[clamav-users] How to boost clamav? Reloading database results in a talking timeout?

Fri Sep 13 15:20:43 UTC 2019

On 13.09.19 14:42, Micah Snyder (micasnyd) via clamav-users wrote:
>One thing we could do is have clamd "start" before loading the database. 
> That is to say that it would immediately begin listening on the unix/tcp
> socket for requests and fork into the background so as not to block the
> boot process.  All scan requests would then be blocked while the database
> loads.  I imagine this would solve most of the frustration around boot-up
> load time.
>
>Does this have any appeal?

on debian we've had parallel startup for some time, systems using systemd
should have that one too (but maybe it runs on foreground there).

I'd personally expect clamd to be fully working after it forks at startup.
other SW may expect that too.

Maybe with other startup parameter?

>On 9/12/19, 11:31 PM, "clamav-users on behalf of J.R. via clamav-users" <clamav-users-bounces at lists.clamav.net on behalf of clamav-users at lists.clamav.net> wrote:
>
>    This patch will be a very welcome addition! Oddly enough today my
>    hosting company had an emergency and I needed to shutdown my server so
>    it could be physically moved mid-day.
>
>    The painfully slow load time of ClamAV was excruciating apparent while
>    I was watching the console slowly go through the boot process.
>
>    While a second thread to *reload* the database in the background is
>    going to be a nice feature, I would assume it wouldn't help any on
>    initial startup. While tweaking things with this 2nd thread, maybe
>    there could be a start-up option / flag to only load like the
>    daily.cld (or official sigs only) to minimize blocking on boot-up, but
>    still allow a decent level of protection. Then a full DB could be
>    loading up in its separate thread and swapped when ready?
>
>    I honestly have no idea how the signatures load, but would a full
>    multi-threaded model even theoretically work? Or would that not allow
>    correct parsing / loading of the signatures? It just seems with PCs
>    and servers having so many cores, and the number of viruses
>    ever-increasing...
>
>    Alternatively, would there be a way to do a "diff" on the loaded
>    signatures in memory to add / remove only the ones that have changed
>    (when feasible over a full reload)? Seems like an awful lot of
>    unnecessary re-parsing is being done when only a small handful of
>    signatures are added at any given time.
>
>    Just throwing some ideas out there... Always thankful for all the hard
>    work from the development team.

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I just got lost in thought. It was unfamiliar territory.