Oct 21 08:23:04 debian systemd[1]: Started ClamAV On-Access Scanner.
雑誌
$ sudo journalctl | grep rc-local
Oct 21 08:06:22 debian systemd[1]: /etc/systemd/system/rc-local.service:7: Unknown lvalue 'Require' in section 'Service', ignoring
Oct 21 08:06:31 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 08:06:31 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 08:06:31 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 08:06:31 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 1.
Oct 21 08:06:31 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 08:06:31 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 2.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 3.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 4.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 5.
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Start request repeated too quickly.
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
$ sudo journalctl | grep rc.local
Oct 21 13:47:57 debian rc.local[1097]: ERROR: ClamClient: could not connect to remote clam daemon, Couldn't connect to server
Oct 21 13:47:57 debian rc.local[1097]: ERROR: Clamonacc: daemon is local, but a connection could not be established
Oct 21 13:47:57 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 13:47:57 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 13:47:57 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 13:47:57 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 1.
Oct 21 13:47:57 debian rc.local[1188]: ERROR: ClamClient: could not connect to remote clam daemon, Couldn't connect to server
Oct 21 13:47:57 debian rc.local[1188]: ERROR: Clamonacc: daemon is local, but a connection could not be established
Oct 21 13:47:57 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 13:47:57 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 2.
Oct 21 13:47:58 debian rc.local[1361]: ERROR: ClamClient: could not connect to remote clam daemon, Couldn't connect to server
Oct 21 13:47:58 debian rc.local[1361]: ERROR: Clamonacc: daemon is local, but a connection could not be established
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 3.
Oct 21 13:47:58 debian rc.local[1372]: ERROR: ClamClient: could not connect to remote clam daemon, Couldn't connect to server
Oct 21 13:47:58 debian rc.local[1372]: ERROR: Clamonacc: daemon is local, but a connection could not be established
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 4.
Oct 21 13:47:58 debian rc.local[1374]: ERROR: ClamClient: could not connect to remote clam daemon, Couldn't connect to server
Oct 21 13:47:58 debian rc.local[1374]: ERROR: Clamonacc: daemon is local, but a connection could not be established
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 13:47:59 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 13:47:59 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 5.
Oct 21 13:47:59 debian systemd[1]: rc-local.service: Start request repeated too quickly.
Oct 21 13:47:59 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 13:48:14 debian sudo[2222]: squire : TTY=pts/0 ; PWD=/home/squire ; USER=root ; COMMAND=/usr/sbin/service rc-local status
Oct 21 13:54:30 debian sudo[16421]: squire : TTY=pts/1 ; PWD=/home/squire ; USER=root ; COMMAND=/usr/sbin/service rc-local status
答え1
多くの試行錯誤の終わりに、研究中に見つけたさまざまなオプションを試したところ、期待どおりに機能する組み合わせが見つかりました。
以前の失敗の原因は、次のようなものが不足していたためだと思います。
After=clamav-daemon.service syslog.target network-online.target
Requires=clamav-daemon.service
そして
Type=simple
rc-local.serviceファイル
[Unit]
Description=ClamAV On-Access Scanner
After=clamav-daemon.service syslog.target network-online.target
Requires=clamav-daemon.service
[Service]
Type=simple
User=root
RemainAfterExit=yes
ExecStart=/etc/rc.local start
Restart=on-failure
RestartSec=10s
[Install]
WantedBy=multi-user.target
1回の成功したリリース後、2回目のテストが失敗したことに気づきました。私はこれが同じセッションの以前のテストのためにまだ存在する1
終了コードを試みたために起こったことに気づきました。mkdir /tmp/clamonacc-quarantine
変更を明確に/説明するために説明を追加しました。
rc.localスクリプト
#!/bin/sh -e
dir=clamonacc-quarantine
# Check if the folder for quarantining already exist. If it does, go straight to the main process
if $(/bin/ls /tmp/$dir)
then
# Run the main process, start logging and move any infected files to the quarantine folder
/usr/bin/clamonacc --log=/var/log/clamav/clamonacc.log --move=/tmp/$dir/
else
/bin/mkdir /tmp/$dir
/usr/bin/clamonacc --log=/var/log/clamav/clamonacc.log --move=/tmp/$dir/
fi
exit 0
プロセスがアクティブです。
$ ps -aux | grep clamonacc
root 2514 0.0 0.0 213552 5064 ? Ssl 17:21 0:00 /usr/bin/clamonacc --log=/var/log/clamav/clamonacc.log --move=/tmp/clamonacc-quarantine/