Hi
I have found that 1.0.1 and 0.103.8 both behave badly if they find a
malformed db. Agreed freshclam checks out the clamav/cisco db's.
I have yet to determine what unofficial db caused the failure. They
should all have been verified before being placed in /var/lib/clamav/
Clamd ends up only partially running accepting connections creating a
/tmp/clamav.... file then giving up on the scan part of the job.
Eventually clamd has 1024 open /tmp/clamav... files and further
connections generate massive logs very quickly (like 3.5G in an hour )
It would be better if it exited when it cannot continue.
Regards Paul
On 24/05/2023 07:17, Steve Basford via clamav-users wrote:
On 23 May 2023 21:59:22 Paul Netpresto <p...@netpresto.co.uk> wrote:
Hello
What should the behaviour of a running clamd be when it comes across a
malformed database during a signature-reload.
Clamd.conf has setting "ConcurrentDatabaseReload no"
Regards Paul
Hi Paul,
Is there is a malformed database freshclam will ignore it and
shouldn't update.
If it's a manually updated database, clamd will report the error in logs.
That options means....
*concurrentDatabaseReload BOOL*
<https://manpages.debian.org/unstable/clamav-daemon/clamd.conf.5.en.html#ConcurrentDatabaseReload>
Enable non-blocking (multi-threaded/concurrent) database reloads.
This feature will temporarily load a second scanning engine while
scanning continues using the first engine. Once loaded, the new
engine takes over. The old engine is removed as soon as all scans
using the old engine have completed. This feature requires more
RAM, so this option is provided in case users are willing to block
scans during reload in exchange for lower RAM requirements.
Default: yes
Cheers,
Steve
Sanesecurity.com <http://Sanesecurity.com>
3rdparty ClamAV signatures
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
Cheers,
Steve
Twitter: @sanesecurity
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
_______________________________________________
Manage your clamav-users mailing list subscription / unsubscribe:
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/Cisco-Talos/clamav-documentation
https://docs.clamav.net/#mailing-lists-and-chat
