Noel Jones wrote:
At 09:35 AM 3/5/2007, Dennis Peterson wrote:
The mv -f ... statement should be a cp ... statement. That will leave
the msrbl files in the directory that rsync uses for downloading and
for comparing versions.
It makes a great deal of sense to move the files into the clam DB
directory to insure an atomic operation. If clamd/clamav-milter should
happen to reload with a half-copied file in the DB dir, it will likely
stop running.
Yah - I realized that after reviewing the suggestion. Too much focus on
just one element of the entire problem.
The solution is to copy the updated file to a temporary name leaving the
original intact for the next update run, then move the copy into the
clam DB directory.
rsync can do atomic updates in place, but it's probably wiser to do this
in a temp directory so you can test the signatures with "clamscan -d
file" to make sure they at least won't crash clamd.
pseudo-code something like:
cd /some/work/dir &&
rsync or curl newfile.db &&
clamscan -d newfile.db &&
cp newfile.db newfile.db.tmp &&
mv newfile.db.tmp /var/db/clamav/newfile.db
This is correct and your method is a good solution - I use rsync for
migrating the staged file into the working directory and that is part of
the script I'll be sharing with Steve. As always there's more than one
way to do something, and it gets complex quickly.
dp
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
