Hello list,

I'm using HAVP (http://www.server-side.de) and the ClamAVlib to scan HTTP
streams.
This works fine when using a TEMPDIR on an HDD, but fails mysteriously when
using a RAMdisk.

Hardware and software:
HAVP Version 0.91
ClamAV 0.95.2/9695
Slackware Linux 2.6.24.5-smp i686 Pentium III (Coppermine) GNU/Linux RAM:
380604

clamd is running defaults besides:

# grep -v "#" /etc/clamd.conf | grep -v ^$
LogFile /var/log/clamav/clamd.log
LogFileMaxSize 10M
PidFile /var/run/clamav/clamd.pid
LocalSocket /tmp/clamd.socket
User clamav
AllowSupplementaryGroups yes
ExitOnOOM yes


HAVP running defaults besides:

# grep -v "#" /usr/local/etc/havp/havp.config | grep -v ^$
USER havp
GROUP havp
LOG_OKS false
LOGLEVEL 1
TEMPDIR /mnt/memory
PARENTPROXY 192.168.1.101
PARENTPORT 3128
MAXSCANSIZE 15000000
STREAMUSERAGENT Player Winamp iTunes QuickTime Audio RMA/ MAD/ Foobar2000
XMMS
STREAMSCANSIZE 20000
ENABLECLAMLIB true
CLAMDBDIR /usr/share/clamav

Both ClamAV and HAVP are started as root and then drop privileges to their
respective user/groups.


Here's the RAMdisk issue:
# mount | grep ram0
/dev/ram0 on /mnt/memory type ext3 (rw,mand)
# df -h | grep ram0
/dev/ram0             122M  5.6M  110M   5% /mnt/memory
# ls -alh /mnt/memory/
total 17K
drw-rw-rw-  3 clamav clamav 1.0K 2009-08-14 06:06 ./
drwxr-xr-x 11 root   root   4.0K 2009-08-12 05:44 ../
drwx------  2 clamav clamav  12K 2009-08-14 06:04 lost+found/


# sudo -u clamav clamscan --tempdir=/mnt/memory
LibClamAV Error: cli_cvdload(): Can't create temporary directory
/mnt/memory/clamav-a92c7088eca99a33d3925293fea9f609
LibClamAV Error: Can't load /usr/share/clamav/main.cvd: Can't create
temporary directory
ERROR: Can't create temporary directory

----------- SCAN SUMMARY -----------
Known viruses: 63646
Engine version: 0.95.2
Scanned directories: 0
Scanned files: 0
Infected files: 0
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 0.565 sec (0 m 0 s)


I assumed this was a RAMdisk size issue, which it does not seem like:
r...@barge:~# df -h /mnt/memory/
Filesystem            Size  Used Avail Use% Mounted on
/dev/ram0             122M  5.6M  110M   5% /mnt/memory


So I ran strace, (log available at http://pastebin.com/m64756256) and here's
some of the interesting bits:

~# strace -o /tmp/clam.log sudo -u clamav clamscan --tempdir=/mnt/memory
LibClamAV Error: cli_cvdload(): Can't create temporary directory
/mnt/memory/clamav-df42daba837ac4765e37ff3406ef2682
LibClamAV Error: Can't load /usr/share/clamav/main.cvd: Can't create
temporary directory

..
close(3)                                = -1 EBADF (Bad file descriptor)
close(4)                                = -1 EBADF (Bad file descriptor)
close(5)                                = -1 EBADF (Bad file descriptor)
close(6)                                = -1 EBADF (Bad file descriptor)
close(1020)                             = -1 EBADF (Bad file descriptor)
close(1021)                             = -1 EBADF (Bad file descriptor)
close(1022)                             = -1 EBADF (Bad file descriptor)

mkdir("/mnt/memory/clamav-df42daba837ac4765e37ff3406ef2682", 0700) = -1
EACCES (Permission denied)
write(2, "LibClamAV Error: cli_cvdload(): "..., 117) = 117
write(2, "LibClamAV Error: Can\'t load /usr"..., 89) = 89
..EOF


Are the "Bad file descriptors" due to file-system errors or bad RAM?
Is mkdir failing because of permissions a bug? As the TEMPDIR (/mnt/memory/)
is owned by clamav:clamav and the same error occurs even with the dir
chmod'ed to 666.

I've also been asking the HAVP developers too
(http://havp.hege.li/forum/viewtopic.php?f=3&t=472&start=0) who think this
is a TEMPDIR space issue as I cannot replicate it when using TEMPDIR on an
HDD like /tmp/ or /var/tmp/



Regards,
S

_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://www.clamav.net/support/ml

Reply via email to