[Pkg-clamav-devel] Bug#691314: Initial Signature Download

[Richard Laager]

I discussed this with a colleague here. We see two reasonable
implementations:

1. On package installs (not upgrades), launch clamav-unofficial-sigs in
the background and /dev/null its stdout and stderr.

2. On package installs (not upgrades), launch clamav-unofficial-sigs in
the foreground and fail the postinst on its failure.

The first option basically just gets signatures faster because the user
doesn't have to wait for the cron job to fire. Aside from issues of two
clamav-unofficial-sigs process running at once (Is there locking for
that already?), we see no downsides.

However, only the second option really addresses my concerns here. I
don't want to bring mail servers into production and have them start
leaking spam/viruses through because the unofficial sigs weren't
updated. So to cover this use case, you'd have to go with option 2.

If you feel that option 1 is okay for the package, but option 2 is not,
then I'll just keep invoking the script in my own mail server
configuration package.

If you don't want to address this in any way, please close the bug so I
know the discussion is closed. And of course, I'll keep the local code
in this case, too.

-- 
Richard
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-clamav-devel/attachments/20130710/bf1106d8/attachment.sig>