[clamav-users] clamdscan troubleshooting
Daniel L. Srebnick
dan at islenet.com
Sun Nov 22 01:29:31 UTC 2015
To followup, I found that clamdscan works with either --fdpass or --stream.
If one of those parameters is not included on the command linem then I get
the permissions error.
Regards,
Dan
-----Original Message-----
From: clamav-users [mailto:clamav-users-bounces at lists.clamav.net] On Behalf
Of Bond Masuda
Sent: Saturday, November 21, 2015 13:02
To: ClamAV users ML <clamav-users at lists.clamav.net>
Subject: Re: [clamav-users] clamdscan troubleshooting
Daniel,
You might want to look at these two SELinux booleans:
antivirus_can_scan_system
antivirus_use_jit
You can use 'getsebool':
$ getsebool antivirus_can_scan_system
antivirus_can_scan_system --> on
And you can use 'setsebool' to toggle the boolean setting.
Additionally, see man page for clamdscan and look at the "--fdpass" option.
Note that the clamd daemon is usually running as a different user.
Hope that points you in a useful direction.
Bond
On 11/21/2015 08:17 AM, Daniel L. Srebnick wrote:
> I'm having some issues verifying a clamav install under FC 22.
>
>
>
> I am doing some testing using clamdscan and have been running into
> some kind of permission error as far as I can tell. For now, I have
> set selinux to permissive to eliminate that as an issue.
>
>
>
> I have an eicar.com file that I have scanned with clamscan and it
> verifies that one file has been scanned and that one virus has been found.
>
>
>
> Next, I want to submit a scan of eicar.com using clamdscan.
>
>
>
> [root at zzz tmp]# ls -l eicar.com
>
> -rw-rw-r--. 1 clamscan clamscan 68 Sep 4 2006 eicar.com
>
> [root at zzz tmp]#
>
>
>
>
>
> [root at ears tmp]# clamdscan -c /etc/clamd.d/scan.conf /tmp/eicar.com
>
> /tmp/eicar.com: lstat() failed: No such file or directory. ERROR
>
>
>
> ----------- SCAN SUMMARY -----------
>
> Infected files: 0
>
> Total errors: 1
>
> Time: 0.001 sec (0 m 0 s)
>
> [root at ears tmp]# ls -l eicar.com
>
> -rw-rw-r--. 1 clamscan clamscan 68 Sep 4 2006 eicar.com
>
> [root at ears tmp]# clamdscan -c /etc/clamd.d/scan.conf /tmp/eicar.com
>
> /tmp/eicar.com: lstat() failed: No such file or directory. ERROR
>
>
>
> ----------- SCAN SUMMARY -----------
>
> Infected files: 0
>
> Total errors: 1
>
> Time: 0.001 sec (0 m 0 s)
>
>
>
> Note that the file is not found. If I scan the directory instead:
>
>
>
> [root at ears tmp]# clamdscan -c /etc/clamd.d/scan.conf /tmp
>
> /tmp: OK
>
>
>
> ----------- SCAN SUMMARY -----------
>
> Infected files: 0
>
> Time: 0.000 sec (0 m 0 s)
>
> You have new mail in /var/spool/mail/dan
>
> [root at ears tmp]#
>
>
>
> No infected file is found and no errors.
>
>
>
> clamd is running as clamscan.
>
>
>
> Ready for any suggestions about what is happening here. I've been
> working on this for a few days.
>
>
>
> Thank you.
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list