Bug #7121
closedfreshclam.conf advanced editing, configuring value of "Checks" has no effect on crontab entry
Added by Alexander Berkes almost 8 years ago. Updated almost 8 years ago.
0%
Description
When configuring clamav advanced options, changing the value of "Checks" has no effect on the crontab entry of freshclam
Updated by Kill Bill almost 8 years ago
Assuming you are talking about Squid, it's not supposed to do anything with cron. You are totally on your own, this feature is completely unsupported.
Updated by Alexander Berkes almost 8 years ago
Yeah you are right, I am talking about the squid package, but especially the freshclam component. Freshclam is executed periodically from cron to update the virus definitions. If you change the config Parameter "Checks" in freshclam.conf in the Web-GUI (advanced options) the crontab entry of freshclam is not updated (interval does not change). So this parameter has actually no effect at all.
In my crontab I had an entry that was looking like this:
*/1472 * * * * clamav /usr/local/bin/freshclam --config-file=/usr/local/etc/freshclam.conf
It was impossible to change this through the Web-GUI and was leading to a lot of freshclam updates / hour.
This doesn't seem like wanted behaviour for me.
I had to manually edit config.xml to make the changes permanent.
Sorry if I am missing something, but I thought this should be reported.
Updated by Kill Bill almost 8 years ago
"Checks" in freshclam.conf is not using/configuring cron, at all. Switching to manual config and changing freshclam.conf will not touch cron, at all. The only thing using and configuring cron is the "ClamAV Database Update" dropdown in the GUI - Antivirus tab.
*/1472 * * * * is a value that's impossible to configure via the GUI plus it's definitely not something that'd be leading "to a lot of freshclam updates / hour"
As noted in bold read in the GUI, do NOT use advanced manual configuration unless you know what you are doing. If you need to delete corrupt/unwanted stuff fron crontab (or to manipulate crontab in general), install the Cron package.
Updated by Kill Bill almost 8 years ago
This hopefully makes things more obvious: https://github.com/pfsense/FreeBSD-ports/pull/254
@OP: No, the above PR still will not make the cronjob honor Checks in freshclam.conf or anything similar.
Updated by Alexander Berkes almost 8 years ago
Thanks for the git link. That makes things more clear.
Sorry I couldn't remember the exact value of the crontab entry. I only knew it started with */14xx
With looking at the code the value must have been */1440
That really makes no sense in the minute crontab column and it definitely leads to multiple executions per hour. That's at least what my logs etc. were showing me and should be clear because of the way crontab works.
Anyway this seems to have been fixed with moving the whole calculation to the hour column.
Finally I would like to say, that I definitely know what I am doing, so this was not really a problem for me to solve.
Actually the pfsense Web-GUI is somehow misleading with telling:
"You must edit the configuration files directly in the 'Advanced Features'."
In the case of editing the Checks Parameter it has no effect.
Cheers
Updated by Kill Bill almost 8 years ago
Alexander Berkes wrote:
That really makes no sense in the minute crontab column and it definitely leads to multiple executions per hour. That's at least what my logs etc. were showing me and should be clear because of the way crontab works.
Definitely not here. Most liky due to a different issue with safebrowsing.cld that was causing freshclam to run over and over again with that feature enabled.
Updated by Alexander Berkes almost 8 years ago
safebrowsing was never enabled in my setup. I also didn't investigate further.
Updated by Kill Bill almost 8 years ago
The change broke saving General settings in Squid. https://forum.pfsense.org/index.php?topic=124218.0; will get that reverted.
Recall this being a repeated issue. There is something broken with install_cron_job() function in general.
Updated by Kill Bill almost 8 years ago
All that could be done here is fixed with https://github.com/pfsense/FreeBSD-ports/pull/254 and https://github.com/pfsense/FreeBSD-ports/pull/261, close please.
Updated by Renato Botelho almost 8 years ago
- Status changed from New to Resolved
- Target version set to 2.4.0