Hello list, I'm using HAVP (http://www.server-side.de) and the ClamAVlib to scan HTTP streams. This works fine when using a TEMPDIR on an HDD, but fails mysteriously when using a RAMdisk.
Hardware and software: HAVP Version 0.91 ClamAV 0.95.2/9695 Slackware Linux 2.6.24.5-smp i686 Pentium III (Coppermine) GNU/Linux RAM: 380604 clamd is running defaults besides: # grep -v "#" /etc/clamd.conf | grep -v ^$ LogFile /var/log/clamav/clamd.log LogFileMaxSize 10M PidFile /var/run/clamav/clamd.pid LocalSocket /tmp/clamd.socket User clamav AllowSupplementaryGroups yes ExitOnOOM yes HAVP running defaults besides: # grep -v "#" /usr/local/etc/havp/havp.config | grep -v ^$ USER havp GROUP havp LOG_OKS false LOGLEVEL 1 TEMPDIR /mnt/memory PARENTPROXY 192.168.1.101 PARENTPORT 3128 MAXSCANSIZE 15000000 STREAMUSERAGENT Player Winamp iTunes QuickTime Audio RMA/ MAD/ Foobar2000 XMMS STREAMSCANSIZE 20000 ENABLECLAMLIB true CLAMDBDIR /usr/share/clamav Both ClamAV and HAVP are started as root and then drop privileges to their respective user/groups. Here's the RAMdisk issue: # mount | grep ram0 /dev/ram0 on /mnt/memory type ext3 (rw,mand) # df -h | grep ram0 /dev/ram0 122M 5.6M 110M 5% /mnt/memory # ls -alh /mnt/memory/ total 17K drw-rw-rw- 3 clamav clamav 1.0K 2009-08-14 06:06 ./ drwxr-xr-x 11 root root 4.0K 2009-08-12 05:44 ../ drwx------ 2 clamav clamav 12K 2009-08-14 06:04 lost+found/ # sudo -u clamav clamscan --tempdir=/mnt/memory LibClamAV Error: cli_cvdload(): Can't create temporary directory /mnt/memory/clamav-a92c7088eca99a33d3925293fea9f609 LibClamAV Error: Can't load /usr/share/clamav/main.cvd: Can't create temporary directory ERROR: Can't create temporary directory ----------- SCAN SUMMARY ----------- Known viruses: 63646 Engine version: 0.95.2 Scanned directories: 0 Scanned files: 0 Infected files: 0 Data scanned: 0.00 MB Data read: 0.00 MB (ratio 0.00:1) Time: 0.565 sec (0 m 0 s) I assumed this was a RAMdisk size issue, which it does not seem like: r...@barge:~# df -h /mnt/memory/ Filesystem Size Used Avail Use% Mounted on /dev/ram0 122M 5.6M 110M 5% /mnt/memory So I ran strace, (log available at http://pastebin.com/m64756256) and here's some of the interesting bits: ~# strace -o /tmp/clam.log sudo -u clamav clamscan --tempdir=/mnt/memory LibClamAV Error: cli_cvdload(): Can't create temporary directory /mnt/memory/clamav-df42daba837ac4765e37ff3406ef2682 LibClamAV Error: Can't load /usr/share/clamav/main.cvd: Can't create temporary directory .. close(3) = -1 EBADF (Bad file descriptor) close(4) = -1 EBADF (Bad file descriptor) close(5) = -1 EBADF (Bad file descriptor) close(6) = -1 EBADF (Bad file descriptor) close(1020) = -1 EBADF (Bad file descriptor) close(1021) = -1 EBADF (Bad file descriptor) close(1022) = -1 EBADF (Bad file descriptor) mkdir("/mnt/memory/clamav-df42daba837ac4765e37ff3406ef2682", 0700) = -1 EACCES (Permission denied) write(2, "LibClamAV Error: cli_cvdload(): "..., 117) = 117 write(2, "LibClamAV Error: Can\'t load /usr"..., 89) = 89 ..EOF Are the "Bad file descriptors" due to file-system errors or bad RAM? Is mkdir failing because of permissions a bug? As the TEMPDIR (/mnt/memory/) is owned by clamav:clamav and the same error occurs even with the dir chmod'ed to 666. I've also been asking the HAVP developers too (http://havp.hege.li/forum/viewtopic.php?f=3&t=472&start=0) who think this is a TEMPDIR space issue as I cannot replicate it when using TEMPDIR on an HDD like /tmp/ or /var/tmp/ Regards, S _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
