dbclean(8) FreeBSD System Manager's Manual dbclean(8) NNAAMMEE ddbbcclleeaann -- Clean Distributed Checksum Clearinghouse Database SSYYNNOOPPSSIISS ddbbcclleeaann [--ddffFFNNPPSSVVqquu] [--ii _i_d] [--aa [_s_e_r_v_e_r_-_a_d_d_r][_,_p_o_r_t]] [--hh _h_o_m_e_d_i_r] [--HH _h_a_s_h_-_f_i_l_e_-_d_i_r] [--DD _d_b_-_f_i_l_e_-_d_i_r] [--GG _o_n] [--RR _m_o_d_e] [--ss _h_a_s_h_-_s_i_z_e] [--ee _s_e_c_o_n_d_s] [--EE _s_p_a_m_s_e_c_s] [--LL _l_t_y_p_e_,_f_a_c_i_l_i_t_y_._l_e_v_e_l] DDEESSCCRRIIPPTTIIOONN DDbbcclleeaann creates empty, rebuilds corrupted, and deletes or expires old re- ports of checksums from DCC databases. It should be installed where it will be found with the path given the DCC server daemon when the daemon needs to expand the hash table. See dccd(8). It should also be run by the daily cron(8) job, _/_v_a_r_/_d_c_c_/_l_i_b_e_x_e_c_/_c_r_o_n_-_d_c_c_d. The whitelist in _/_v_a_r_/_d_c_c_/_w_h_i_t_e_l_i_s_t or _/_v_a_r_/_d_c_c_/_g_r_e_y___w_h_i_t_e_l_i_s_t are built into the DCC server's database. Changes to the whitelist are not effec- tive until dbclean is run. White or blacklists can also be used by DCC clients and work better. OOPPTTIIOONNSS The following options are available. Most of them should set by changing DBCLEAN_LOGDAYS and DBCLEAN_ARGS in the _/_v_a_r_/_d_c_c_/_d_c_c___c_o_n_f control file. --dd enables debugging output. Additional --dd options increase the number of messages. --FF uses write() instead of mmap() and msync() in some cases to modify the DCC database. This works better on some versions of Solaris provided the entire DCC database fits in RAM and provided the file system has not been tuned for the large, random accesses of a DCC database. It is the default on Solaris except when the database is in a memory mapped file system or the entire database fits in RAM. Do not use --FF with --ff, --HH, or --DD. --ff uses mmap() and msync() to modify the DCC database. Do not use --ff with --FF, --HH, or --DD. --NN creates a new, empty database. There must not be an existing data- base and the DCC server, dccd(8), must not be running. --PP expires old checksums from a database using the --ee --aanndd --EE values from the preceding use of ddbbcclleeaann. --PP cannot be used with --ee or --EE. Using --PP differs from not using --ee or --EE, because in the absence of all three, their default values are used. --SS says that the DCC server, dccd(8), is not running and so ddbbcclleeaann should run stand-alone and not try to tell the DCC server about changes to the database. --ii is not needed with --SS. --VV displays the version of the DCC database cleaner. Two or more --VV options show the options with which it was built. --qq quiets the announcement to stderr of the final results and debugging messages turned on with --dd. Results are still sent to the system log. --uu should be used when the file system containing the _d_c_c___d_b and _d_c_c___d_b_._h_a_s_h files is "ultra-fast," such as a solid-state drive. This setting postpones writing some data during normal operation un- til the system is shutdown. This reduces wear on the SSD at the cost of writing GBytes of data when the system is shutdown. Writing GBytes to a rotating disk at system shutdown unacceptable, but not noticeable to a non-rotating disk that operates 10 or 100 times faster. --ii _i_d specifies the DCC ID recognized by the local DCC server as its own. This ID allows the DCC server to recognize commands from ddbbcclleeaann to stop using the database while it is being cleaned. --aa [_s_e_r_v_e_r_-_a_d_d_r][_,_p_o_r_t] is commonly used to specify a UDP port or IP address of the local server other than the default. --hh _h_o_m_e_d_i_r overrides the default DCC home directory, _/_v_a_r_/_d_c_c. --HH _h_a_s_h_-_f_i_l_e_-_d_i_r puts the _d_c_c___d_b_._h_a_s_h hash table file in the _h_a_s_h_-_f_i_l_e_-_d_i_r directory with a symbolic link. Using --HH to put the hash table in a memory, "tmpfs", or "swap" file system such as _/_d_e_v_/_s_h_m or _/_t_m_p signifi- cantly speeds up the DCC server, dccd(8), on operating systems such as Linux and Solaris that lack the _M_A_P___N_O_S_Y_N_C flag for the mmap(8) system call. The memory file system must have space for two copies of the _d_c_c___d_b_._h_a_s_h file. --HH is undesirable on FreeBSD and other systems with _M_A_P___N_O_S_Y_N_C except when --DD is used. The DCC database file, _d_c_c___d_b, should usually be in file system that is not cleared by op- erating system rebooting and _n_o_t in a memory file system. Use or stop using --HH by adding it to or removing it from DB- CLEAN_ARGS in /var/dcc/dcc_conf and manually running or waiting for the nightly run of the /var/dcc/libexec/cron-dccd cron job. Do not use --HH with --FF or --ff. --DD _d_b_-_f_i_l_e_-_d_i_r puts the _/_v_a_r_/_d_c_c_/_d_c_c___d_b database and the _/_v_a_r_/_d_c_c_/_d_c_c___d_b_._h_a_s_h hash table files in the _d_b_-_f_i_l_e_-_d_i_r directory with symbolic links. Using --DD to put the files in a memory, "tmpfs", or "swap" file system such as _/_d_e_v_/_s_h_m or _/_t_m_p significantly speeds up the DCC server, dccd(8), but causes several GBytes of database transfers before DCC is effec- tive whenever the operating system is restarted. --DD should _n_o_t be used except at sites with more than one DCC server installation and where at least one of the other local servers is not using --DD. --DD should only be used on systems that are rarely rebooted, because up to one month is required for the database reach equilibrium. The memory file system must have space for two copies of the _d_c_c___d_b file. Use or stop using --DD by adding it to or removing it from DB- CLEAN_ARGS in /var/dcc/dcc_conf and manually running or waiting for the nightly run of the /var/dcc/libexec/cron-dccd cron job. Do not use --DD with --FF or --ff. --GG _o_n cleans a greylist database in _/_v_a_r_/_d_c_c_/_g_r_e_y___d_b and _/_v_a_r_/_d_c_c_/_g_r_e_y___d_b_._h_a_s_h instead of of a DCC server database. --RR _m_o_d_e repairs a database or does a quick cleaning. _M_o_d_e must be one of the following: _b_a_d to repair a broken database. _q_u_i_c_k for a quick, superficial cleaning during the day. _h_a_s_h to rebuild a hash not sent to disk before the system was re- booted. _f_a_i_l_s_a_f_e to work around missing nightly cleaning by the cron(8) job, _/_v_a_r_/_d_c_c_/_l_i_b_e_x_e_c_/_c_r_o_n_-_d_c_c_d _d_e_l to finish processing a delete command received by dccd(8). --ss _h_a_s_h_-_s_i_z_e specifies a size for the hash table in _/_v_a_r_/_d_c_c_/_d_c_c___d_b_._h_a_s_h. By de- fault the hash table is rebuilt to be approximately 80% full based on an estimate of the number of distinct checksums in the database file. --ee _s_e_c_o_n_d_s specifies that reports older than _s_e_c_o_n_d_s and with totals below 10 targets should be deleted. Reports older than _s_e_c_o_n_d_s of checksums that have been reported more recently are summarized in the data- base. The default value is 1DAY or the value of --EE, whichever is smaller. The 1 day default is reduced if the system does not appear to have enough RAM to hold the database. The minimum is 1 hour. _S_e_c_o_n_d_s can also be _N_E_V_E_R or a number of hours, days, or weeks fol- lowed by _H_O_U_R_S, _H, _D_A_Y_S, _D, _W_E_E_K_S or _W. DCC servers that are not very busy and are isolated or do not re- ceive "floods" of checksums from busy servers should use longer val- ues to increase their chances of recognizing bulk mail. --EE _s_p_a_m_s_e_c_s changes the expiration of checksums with more than 10 targets from the default of 30DAYS or the explicit value of --ee, whichever is larger. The default is reduced if the system does not have enough RAM to hold the database. _S_p_a_m_s_e_c_s can also be _N_E_V_E_R or a number of hours, days, or weeks followed by _H_O_U_R_S, _H, _D_A_Y_S, _D, _W_E_E_K_S or _W. --LL _l_t_y_p_e_,_f_a_c_i_l_i_t_y_._l_e_v_e_l specifies how messages should be logged. _L_t_y_p_e must be _e_r_r_o_r, _i_n_f_o, or _o_f_f to indicate which of the two types of messages are being con- trolled or to turn off all syslog(3) messages from ddbbcclleeaann. _L_e_v_e_l must be a syslog(3) level among _E_M_E_R_G, _A_L_E_R_T, _C_R_I_T, _E_R_R, _W_A_R_N_I_N_G, _N_O_T_I_C_E, _I_N_F_O, and _D_E_B_U_G. _F_a_c_i_l_i_t_y must be among _A_U_T_H, _A_U_T_H_P_R_I_V, _C_R_O_N, _D_A_E_M_O_N, _F_T_P, _K_E_R_N, _L_P_R, _M_A_I_L, _N_E_W_S, _U_S_E_R, _U_U_C_P, and _L_O_C_A_L_0 through _L_O_C_A_L_7. The default is equivalent to --LL _i_n_f_o_,_M_A_I_L_._N_O_T_I_C_E --LL _e_r_r_o_r_,_M_A_I_L_._E_R_R ddbbcclleeaann exits 0 on success, and > 0 if an error occurs. FFIILLEESS /var/dcc is the DCC home directory containing data and control files. dcc_conf is the DCC control file. dcc_db is the main file containing mail checksums. dcc_db.hash mail checksum database hash table. grey_db is the database of greylist checksums. grey_db.hash is the greylist database hash table. dcc_db-new, dcc_db-new.hash, grey_db-new, grey_db-new.hash new database and hash files until they are renamed. dcc_db-old, grey_db-old previous database files. ids list of IDs and passwords, as described in dccd(8). whitelist contains the DCC server whitelist in the format described in dcc(8). grey_whitelist contains the greylist server whitelist. SSEEEE AALLSSOO cdcc(8), cron(8), dcc(8), dccd(8), dblist(8), dccifd(8), dccm(8), dccproc(8). HHIISSTTOORRYY Implementation of ddbbcclleeaann was started at Rhyolite Software, in 2000. This document describes version RHYOLITE_VERSION. March 22, 2024