[clamav-users] ScanOnAccess: ... (null) FOUND
Micah Snyder (micasnyd)
micasnyd at cisco.com
Thu Mar 14 13:35:16 UTC 2019
Hi Franky,
Updating your signature set shouldn't affect this, although it is good to keep up to date.
We never did track down the cause of the (null) FOUND issue.
We are presently working on migrating the on-access scanning code out of clamd and into a new, separate utility that will submit files to clamd to be scanned, much the way that clamdscan interacts with clamd. We will have to keep an eye out for this or similar issues when the new on-access tool is complete.
-Micah
Micah Snyder
ClamAV Development
Talos
Cisco Systems, Inc.
On 3/13/19, 12:41 PM, "clamav-users on behalf of Franky Van Liedekerke via clamav-users" <clamav-users-bounces at lists.clamav.net on behalf of clamav-users at lists.clamav.net> wrote:
Hi,
I seem to be encountering the same issue someone described here:
https://www.mail-archive.com/clamav-users@lists.clamav.net/msg46022.html
For me the null-message arrived when switching to root:
ScanOnAccess: /root/.bash_history: (null) FOUND
I'm running on RHEL7 server, latest updates with versions:
clamd-0.101.1-1.el7.x86_64
The accompanying files (coming from clamav-data rpm):
-rw-r--r--. 1 clamupdate clamupdate 199693 Jan 10 06:14 bytecode.cvd
-rw-r--r--. 1 clamupdate clamupdate 53834626 Jan 10 06:14 daily.cvd
-rw-r--r--. 1 clamupdate clamupdate 117892267 Jan 9 2018 main.cvd
It seems the main.cvd is old, but I haven't run freshclam against this yet. Could that be the reason? Since it is an internal server, I first need to setup a proxy etc ... for freshclam to work.
With friendly regards,
Franky
_______________________________________________
clamav-users mailing list
clamav-users at lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/contact.html#ml
More information about the clamav-users
mailing list