On Fri, 28 Jan 2005, Nigel Horne wrote:
It's a great idea to have clamav-milter do it's own thing. BUT,
what is its
relationship with freshclam? In the clamav-milter -> clamd, you could be
assured that clamd would always be aware of updates installed by
freshclam.
How does this work in the all milter, all the time, world?
There is a thread within clamav-milter which wakes up from time to time and reloads the database when freshclam has been run.
How often does it wake up? Given that most of us now run freshclam every 15 minutes (taking advantage of DNS, of course) it seems it'd have to be a fairly frequent check.
Damian Menscher
It looks like it wakes up when there are no children running:
if(!external) {
/*
* Re-load the database if the server's not busy.
* TODO: If a reload is needed go into a mode when
* new scans aren't accepted, to force the number
* of children to 0 so that we can reload,
* otherwise a reload may not occur on overloaded
* servers
*/
pthread_mutex_lock(&n_children_mutex);
if((n_children == 0) && (cl_statchkdir(&dbstat) == 1)) {
cl_statfree(&dbstat);
if(use_syslog)
syslog(LOG_WARNING, _("Loading new database"));
if(loadDatabase() != 0)
exit(EX_CONFIG);
}
pthread_mutex_unlock(&n_children_mutex);
continue;
}According to this, clamav-milter will update the database if there are no children running and if the database needs to be updated.
Now I wanted to make sure this was working and could not confirm that it works. Here is what I tried:
1. Compile with debugging.
2. Copy an old daily.cvd file over the current one.
3. Start clamav-milter (internal mode) on test machine with no mail load.
4. Pass it an email with a recent virus that wasn't detected to confirm that the old sig file is in use. Virus passed though without problems.
5. Ran freshclam and updated sig file.
6. Looked though logs and debugging for the "syslog(LOG_WARNING, _("Loading new database"));" message but couldn't find it.
7. Restarted sendmail hoping that would cause the children to get to 0.
8. Passed virus again, virus still goes though.
9. Waited a few minutes.
10. Passed virus again, virus still goes though.
11. Restarted clamav-milter.
12. Passed virus again, virus is rejected.
It is quite possible I missed something, but as far as I can tell the virus sig update never happens.
At this point I'm going to stick with external mode because it is proven to work, but would love to get to the bottom of this.
Regards,
schu
_______________________________________________ http://lists.clamav.net/cgi-bin/mailman/listinfo/clamav-users
