clamav-users June 2008 archive
| Main Archive Page > Month Archives > clamav-users archives |
Re: [Clamav-users] clamav exiting
From: David F. Skoll <dfs_at_nospam>Date: Mon Jun 16 2008 - 14:51:15 GMT
To: ClamAV users ML <clamav-users@lists.clamav.net>
Aecio Neto wrote:
> Due to a network issue, freshclam was not able to connect to update
> site. Then, freshclam set virus db as locked and clamd was not
> possible to read it and exit. This happened twice this week.
We've been hit by this a lot. :-( It's really nasty because clamd removes the pid file when it exits, so our (old) monitoring script did not restart it (assuming that the admin had stopped it.)
You do *not* want to hold a lock while waiting for the network. The proper freshclam algorithm would be something like this. (File names are illustrative only.)
- Hold a lock on /var/lock/freshclam.lock to avoid concurrent freshclams.
- Copy the entire current database directory to a temporary directory.
- Attempt to update the database in the temporary directory. During this potentially time-consuming step, the main database is NOT locked and clamd continues happily on its way.
- If step (3) succeeded: Lock /var/lock/clam-db.lock. This lock applies to both clamd and freshclam. Then rename the current database directory to old, and the temporary one to current. Then release /var/lock/clam-db.lock. Because the renaming is likely to be very quick, clamd won't be locked out of the database directory for very long. The lock-holding time certainly won't depend on network conditions.
- If step (4) succeeded: Delete the old database directory.
- Release /var/lock/freshclam.lock
Regards,
David.
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml