Hi there, On Sat, 19 Mar 2011 Chuck Swiger wrote:
> ... think about the tradeoffs of rebuilding locate databases at > least daily versus running find once a day. And then consider that > you can point find just at the export point of the OP's fileserver, > whereas locate.updatedb will index all local filesystems. At least on the systems I use, 'updatedb' just uses 'find' to do the actual filesystem searching, thus 'find' options can be used to limit the scope of the files listed in a database. Options for 'updatedb' can be on the command line or in the environment, see the 'man' page. As Mr. Petersen says there are few restrictions on the databases, and it would seem that 'updatedb' and 'locate' are well-suited to the task if the OP is happy with a non-real-time approach. In a case like this, my preference would be to scan files before they are written to the filesystem, or at least very soon thereafter, so as to keep to a minimum the risk that an unscanned, dangerous file might be served to a vulnerable machine. Viruses and similar have a nasty habit of propagating in an almost explosive fashion; a problem with a solution as simple as erasing a file can rapidly become one of almost biblical proportions, involving reinstallations of dozens of operating systems and much hunting for long-lost backups. It's up to the OP to make the judgement of course. -- 73, Ged. _______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://www.clamav.net/support/ml
