Modified ClamAV Updater

Gerry Doris gerry at DORFAM.CA
Fri Jul 4 20:22:07 IST 2003 

I and some others have experienced MailScanner freezes as a result of
hangs when ClamAV virus files are being updated.  The latest one for me
occurrd on June 29 at 7:00am EST.

>From my log files it appears that when the clamav-autoupdate script is
called and the ClamAV site doesn't respond then a lock file is left open
preventing MailScanner from performing any virus scans.  In any case, mail
continues to roll into mqueue.in but is not processed by MailScanner.
MailScanner knows how many messages are in the queue and says that it's
starting virus scanning...and that's all!

I've modified the existing clamav-autoupdate script to include a timeout
that hopefully will correct this.

I am not by any means a programmer so please have a look at this and see
if it does what I think it should!  I don't believe there's been any
further hangs at the ClamAV site so I don't know if it fixes the problem
or not?

--
Gerry

"The lyfe so short, the craft so long to learne"  Chaucer
-------------- next part --------------
#!/usr/bin/perl

use Sys::Syslog;

# If you have a web proxy or cache server, put its value in the next line
# in the syntax "full.host.name:port".
$HTTPproxy = "";

$LogFile = "/tmp/ClamAV.update.log";

$ClamUpdateCommand = "/usr/local/bin/freshclam";

$LockFile = "/tmp/ClamAVBusy.lock";

$TIMEOUT = 10;                             #Timeout in sec's

$LOCK_SH = 1;
$LOCK_EX = 2;
$LOCK_NB = 4;
$LOCK_UN = 8;

eval { Sys::Syslog::setlogsock('unix'); }; # This may fail!

Sys::Syslog::openlog("ClamAV-autoupdate", 'pid, nowait', 'mail');

$SIG{ALRM} = sub { die "timeout" };        # Setup alarm

eval {
   alarm("$TIMEOUT");                      #Update timeout in $TIMEOUT sec's

   if (-x $ClamUpdateCommand) {
      &LockClamAV();
      $Command = "$ClamUpdateCommand --quiet -l $LogFile";
      $Command .= " --http-proxy $HTTPproxy" if $HTTPproxy;
      $retval=system($Command)>>8;
   }
   alarm(0);                                #Turn off alarm
};

if ($@) {
   if ($@ =~ /timeout/) {
   &UnlockClamAV();         
   Sys::Syslog::syslog('err', "ClamAV updater timed out");
   Sys::Syslog::closelog();
   exit 0;
   } else {
     die;
          }
}	

&UnlockClamAV();
if ($retval == 0 ) {
   Sys::Syslog::syslog('info', "ClamAV updated");
   }
  elsif ($retval == 1 ) {
   Sys::Syslog::syslog('info', "ClamAV did not need updating");
  } else {
   Sys::Syslog::syslog('err', "ClamAV updater failed");
}

Sys::Syslog::closelog();
exit 0;


sub LockClamAV {
	open(LOCK, ">$LockFile") or return;
	flock(LOCK, $LOCK_EX);
	print LOCK "Locked for updating ClamAV definitions by $$\n";
}

sub UnlockClamAV {
	print LOCK "Unlocked after updating ClamAV definitions by $$\n";
	unlink $LockFile;
	flock(LOCK, $LOCK_UN);
	close LOCK;
}

More information about the MailScanner mailing list