[clamav-users] cron.daily script
G.W. Haywood
clamav at jubileegroup.co.uk
Sat Jun 10 16:35:18 UTC 2017
Hi Nick,
On Sat, 10 Jun 2017, Matus UHLAR - fantomas wrote:
> On 10.06.17 12:30, nick at collinson.fr wrote:
>
>> When I run my cron.daily clamAV shell script from command line logged
>> in as root, it works perfectly using # /etc/cron.daily/00clamscan_daily
>> However when it runs automatically at 3am as a cron.daily script, bad
>> files are detected but not moved to quarantine (--move=/tmp/quarantine),
>> they are simply listed in /var/log/clamav/clamav-$(date +'%Y-%m-%d').log
>> [...]
>> Maybe /etc/clamd.d/scan.conf should indicate "root" user and not "clam"
>> as user, could this be the problem?
>
> maybe. It's very hard for us to tell ...
You will have seen numerous reports of "false positives" already, and
they will continue. I wonder if to permit a ClamAV process running as
root from cron to move files automatically is to accept the risk that
the OS will be trashed by an undiscovered mistake in the configuration
made in the possibly distant past, and another one in a signature made
at some unknown date in the future. It hardly bears thinking about.
By all means permit automatic file move or delete if the process is
incapable of modifying system files and you think that it's necessary,
but I also wonder what you might be doing with this system which would
make it desirable.
--
73,
Ged.
More information about the clamav-users
mailing list