On Wed, 2014-01-29 at 15:57 +0100, Pieter Caron wrote:
> Dear all
>
> I have installed clamav 0.98.1 on Linux version 3.12.9-1-ARCH x86_64
>
> Clamscan and Clamdscan are working perfectly, also the update via
> Freshclam is ok.
>
> However I have a problem with ScanOnAccess:
>
> Using the following clamd.conf file:
>
> LogFile /var/log/clamav/clamd.log
> LogTime yes
> PidFile /run/clamav/clamd.pid
> TemporaryDirectory /tmp
> LocalSocket /var/lib/clamav/clamd.sock
> User root
> ScanOnAccess yes
> OnAccessMaxFileSize 0
> OnAccessIncludePath /home/pc
> OnAccessExcludePath /home/pc/Downloads
>
> results in log file entries as follows:
>
> -> ScanOnAccess: Protecting directory '/home/pc'
> -> ERROR: ScanOnAccess: Can't exclude path /home/pc/Downloads
> -> SelfCheck: Database status OK.
>
> Here I have 2 issues:
>
> 1) I do not understand why the OnAccessExcludePath is rejected, as the
> directory is existing.
>
> 2) When I access a test virus (eicar.com) nothing happens, there is no
> entry in the log file created.
>
> Fanotify is installed and actived, since when I start Clamd as user, in
> the Clamav log File shows the following error:
>
> -> ERROR: ScanOnAccess: fanotify_init failed: Operation not permitted
> -> ScanOnAccess: clamd must be started by root
>
> which has been solved by the entry: "User root"
>
> Since searching the Web does not give a solution I need some support.
>
> Can someone help me here?
You specifically *INCLUDE* /home/pc... you cannot Exclude a part of it
once you Include it. The Include Trumps the Exclude in this instance. At
least that is what I'm seeing myself.
I haven't tried changing the order of the rules yet and probably won't.
--
greg folkert - systems administration and support
web: donor.com
email: g...@donor.com
phone: 877-751-3300 x416
direct: 616-328-6449 (direct dial and fax)
"Character is the ability to carry out a good resolution long after the
excitement of the moment has passed."
-- Cavett Robert
_______________________________________________
Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq
http://www.clamav.net/support/ml
