활성화하고 시작한 다음 다시 건드리지 않고도 종료할 수 있도록 지속성 있는 ClamAV 온액세스 검색 시스템 서비스를 만들었습니다.
서비스를 수동으로 시작할 수 있으며 정상적으로 실행됩니다. 그러나 예상대로 로그인 후 자동으로 시작되지 않습니다. 두 경우 모두 활성 네트워크 연결이 없습니다.
다음 로그 출력(게시물의 마지막 출력 섹션에 있음)이 단서가 될 수 있다고 생각합니다.
rc.local[1188]: ERROR: ClamClient: could not connect to remote clam daemon, Couldn't connect to server
rc.local[1188]: ERROR: Clamonacc: daemon is local, but a connection could not be established
그러나 서비스를 수동으로 시작할 수는 있지만 자동으로 시작하지 못하는 이유를 아직도 이해하지 못합니다.
시스템 메시지
$ uname -a
Linux debian 4.19.0-12-amd64 #1 SMP Debian 4.19.152-1 (2020-10-18) x86_64 GNU/Linux
rc-local.service 파일
$ sudo cat /etc/systemd/system/rc-local.service
[Unit]
Description=ClamAV On-Access Scanner
ConditionPathExists=/etc/rc.local
[Service]
Type=forking
User=root
Require=network.target
RemainAfterExit=yes
ExecStart=/etc/rc.local start
TimeoutSec=200
Restart=on-failure
StartLimitInterval=10
[Install]
WantedBy=multi-user.target
rc.local 스크립트
$ sudo cat /etc/rc.local
#!/bin/sh -e
/usr/bin/clamonacc --log=/var/log/clamav/clamonacc.log
exit 0
로그인 후 상태
● rc-local.service - ClamAV On-Access Scanner
Loaded: loaded (/etc/systemd/system/rc-local.service; enabled; vendor preset: enabled)
Drop-In: /lib/systemd/system/rc-local.service.d
└─debian.conf
Active: failed (Result: exit-code) since Wed 2020-10-21 08:06:33 BST; 12min ago
Process: 1483 ExecStart=/etc/rc.local start (code=exited, status=2)
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 5.
Oct 21 08:06:33 debian systemd[1]: Stopped ClamAV On-Access Scanner.
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Start request repeated too quickly.
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 08:06:33 debian systemd[1]: Failed to start ClamAV On-Access Scanner.
서비스를 수동으로 시작한 후의 상태
● rc-local.service - ClamAV On-Access Scanner
Loaded: loaded (/etc/systemd/system/rc-local.service; enabled; vendor preset: enabled)
Drop-In: /lib/systemd/system/rc-local.service.d
└─debian.conf
Active: active (running) since Wed 2020-10-21 08:23:04 BST; 52s ago
Process: 7171 ExecStart=/etc/rc.local start (code=exited, status=0/SUCCESS)
Main PID: 7173 (clamonacc)
Tasks: 8 (limit: 4915)
Memory: 2.6M
CGroup: /system.slice/rc-local.service
└─7173 /usr/bin/clamonacc --log=/var/log/clamav/clamonacc.log
Oct 21 08:23:04 debian systemd[1]: Starting ClamAV On-Access Scanner...
Oct 21 08:23:04 debian systemd[1]: Started ClamAV On-Access Scanner.
잡지
$ sudo journalctl | grep rc-local
Oct 21 08:06:22 debian systemd[1]: /etc/systemd/system/rc-local.service:7: Unknown lvalue 'Require' in section 'Service', ignoring
Oct 21 08:06:31 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 08:06:31 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 08:06:31 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 08:06:31 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 1.
Oct 21 08:06:31 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 08:06:31 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 2.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 3.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 4.
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 08:06:32 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 5.
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Start request repeated too quickly.
Oct 21 08:06:33 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
$ sudo journalctl | grep rc.local
Oct 21 13:47:57 debian rc.local[1097]: ERROR: ClamClient: could not connect to remote clam daemon, Couldn't connect to server
Oct 21 13:47:57 debian rc.local[1097]: ERROR: Clamonacc: daemon is local, but a connection could not be established
Oct 21 13:47:57 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 13:47:57 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 13:47:57 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 13:47:57 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 1.
Oct 21 13:47:57 debian rc.local[1188]: ERROR: ClamClient: could not connect to remote clam daemon, Couldn't connect to server
Oct 21 13:47:57 debian rc.local[1188]: ERROR: Clamonacc: daemon is local, but a connection could not be established
Oct 21 13:47:57 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 13:47:57 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 2.
Oct 21 13:47:58 debian rc.local[1361]: ERROR: ClamClient: could not connect to remote clam daemon, Couldn't connect to server
Oct 21 13:47:58 debian rc.local[1361]: ERROR: Clamonacc: daemon is local, but a connection could not be established
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 3.
Oct 21 13:47:58 debian rc.local[1372]: ERROR: ClamClient: could not connect to remote clam daemon, Couldn't connect to server
Oct 21 13:47:58 debian rc.local[1372]: ERROR: Clamonacc: daemon is local, but a connection could not be established
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 4.
Oct 21 13:47:58 debian rc.local[1374]: ERROR: ClamClient: could not connect to remote clam daemon, Couldn't connect to server
Oct 21 13:47:58 debian rc.local[1374]: ERROR: Clamonacc: daemon is local, but a connection could not be established
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Oct 21 13:47:58 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 13:47:59 debian systemd[1]: rc-local.service: Service RestartSec=100ms expired, scheduling restart.
Oct 21 13:47:59 debian systemd[1]: rc-local.service: Scheduled restart job, restart counter is at 5.
Oct 21 13:47:59 debian systemd[1]: rc-local.service: Start request repeated too quickly.
Oct 21 13:47:59 debian systemd[1]: rc-local.service: Failed with result 'exit-code'.
Oct 21 13:48:14 debian sudo[2222]: squire : TTY=pts/0 ; PWD=/home/squire ; USER=root ; COMMAND=/usr/sbin/service rc-local status
Oct 21 13:54:30 debian sudo[16421]: squire : TTY=pts/1 ; PWD=/home/squire ; USER=root ; COMMAND=/usr/sbin/service rc-local status
답변1
많은 시행착오 끝에 연구 중에 찾은 다양한 옵션을 시도한 끝에 예상대로 작동하는 조합을 찾았습니다.
이전 실패의 원인은 다음과 같은 것이 부족했기 때문이라고 생각합니다.
After=clamav-daemon.service syslog.target network-online.target
Requires=clamav-daemon.service
그리고
Type=simple
rc-local.service 파일
[Unit]
Description=ClamAV On-Access Scanner
After=clamav-daemon.service syslog.target network-online.target
Requires=clamav-daemon.service
[Service]
Type=simple
User=root
RemainAfterExit=yes
ExecStart=/etc/rc.local start
Restart=on-failure
RestartSec=10s
[Install]
WantedBy=multi-user.target
한 번의 성공적인 출시 후 두 번째 테스트가 실패했다는 사실을 알아차렸습니다. 나는 이것이 동일한 세션의 이전 테스트로 인해 여전히 존재하는 1종료 코드를 시도했기 때문에 발생했다는 것을 깨달았습니다. mkdir /tmp/clamonacc-quarantine변경 사항을 명확히/설명하기 위해 설명을 추가했습니다.
rc.local 스크립트
#!/bin/sh -e
dir=clamonacc-quarantine
# Check if the folder for quarantining already exist. If it does, go straight to the main process
if $(/bin/ls /tmp/$dir)
then
# Run the main process, start logging and move any infected files to the quarantine folder
/usr/bin/clamonacc --log=/var/log/clamav/clamonacc.log --move=/tmp/$dir/
else
/bin/mkdir /tmp/$dir
/usr/bin/clamonacc --log=/var/log/clamav/clamonacc.log --move=/tmp/$dir/
fi
exit 0
프로세스가 활성 상태입니다.
$ ps -aux | grep clamonacc
root 2514 0.0 0.0 213552 5064 ? Ssl 17:21 0:00 /usr/bin/clamonacc --log=/var/log/clamav/clamonacc.log --move=/tmp/clamonacc-quarantine/