Clamd Daemon Scanning Patches

Julian Field MailScanner at ecs.soton.ac.uk
Thu May 31 10:33:11 IST 2007 


Glenn Steen wrote:
> On 30/05/07, Rick Cooper <rcooper at dwford.com> wrote:
>> Julian,
>>
>> I have attached the patches for adding direct clamd daemon support to
>> MailScanner. I have patched against the 4.60.6 beta. I can't run a plain
>> vanilla MailScanner setup long as it screws up some reporting scripts as
>> well as does away with my ArchivedFileName and ArchivedFileType rules 
>> and
>> these are important to a lot of people. But my quick tests didn't 
>> show any
>> issues and the code has been used on six servers for awhile now. IIRC
>> dropping clamavmodule and talking directly to the daemon reduces the MS
>> memory footprint by 28mg per child. It's adding the code to a 
>> pristine copy
>> of MS and patching from there that isn't well tested. If you can get 
>> it into
>> a beta soon It would be nice, I plan to fully patch (which my other 
>> patches)
>> and build a 4.60.6 build either this evening or tomorrow.
>>
>> Feel free to redo what ever trips your trigger, but it shouldn't need 
>> any
>> form of auto update scripting, or file watching as freshclam will reload
>> clamd, or clamd will check on it's own depending on the system's 
>> clamd.conf
>> Selfcheck setting. In fact one should be able to update ClamAV without
>> restarting MailScanner and, unless they make huge changes in the 
>> clamd API
>> any clam updates shouldn't affect the code at all. It's also likely 
>> that the
>> clamav user problems that occurred using clamdscan shouldn't happen 
>> either
>> unless the defaults (for dropping privilege) are changed.
>>
>> Last two items that should probably be asked of the group:
>>
>> I am assuming that the clamd init scripts are creating lock files, as 
>> most
>> do, (usually /var/lock/subsys/clamd) but if that is not the case I 
>> should
>> remove the check, I am PINGing clamd anyway but if the lock file 
>> isn't there
>> I can short circuit the whole connect process.
>
> Perhaps do this as a config thing too? If "Clamd Lock File" is empty,
> do the ping unconditionally, else check whatever it points to...?
>
>> I am not using the threaded daemon model (MULTISCAN) but a config 
>> parameter
>> such as "Clamd Use Threads" could be added so clamd can take 
>> advantage of
>> threading on SMP hosts.
>
> Should work. How far away is Config Option Number 400, Jules?:-)
>
> Awesome stuff, can't wait to see it in a new beta (Yeah, I'm feeling
> lazy today:-).
I want to put out a new stable release tomorrow (1st June). This patch 
has really come a bit late to make that release. However, I'll put out a 
first beta of the next release very soon afterwards, which will have 
this code in it.

Jules

-- 
Julian Field MEng CITP
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit www.transtec.co.uk



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit www.transtec.co.uk

More information about the MailScanner mailing list