Aecio Neto wrote: > Due to a network issue, freshclam was not able to connect to update > site. Then, freshclam set virus db as locked and clamd was not > possible to read it and exit. This happened twice this week.
We've been hit by this a lot. :-( It's really nasty because clamd removes the pid file when it exits, so our (old) monitoring script did not restart it (assuming that the admin had stopped it.) You do *not* want to hold a lock while waiting for the network. The proper freshclam algorithm would be something like this. (File names are illustrative only.) 1) Hold a lock on /var/lock/freshclam.lock to avoid concurrent freshclams. 2) Copy the entire current database directory to a temporary directory. 3) Attempt to update the database in the temporary directory. During this potentially time-consuming step, the main database is NOT locked and clamd continues happily on its way. 4) If step (3) succeeded: Lock /var/lock/clam-db.lock. This lock applies to both clamd and freshclam. Then rename the current database directory to old, and the temporary one to current. Then release /var/lock/clam-db.lock. Because the renaming is likely to be very quick, clamd won't be locked out of the database directory for very long. The lock-holding time certainly won't depend on network conditions. 5) If step (4) succeeded: Delete the old database directory. 6) Release /var/lock/freshclam.lock Regards, David. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
