Hi, thank you very much, I will try it and iform you.
Best regards Marian Používateľ Mickey Sola (micksola) via clamav-users < clamav-users@lists.clamav.net> piatok 21. augusta 2020 napísal: > Hi there, > > Sorry again for the delay. I've attached a small patch which provides a > bit deeper (and possibly excessive) error reporting for clamonacc. Please > give it a try and let us know what errors pop up so we can better figure > out the problem. > > Thanks, > Mickey > > On 2020-08-17 18:41:49-04:00 clamav-users wrote: > > Sorry for the long delay on my part as well. My teammate Mickey is > presently working on a patch to improve the error output to so we can get a > better idea what’s gone wrong for you. She or I will let you know as soon > as we have something that you can test with. > > > > Regards, > > Micah > > > > *From:* clamav-users <clamav-users-boun...@lists.clamav.net> *On Behalf > Of *Marian Galbavy via clamav-users > *Sent:* Wednesday, August 12, 2020 12:57 AM > *To:* ClamAV users ML <clamav-users@lists.clamav.net> > *Cc:* Marian Galbavy <mgal...@gmail.com> > *Subject:* Re: [clamav-users] on-access scan /media folder > > > > Thank you guys for your answers. Sorry for my late reply, I was in abroad. > I have already read documentation of ClamAV, but I didn't find any answer, > what does error 3 mean. Here is my clamd.conf: > > > > #Automatically Generated by clamav-daemon postinst > #To reconfigure clamd run #dpkg-reconfigure clamav-daemon > #Please read /usr/share/doc/clamav-daemon/README.Debian.gz for details > LocalSocket /var/run/clamav/clamd.ctl > FixStaleSocket true > LocalSocketGroup clamav > LocalSocketMode 666 > # TemporaryDirectory is not set to its default /tmp here to make overriding > # the default with environment variables TMPDIR/TMP/TEMP possible > User clamav > ScanMail true > ScanArchive true > ArchiveBlockEncrypted false > MaxDirectoryRecursion 15 > FollowDirectorySymlinks false > FollowFileSymlinks false > ReadTimeout 180 > MaxThreads 12 > MaxConnectionQueueLength 15 > LogSyslog false > LogRotate true > LogFacility LOG_LOCAL6 > LogClean false > LogVerbose false > PreludeEnable no > PreludeAnalyzerName ClamAV > DatabaseDirectory /var/lib/clamav > OfficialDatabaseOnly false > SelfCheck 3600 > Foreground false > Debug false > ScanPE true > MaxEmbeddedPE 10M > ScanOLE2 true > ScanPDF true > ScanHTML true > MaxHTMLNormalize 10M > MaxHTMLNoTags 2M > MaxScriptNormalize 5M > MaxZipTypeRcg 1M > ScanSWF true > ExitOnOOM false > LeaveTemporaryFiles false > AlgorithmicDetection true > ScanELF true > IdleTimeout 30 > CrossFilesystems true > PhishingSignatures true > PhishingScanURLs true > PhishingAlwaysBlockSSLMismatch false > PhishingAlwaysBlockCloak false > PartitionIntersection false > DetectPUA false > ScanPartialMessages false > HeuristicScanPrecedence false > StructuredDataDetection false > CommandReadTimeout 30 > SendBufTimeout 200 > MaxQueue 100 > ExtendedDetectionInfo true > OLE2BlockMacros false > AllowAllMatchScan true > ForceToDisk false > DisableCertCheck false > DisableCache false > MaxScanTime 120000 > MaxScanSize 100M > MaxFileSize 25M > MaxRecursion 16 > MaxFiles 10000 > MaxPartitions 50 > MaxIconsPE 100 > PCREMatchLimit 10000 > PCRERecMatchLimit 5000 > PCREMaxFileSize 25M > ScanXMLDOCS true > ScanHWP3 true > MaxRecHWP3 16 > StreamMaxLength 25M > LogFile /var/log/clamav/clamav.log > LogTime true > LogFileUnlock false > LogFileMaxSize 0 > Bytecode true > BytecodeSecurity TrustSigned > BytecodeTimeout 60000 > OnAccessMaxFileSize 5M > OnAccessPrevention yes > OnAccessIncludePath /home > OnAccessIncludePath /usr/local > OnAccessIncludePath /tmp > OnAccessIncludePath /var > OnAccessIncludePath /opt > OnAccessIncludePath /root > OnAccessExcludeUname clamav > OnAccessDisableDDD no > > > > > > Micah, sounds great, if you will make some patch, I am able to test it. > Thank you in advance :) > > > > > > st 5. 8. 2020 o 22:06 Micah Snyder (micasnyd) via clamav-users < > clamav-users@lists.clamav.net> napísal(a): > > Hi Marian, > > To add to what Ged said -- Mickey is actively investigating the source of > the error you've described. Unfortunately the errors currently produced > when watching a mount point fails do not provide very much detail about why > it failed. > > If we create a patch, would you be able to compile and test with the patch > to help us figure out what is causing the issue you've encountered? > > Regards, > Micah > > -----Original Message----- > From: clamav-users <clamav-users-boun...@lists.clamav.net> On Behalf Of > G.W. Haywood via clamav-users > Sent: Tuesday, August 4, 2020 5:16 AM > To: Marian Galbavy via clamav-users <clamav-users@lists.clamav.net> > Cc: G.W. Haywood <cla...@jubileegroup.co.uk> > Subject: Re: [clamav-users] on-access scan /media folder > > Hi there, > > On Tue, 4 Aug 2020, Marian Galbavy via clamav-users wrote: > > > I have problem with on-access scan of /media folder in Ubuntu. I would > > like to have on-access scan for connected removable devices but it > doesn't work. > > In log I have find this line: > > ERROR: ClamInotif: could not watch path '/media'. 3 User clamav has > > read permissions for this folder, nevertheless I can open eicar file > > from my flash disk. However if I run clamdscan, clamav recognize this > > file as malicious. ... > > Although I mostly use Linux and similar systems, I don't use ClamAV to > scan them nor do I use on-access scanning in any way. I believe that there > are a few issues with on-acccess scanning known and being worked on, but > except that they are not necessarily obvious I don't know much about them. > So I'm probably not the best person to help you directly with your > problem. However I can at least let you know that your mail has been seen, > point you to the documentation and the list archives, and help you to > improve your question. :) > > There is some documentation on-line, and it should also be available for > installation from Ubuntu (or already installed on your computer): > > https://www.clamav.net/documents/on-access-scanning > > Can we take it that you have read that? > > The list archives already contain questions about on-access scanning, and > it might be well for you to search them. There are several places to find > them, for example I find this archive very useful: > > https://marc.info/?l=clamav-users&r=1&w=2 > > Please tell us how you installed ClamAV, and the version you're using, and > please show relevant parts of the relevant configuration files. > > If you don't know what's relevant you could perhaps post the output of > > grep -v '^\(# \|$\)' clamd.conf > > or something similar, which should be around 160 lines instead of the > nearer 760 lines if you were to include all the comments. > > The way that devices are mounted may be important too. For example /media > might be a symlink instead of a real mount point. If you are not familiar > with the terms that I'm using you may need to do some reading about how > devices are mounted on the filesystem and accessed. > > Please be aware that ClamAV does not do miracles and that we do not do > clairvoyance. It would help a lot if you can describe how you use your > computer and explain why you are trying to do what you are trying to do. > We might then be able to comment on your chances of success. > > The mail address that I'm using accepts mail only from the mailing list. > > -- > > 73, > Ged. > > _______________________________________________ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > > _______________________________________________ > > clamav-users mailing list > clamav-users@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-users > > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml > >
_______________________________________________ clamav-users mailing list clamav-users@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-users Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
