clamav-users March 2009 archive
Main Archive Page > Month Archives  > clamav-users archives
clamav-users: Re: [Clamav-users] Now crash refreshing signatures

Re: [Clamav-users] Now crash refreshing signatures, was something else

From: Dennis Peterson <dennispe_at_nospam>
Date: Thu Mar 05 2009 - 01:29:27 GMT
To: ClamAV users ML <clamav-users@lists.clamav.net>


Steve Basford wrote:

> Gut feeling is that it's not a signature problem, more timing perhaps
> caused by the increase in the number of signatures being reloaded,
> and the interaction between freshclam, the RELOAD/USR2 command (used by
> scripts) and clamd.
>

I don't have a problem here (yet, fingers also crossed) but I don't run freshclam as a daemon. It is run out of cron as is the script I wrote to refresh Sane Security signatures. I set them var enough apart they cannot collide.

I also use rsync to move the Sane Security files from the download/test directory into the clamav database directory as it does atomic copies. Clamd is not aware of them until rsync unhides them. The thinking is it makes them immune to clamd's self-check process. A self-check with a file partially copied to the db directory has caused clamd errors in the past.

So the sequence here is:

  1. Run freshclam from cron at random times between 0 and 10 minutes past the hour, and randomly between 30 and 40 minutes past the hour. Freshclam will notify clamd as appropriate.
  2. Fetch Sane Security and MSRBL files at random times between 15 to 25 minutes past the hour twice each day.
  3. If there are new downloads, process Sane Security and MSRBL files in a working directory. Verify with clamscan there are no errors. Proceed to next step on success or exit.
  4. Use rsync to perform atomic copy of updated files from working directory to ClamAV db directory
  5. Notify clamd via Unix socket

dp



Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml