[clamav-users] some clamd.conf issues

Steven Morgan smorgan at sourcefire.com
Tue Jan 12 11:19:26 EST 2016


I believe the configuration statement keyword is supposed to be
"BytecodeMode".

Steve

On Tue, Jan 12, 2016 at 7:36 AM, Michael K. <michael at cacn.de> wrote:

> Hello Kevin,
>
> Am Mon, 11 Jan 2016 10:36:51 -0500
> schrieb Kevin Lin <klin at sourcefire.com>:
> > This is a minor bug in the current release of ClamAV 0.99.
> nice to know, thanks...
>
> > The work around would be to use "26214400" instead of "25M".
> done (also whitout the "M")
>
> but, clam starts not at all :(
> http://pastebin.com/AMDCDMut
>
> clamd[2216]: ERROR: Parse error at line 625: Unknown option ByteCodeMode
> clamd[2216]: ERROR: Can't open/parse the config
> file /etc/clamd.d/clamd.conf
>
> here is a extract from my clam.conf (only section bytecode)
>
> ##
> ## Bytecode
> ##
>
> # With this option enabled ClamAV will load bytecode from the database.
> # It is highly recommended you keep this option on, otherwise you'll miss
> detections for many new viruses.
> # Default: yes
> Bytecode yes
>
> # Bytecode mode
> #
> # This option has been set to 'ForceInterpreter' in Fedora due to
> # security concerns by default.  You might need to enable the
> # 'clamd_use_jit' SELinux boolean after setting this option to the
> # more efficient 'ForceJIT' value.
> #
> # Default: ForceInterpreter
> ByteCodeMode ForceInterpreter
>
> # Set bytecode security level.
> # Possible values:
> #       None - no security at all, meant for debugging. DO NOT USE THIS ON
> PRODUCTION SYSTEMS
> #         This value is only available if clamav was built with
> --enable-debug!
> #       TrustSigned - trust bytecode loaded from signed .c[lv]d files,
> #                insert runtime safety checks for bytecode loaded from
> other sources
> #       Paranoid - don't trust any bytecode, insert runtime checks for all
> # Recommended: TrustSigned, because bytecode in .cvd files already has
> these checks
> # Note that by default only signed bytecode is loaded, currently you can
> only
> # load unsigned bytecode in --enable-debug mode.
> #
> # Default: TrustSigned
> BytecodeSecurity TrustSigned
>
> # Set bytecode timeout in miliseconds.
> #
> # Default: 5000
> BytecodeTimeout 5000
>
> ahoj
> michael
>
>
> --
> | Neuer GNUpg Key! = 0xEC54E607 (GnuPG ID)
> | Download Public Key = keys.gnupg.net
> | B45F 30C4 ED93 FEAF 48E3 0D3B C716 4875 EC54 E607
>
> _______________________________________________
> Help us build a comprehensive ClamAV guide:
> https://github.com/vrtadmin/clamav-faq
>
> http://www.clamav.net/contact.html#ml
>



More information about the clamav-users mailing list