On 12/13/06, Ian Abbott <[EMAIL PROTECTED]> wrote:
On 13/12/06 14:28, Edward Dam wrote:
> Hi Ian,
>
> Thanks for the help.
>
> I've only got the main.cvd and daily.cvd databases in use right now,
> until I
> get this sorted out - so it's not a 3rd party db or script issue.
>
> Here's basically what happens.
>
> Freshclam downloads the updates, then notifes clamd to re-read the
> databases. Then my log looks like this:
>
> Wed Dec 13 06:05:04 2006 -> SelfCheck: Database status OK.
>
> Wed Dec 13 06:28:57 2006 -> Reading databases from /var/clamav
>
> Wed Dec 13 06:28:57 2006 -> ERROR: reload db failed: MD5 verification
error
>
>
> At this point mail is dead, and I have to delete the CVD files in
> /var/clamav and re-run freshclam to get new ones, then manually start
> clamav. All is well, until it happens again.
>
> The frustrating part is that it's so intermittent. It doesn't happen
every
> time. It doesn't happen at a regular interval. It's completely random,
with
> the exception that it will probably once a day - or once every 2nd day
on
> the very high end.
What normally happens during the self-check is that the database
directory entries are read, but the files in the database directory are
not reloaded unless the directory entries have changed. This means that
the "SelfCheck: Database status OK." message does not mean the database
files were read okay, rather they weren't read at all.
May I suggest a minor code change for diagnostic purposes? In
clamd/server-th.c, look for the lines:
logg("SelfCheck: Database status OK.\n");
return NULL;
and change them to:
#if 0 /* original */
logg("SelfCheck: Database status OK.\n");
return NULL;
#else /* temporary test */
logg("SelfCheck: Database status OK. Reloading anyway.\n");
return root;
#endif
This will force the self-check to reload the database files even if
nothing has changed. Then if you get MD5 errors randomly after this
message in the logs, you'll know it has nothing to do with freshclam,
and more to do with random disk read/write errors.
Have you tried replacing the HD cable? You never mentioned it.
Certainly for P-ATA disks, don't expect much in the way of error
detection unless Ultra DMA mode is being used (and even then, CRC error
checking is only performed for data packets, not for command and status
packets). It's unlikely to be a problem for S-ATA disks though.
--
-=( Ian Abbott @ MEV Ltd. E-mail: < [EMAIL PROTECTED]> )=-
-=( Tel: +44 (0)161 477 1898 FAX: +44 (0)161 718 3587 )=-
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
I've done this code change, and the mail system just died.
Here's the relevant clip from the clamd log:
Wed Dec 20 09:53:33 2006 -> SelfCheck: Database status OK. Reloading anyway.
Wed Dec 20 09:53:33 2006 -> Reading databases from /var/clamav
Wed Dec 20 09:53:33 2006 -> ERROR: reload db failed: MD5 verification error
maillog:
Dec 20 09:53:44 LINUXSERV X-Qmail-Scanner-1.25:
[LINUXSERV116662642449315041] clamdscan: corrupt or unknown clamd
scanner error or memory/resource/perms problem - exit status 512/2
Dec 20 09:54:46 LINUXSERV X-Qmail-Scanner-1.25:
[LINUXSERV116662648649315087] clamdscan: corrupt or unknown clamd
scanner error or memory/resource/perms problem - exit status 512/2
messages:
Dec 20 09:53:33 LINUXSERV clamd[1053]: SelfCheck: Database status OK.
Reloading anyway.
Dec 20 09:53:33 LINUXSERV clamd[1053]: Reading databases from /var/clamav
Dec 20 09:53:33 LINUXSERV clamd[1053]: reload db failed: MD5 verification error
Dec 20 09:54:49 LINUXSERV X-Qmail-Scanner-1.25:
[LINUXSERV116662648949315099] clamdscan: corrupt or unknown clamd
scanner error
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
