clamd handicraft work

Enrico Scholz enrico.scholz at informatik.tu-chemnitz.de
Sun Jul 24 09:45:01 UTC 2005 

smooge at gmail.com ("Stephen J. Smoogen") writes:

> Would it be useful to put something in the crontab that randomizes the
> time of the update like this untested syntax?
>
> 0 0 * * * perl -le 'sleep rand 14400;' && {/usr/bin/freshclam --quiet
> && { test -x /usr/sbin/clamav-notify-servers && exec
> /usr/sbin/clamav-notify-servers || :; }}

mmh... I will definitively not add a dependency on perl just to calculate
a random number ;)

This cron-part evolved over the various versions in the following way:

'sleep $[ RANDOM % ... ] && ...'
================================
   PROs:
   * no additional deps
   * crontab remains the same across subsequent packages; so it is
     possible to apply changes (when it was not modified locally by the
     administrator)

   CONs:
   * does not work; it is impossible to use a literal '%' in crontabs
   * updates happen too randomly. E.g. they could be executed at 02:59,
     03:00 and 08:59. The first one-minute timediff is too short and the
     05:59 delay might be too long
   * there is a cron-instance which uglifies the 'ps' output by hanging
     around for several hours ;)


commented crontab-line
======================
   (e.g. '# MIN  HOUR/3 * * * root %{_bindir}/freshclam ...')

   PROs:
   * no additional deps
   * should be a little bit randomly (although values like '0', '1',
     '23' or '42' will be used above average)

   CONs:
   * admin has to change it manually
   * there was no hint that it must be changed
   * crontab has to be changed which makes it impossible to apply
     changes of new versions


commented crontab-line + user-notification
==========================================
   (same as above plus a periodic '.... mail "Activate me!" line)

   PROs as above, CONs minus 'there was no hint that it must be changed'
   


substitution in %post scripts (current method)
==============================================  

   PROs:
   * no additional deps

   CONs:
   * crontab will be changed which makes it impossible to apply changes
     of new versions
   * there is a %post script...



I am thinking about a helper script which is similarly to the first
method and gets applied as

| 0 */3 * * *  root   <helper-script> || ...

This script uses 'hostid' to determine the initial sleep time but can be
configured by /etc/sysconfig/<something> also.

   PROs:
   * crontab remains stable across different versions
   * updates happen exactly every three hours with a constant, random
     delay
   * can be disabled without editing the crontab (that's why the '||')

   CONs:
   * there is yet-another helper script




Enrico
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 480 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-extras-list/attachments/20050724/d6761bd2/attachment.sig>

More information about the fedora-extras-list mailing list