[clamav-users] using clamdscan and clamd to do complete file system scan

[John McGowan]

On Tue, Apr 28, 2015 at 8:17 PM, Al Varnell <alvarnell at mac.com> wrote:
> Quite the opposite is true.  The default is to scan up to 15 directories deep.
>
> Questions such as these are most easily solved by reading the appropriate man, in this case clamdscan.1 which reads in part:
>
>> EXAMPLES
>>
>>        (0) To scan a one file:
>>               clamdscan file
>>
>>        (1) To scan a current working directory:
>>               clamdscan
>>
>>        (2) To scan all files in /home:
>>               clamdscan /home

Well, then there must either be a misconfiguration, or a defect in the
Amazon Linux distribution of clamd and clamdscan, because when I do
something like this...

# clamdscan /bin
/bin: OK

----------- SCAN SUMMARY -----------
Infected files: 0
Time: 0.351 sec (0 m 0 s)
#

It doesn't seem to actually do anything interesting..., nothing
scanned, pehaps the fact that the summary is missing so many other
items is a clue to some other problem, but it just looks like it's not
doing recursing through the directories.

it's completely different than when i run a clamscan...

# clamscan /bin
/bin/ksh93: OK
/bin/cp: OK
/bin/rpm: OK
/bin/zcat: OK
/bin/gzip: OK
...snip...
----------- SCAN SUMMARY -----------
Known viruses: 3798768
Engine version: 0.98.6
Scanned directories: 1
Scanned files: 88
Infected files: 0
Data scanned: 7.89 MB
Data read: 7.90 MB (ratio 1.00:1)
Time: 7.358 sec (0 m 7 s)
#

As far as I know there is nothing special about the configuration.
All values related to recursion seem to be Ok to me.  (in fact most of
the recursion values in clamd.conf seem only to apply to recursion
within an archive file encountered during the scan.

At this point my "find | xargs clamdscan" solution is working.  If
someone on the ClamAV team want's more details about what's happening
with my clamdscan i'm happy to provide them.

/John