This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
E-Mail / Re: SpamAssassin High CPU Usage
« on: September 18, 2020, 08:56:06 PM »
CONTROL WEB PANEL »WEBPANEL »CENTOS-WEBPANEL BUGS »CPU 100% CLAMD
https://forum.centos-webpanel.com/index.php?topic=4426.15
https://forum.centos-webpanel.com/index.php?topic=4426.15
3
CentOS-WebPanel Bugs / Re: CPU 100% clamd
« on: September 18, 2020, 12:41:28 PM »Hi,
I just share my experience and my possible solution on this problem:
CWPpro version: 0.9.8.528 on CentOS 7.4.1708 (Core)
Symptom:
Obviously the constant 100% CPU usage on clamd
Log in /var/log/messages
Mar 4 11:25:30 vps6 clamd: ERROR: LOCAL: Socket file /var/run/clamd.amavisd/clamd.sock is in use by another process.
But I also experienced database duplication as well. Deleting the one not in use or older did not solve the problem. Also I saw solutions removing the serviced scripts.
I found that there are two entries trying to start clamd and this must be somehow not right.
My solution is to clean up first and then activate the clamd/amavis in CentOS Web panel.
1. In CWP, mail Server Manager - Switch off the ClamAV/AMAVIS/Spamassassin and rebuild Mail server. This suppose to remove clamav. After this process you can still see the Clamd and Amavis entries on the Dashboard.
2. Check the installed packages with 'yum list installed' - amavisd-new and clamav still there. Remove them with 'yum remove'. I did remove only: amavisd-new, clamav, clamav-server, clamav-data.
3. Dashboard still shows ClamAV row. No sense. Remove /usr/lib/systemd/system/ clamd-scan.service clamd.service
4. Reloading Dashboard should not show clamd or amavis status etc.
5. Now in CWP switch ON ClamD/Amavis/Spamassassin support. This will install the related services and dependencies.
From now on the antivirus system works and clamd is back to normal. Tried in two servers.
The question is what stage the original clamav installed originally? Is it because an earlier CWP built?
I tried the SH script and did not help in my situation.
I hope it is a solution for some of you.
Это сработало в моем случаи.
Мой сервер с 2Гб памяти. После обновления загрузка процессора стала 100%. SWAP достигала 100%
1. Остановил службы clamav & amavis
2. Пересобрал почту
3. удалил все пакеты clamav & amavis
4. удалить вручную остатки в /usr/lib/systemd/system/ clamd-scan.service clamd.service
5. перезапустить
6. пересобрать почту с clamav & amavis
7. Проверить в startup_services включен ли запуск amavisd.service и clamd.service
8. Перезапуститься
В моем случаи в логах появились сообщения о не хватке прав
9. В файле /etc/clamd.d/scan.conf заменил строку
LocalSocket /run/clamd.scan/clamd.sock
на
LocalSocket /run/clamd.amavisd/clamd.sock
10. Добавить пользователя clamscan (является владельцем clamd.sock) в группу clamupdate (доступ к папке clamd.amavisd)
Теперь все запустилось и нет нагрузки. Все стало как раньше
4
CentOS 6 Problems / Re: Starting cwpsrv: cwpsrv: [emerg] SL_CTX_use_PrivateKey_file("/etc/pki/tls/privat
« on: January 30, 2020, 06:57:06 PM »QuoteStarting cwpsrv: cwpsrv: [emerg] SL_CTX_use_PrivateKey_file("/etc/pki/tls/private/hostname.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
How to fix this ?
Run commands:
openssl x509 -noout -modulus -in /etc/pki/tls/certs/hostname.crt | openssl md5
openssl rsa -noout -modulus -in /etc/pki/tls/private/hostname.key | openssl md5
If the results match, then do the following:
cp hostname.crt hostname.bundle
systemctl restart cwpsrv.service
works!
5
SSL / Re: AutoSSL not renewing
« on: December 13, 2019, 11:04:40 AM »
the log can be viewed at /root/.acme.sh/acme.sh.log
If you see: Verify error: Invalid response from http://you.domain/.well-known/acme-challenge/....
Also useful would be a file /root/.acme.sh/http.header
Possible reasons:
1. There is no symbolic link in the root directory of your site. The symbolic link (.well-known) should point to /usr/local/apache/autossl_tmp/.well-known
2. If you do not use IPv6, make sure there are no AAAA entries for your DNS zone.
If you see: Verify error: Invalid response from http://you.domain/.well-known/acme-challenge/....
Also useful would be a file /root/.acme.sh/http.header
Possible reasons:
1. There is no symbolic link in the root directory of your site. The symbolic link (.well-known) should point to /usr/local/apache/autossl_tmp/.well-known
2. If you do not use IPv6, make sure there are no AAAA entries for your DNS zone.
Pages: [1]