Hi Marian, To add to what Ged said -- Mickey is actively investigating the source of the error you've described. Unfortunately the errors currently produced when watching a mount point fails do not provide very much detail about why it failed.
If we create a patch, would you be able to compile and test with the patch to help us figure out what is causing the issue you've encountered? Regards, Micah -----Original Message----- From: clamav-users <clamav-users-boun...@lists.clamav.net> On Behalf Of G.W. Haywood via clamav-users Sent: Tuesday, August 4, 2020 5:16 AM To: Marian Galbavy via clamav-users <clamav-users@lists.clamav.net> Cc: G.W. Haywood <cla...@jubileegroup.co.uk> Subject: Re: [clamav-users] on-access scan /media folder Hi there, On Tue, 4 Aug 2020, Marian Galbavy via clamav-users wrote: > I have problem with on-access scan of /media folder in Ubuntu. I would > like to have on-access scan for connected removable devices but it doesn't > work. > In log I have find this line: > ERROR: ClamInotif: could not watch path '/media'. 3 User clamav has > read permissions for this folder, nevertheless I can open eicar file > from my flash disk. However if I run clamdscan, clamav recognize this > file as malicious. ... Although I mostly use Linux and similar systems, I don't use ClamAV to scan them nor do I use on-access scanning in any way. I believe that there are a few issues with on-acccess scanning known and being worked on, but except that they are not necessarily obvious I don't know much about them. So I'm probably not the best person to help you directly with your problem. However I can at least let you know that your mail has been seen, point you to the documentation and the list archives, and help you to improve your question. :) There is some documentation on-line, and it should also be available for installation from Ubuntu (or already installed on your computer): https://www.clamav.net/documents/on-access-scanning Can we take it that you have read that? The list archives already contain questions about on-access scanning, and it might be well for you to search them. There are several places to find them, for example I find this archive very useful: https://marc.info/?l=clamav-users&r=1&w=2 Please tell us how you installed ClamAV, and the version you're using, and please show relevant parts of the relevant configuration files. If you don't know what's relevant you could perhaps post the output of grep -v '^\(# \|$\)' clamd.conf or something similar, which should be around 160 lines instead of the nearer 760 lines if you were to include all the comments. The way that devices are mounted may be important too. For example /media might be a symlink instead of a real mount point. If you are not familiar with the terms that I'm using you may need to do some reading about how devices are mounted on the filesystem and accessed. Please be aware that ClamAV does not do miracles and that we do not do clairvoyance. It would help a lot if you can describe how you use your computer and explain why you are trying to do what you are trying to do. We might then be able to comment on your chances of success. The mail address that I'm using accepts mail only from the mailing list. -- 73, Ged. _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml _______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
