New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Antivirus: improve memory usage #5803
Comments
- Restart clamd instance on nethserver-antivirus-update - Remove signatures selection NethServer/dev#5803
Restart clamd rspamd instance on nethserver-antivirus-update NethServer/dev#5803
- Disable clamav official signatures on request - Use new clamav unofficial config file NethServer/dev#5803
in
|
Test case 1
Test case 2
Test case 3
Test case 4
Test case 5
Test case 6
|
QA
please @gsanchietti , valid the answer
test case 1 must be validated
the services are running before and after the update, but when you restart the server, the service clamd@rspamd.service is down see https://github.com/NethServer/nethserver-mail/pull/137/files#diff-55213ff073b5012a5d6164561c45583aR3
even with the configuration change, the service is not stopped
squid/antivirus is well stopped by the configuration change
After the services are restarted as expected and the databases have been cleaned
|
unofficial sigs: reload all clamd instances The default configuration of clamav-unofficial-sigs only restarts clamd@scan instance which is not used by NethServer All clamd instances are now restarted by nethserver-antivirus event and reloaded by /etc/clamav-unofficial-sigs/user.conf NethServer/dev#5803
This reverts commit 2ad6658. Restart logic is now implemented inside NethServer/nethserver-antivirus#5 NethServer/dev#5803
…#140) Reverts #137 Restart logic is now implemented inside NethServer/nethserver-antivirus#5 Also the clamd@rspamd instance can't be started/stopped without some ugly hack. NethServer/dev#5803
in
|
Test case 1
Test case 2
Test case 3
Test case 4
Test case 5
|
QA
set verified |
Side note on memory usage as of yesterday.
|
in
|
in
|
Instead of reverting the QA I think it was needed only to provide a systemd unit service like this https://gist.github.com/stephdl/d07af66a9790ecf1b669e22ba841e161 the failed QA 2 and 3 could be fixed @gsanchietti |
On very slow machines, clamd could take lobger than 90 seconds to start, thus systemd restart the service generating a loop. If 10 minutes are not enough, the only solution is disabling the official signatures. NethServer/dev#5803
Force standard clamd OfficialSignatures property to disabled. NethServer/dev#5803
Clamav default signatures (main.cvd, bytecode.cvd, daily.cvd) contain a lot of old and not effective rules which can even cause some false positive.
Also, such signatures have a huge impact on memory usage.
Proposed solution
Starting from NS 7.7 the antivirus will use only unofficial signatures by default.
The sysadmin will be able to change such behavior using a documented property.
The text was updated successfully, but these errors were encountered: