I discussed this with a colleague here. We see two reasonable implementations:
1. On package installs (not upgrades), launch clamav-unofficial-sigs in the background and /dev/null its stdout and stderr. 2. On package installs (not upgrades), launch clamav-unofficial-sigs in the foreground and fail the postinst on its failure. The first option basically just gets signatures faster because the user doesn't have to wait for the cron job to fire. Aside from issues of two clamav-unofficial-sigs process running at once (Is there locking for that already?), we see no downsides. However, only the second option really addresses my concerns here. I don't want to bring mail servers into production and have them start leaking spam/viruses through because the unofficial sigs weren't updated. So to cover this use case, you'd have to go with option 2. If you feel that option 1 is okay for the package, but option 2 is not, then I'll just keep invoking the script in my own mail server configuration package. If you don't want to address this in any way, please close the bug so I know the discussion is closed. And of course, I'll keep the local code in this case, too. -- Richard
signature.asc
Description: This is a digitally signed message part
