Re: clamsmtp : unix socket problem

Wed, 09 Apr 2008 17:02:47 -0700 


On Apr 9, 2008, at 6:57 PM, hose wrote:



On Apr 9, 2008, at 6:47 PM, Mike Bird wrote:

On Wed April 9 2008 16:35:48 hose wrote:

The socket isn't created immediately - clamav has to read in all the

definitions from its database, which can take awhile.  On a dual  
P3 I
have it takes over 20 minutes sometimes if it reloads everything,  
and

on a dual Xeon 2.6 with HT, it can take 10 or so minutes to do the
same thing.


Here it takes 4 seconds on a 2.4GHz P4.  Am I missing something?

Wed Apr  9 16:44:10 2008 -> +++ Started at Wed Apr  9 16:44:10 2008

Wed Apr  9 16:44:10 2008 -> clamd daemon 0.92.1 (OS: linux-gnu,  
ARCH: i386,

CPU: i486)
Wed Apr  9 16:44:10 2008 -> Log file size limit disabled.
Wed Apr  9 16:44:10 2008 -> Reading databases from /var/lib/clamav
Wed Apr  9 16:44:10 2008 -> Not loading PUA signatures.
Wed Apr  9 16:44:14 2008 -> Loaded 248771 signatures.

Wed Apr  9 16:44:14 2008 -> Unix socket file /var/run/clamav/ 
clamd.ctl


--Mike Bird



Interesting... on all the clamav machines I admin (admittedly this  
is only four) I've always had the delay in loading the sigs:


From one server (the dual xeon):
Tue Apr  1 02:55:53 2008 -> Reading databases from /var/lib/clamav
Tue Apr  1 03:07:20 2008 -> Loaded 323514 signatures.
Tue Apr  1 03:07:20 2008 -> Unix socket file /var/run/clamav/clamd.ctl

From the dual P3:
Tue Mar 25 15:06:34 2008 -> Reading databases from /var/lib/clamav
Tue Mar 25 15:20:08 2008 -> Loaded 316396 signatures.
Tue Mar 25 15:20:08 2008 -> Unix socket file /var/run/clamav/clamd.ctl

And most painfully, from a single P3 we keep around for nostalgia:
Sun Apr  6 23:50:27 2008 -> Reading databases from /var/lib/clamav
Mon Apr  7 00:52:24 2008 -> Loaded 306287 signatures.
Mon Apr  7 00:52:24 2008 -> Unix socket file /var/run/clamav/clamd.ctl


I wonder what the deal is.  Maybe something to do with PUA  
signatures, but strangely enough I never remember turning on that  
option to begin with.


hose



Actually, it looks like you're running clamd .92.1.  I'm currently  
running the version that comes with etch - .90.1.  Maybe there's a  
huge diff in loading times, ie, they reload only changed parts of the  
db (sort of like how they implemented partial diff downloads for  
updates in the later versions).  Now it's going to bother me until I  
figure out why...


hose


--

To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
























					Reply via email to