clamav-users June 2008 archive
Main Archive Page > Month Archives  > clamav-users archives
clamav-users: Re: [Clamav-users] clamav exiting

Re: [Clamav-users] clamav exiting

From: David F. Skoll <dfs_at_nospam>
Date: Mon Jun 16 2008 - 14:51:15 GMT
To: ClamAV users ML <clamav-users@lists.clamav.net>


Aecio Neto wrote:

> Due to a network issue, freshclam was not able to connect to update
> site. Then, freshclam set virus db as locked and clamd was not
> possible to read it and exit. This happened twice this week.

We've been hit by this a lot. :-( It's really nasty because clamd removes the pid file when it exits, so our (old) monitoring script did not restart it (assuming that the admin had stopped it.)

You do *not* want to hold a lock while waiting for the network. The proper freshclam algorithm would be something like this. (File names are illustrative only.)

  1. Hold a lock on /var/lock/freshclam.lock to avoid concurrent freshclams.
  2. Copy the entire current database directory to a temporary directory.
  3. Attempt to update the database in the temporary directory. During this potentially time-consuming step, the main database is NOT locked and clamd continues happily on its way.
  4. If step (3) succeeded: Lock /var/lock/clam-db.lock. This lock applies to both clamd and freshclam. Then rename the current database directory to old, and the temporary one to current. Then release /var/lock/clam-db.lock. Because the renaming is likely to be very quick, clamd won't be locked out of the database directory for very long. The lock-holding time certainly won't depend on network conditions.
  5. If step (4) succeeded: Delete the old database directory.
  6. Release /var/lock/freshclam.lock

Regards,

David.



Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml