[clamav-users] We STILL cannot reliably get virus updates (since new mirrors)

Paul Kosinski clamav-users at iment.com
Mon Jul 2 10:20:13 EDT 2018


I don't understand your reply. Exactly *how* do we "wait until every
mirror is synchonized, become notified, then try".

Freshclam is run periodically, automatically (via cron, in our case).
Shouldn't it be freshclam's job to do things at the right time. And how
would *it* know when all mirrors are synced? Is it Talos that populates
the mirrors? Then Talos shouldn't update the DNS TXT records until *all*
mirrors are ready.

P.S. The client's mirrors.dat file is updated in 18 different places in
manager.c, which is in the freshclam subsystem.


On Sun, 1 Jul 2018 21:11:29 -0700
Dennis Peterson <dennispe at inetnw.com> wrote:

> What makes it a problem? You can never dl it until it is available,
> so the problem is you become aware of it too soon. But think about
> what that means. Your choices are to know immediately when an update
> is available and try to get it, or wait until every mirror is
> synchonized, become notified, then try. The first choice is a
> crapshoot you might win. The second choice isn't a crapshoot but it
> also doesn't save time. Remembering all this is automated the result
> is actually some uninteresting log entries.
> 
> It would be interesting to know if an update notice is sent to all
> mirrors in the fashion of a DNS notification to slaves which would
> cause a parallel pull, or if the update itself is pushed, and what
> the process is for updating the client mirrors.dat file.
> 
> dp
> 
> On 7/1/18 9:01 PM, Al Varnell wrote:
> > Seems to me that it's only a problem if it takes a significant
> > amount of time between the DNS update and the mirror updates. I
> > don't have a good feel for how long that is from the postings so
> > far, but it does sound like it may have increased as a result of
> > the move from ClamAV mirrors to the ClamAV CDN.
> >
> > Sent from my iPad
> >
> > -Al-
> >
> >> On Jul 1, 2018, at 20:38, Dennis Peterson <dennispe at inetnw.com>
> >> wrote:
> >>
> >>> On 7/1/18 8:24 PM, Paul Kosinski wrote:
> >>> My conclusion is that the cause of this is a typical race
> >>> condition: the DNS TXT record is updated before Cloudflare has
> >>> propagated the new cvd file to all the mirrors.
> >>>
> >>>
> >> Is this a problem?
> >>
> >> dp



More information about the clamav-users mailing list