Hello all,Just a hunch, but I think you run clamd as non-previledged user (clamav user?)
I have posted a few messages about clamd not detecting some SomeFool variants when scanning mail, but clamscan was detecting them.
While reading some man pages and the conf files, I found another binary called clamdscan. I ran it and this is what turned out:
defender2 root # clamscan message.scr message.scr: Worm.SomeFool.P FOUND
----------- SCAN SUMMARY ----------- Known viruses: 21161 Scanned directories: 0 Scanned files: 1 Infected files: 1 Data scanned: 0.03 MB I/O buffer size: 131072 bytes Time: 6.929 sec (0 m 6 s) defender2 root # clamdscan message.scr /root/message.scr: OK
----------- SCAN SUMMARY ----------- Infected files: 0 Time: 0.014 sec (0 m 0 s)
As you can see, clamscan catches the worm, while clamdscan doesn't. I checked more than once and I only have one main.cvd and one daily.cvd. How do I get the database location of clamdscan? Where should I change it?
It will not be able to scan files on /root or /home/user, as AFAIK those files are only
available for root or owner. It does not matter if you run clamdscan as root;
clamd still read it with clamav users's rights (e.g. non-root)
Copy your test file somewhere else readable by clamav user (e.g. /tmp) and try again.
To verify that clamd and clamscan reads the same database file, stop clamd, and start it again.
You shoud see on clamd's log (or syslog) entry saying how many viruses it knows,
and where it reads them from.
Regards,
Fajar -- Please avoid sending me Microsoft Office attachments. See http://www.newsforge.com/software/04/03/27/0134204.shtml
------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ Clamav-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/clamav-users
