[clamav-users] why is clamscan excluding home directory ?

Fri, 08 Apr 2022 08:04:34 -0700 

[root@fedora bob]# uname -a
Linux fedora 5.16.18-200.fc35.x86_64 #1 SMP PREEMPT Mon Mar 28 14:10:07 UTC 
2022 x86_64 x86_64 x86_64 GNU/Linux

[root@fedora bob]# clamscan -V
ClamAV 0.103.5/26504/Wed Apr  6 09:20:18 2022
[root@fedora bob]# 


[root@fedora bob]# pwd/home/bob

[root@fedora bob]# cat clamscan.conf
    --stdout
    --recursive
    --cross-fs=no
    --exclude-dir='^/proc'
    --exclude-dir='^/sys'
    -z  

[root@fedora bob]#  xargs -a clamscan.conf clamscan / > clamscan.log 2>&1
[root@fedora bob]# head clamscan.log
/boot: Excluded
/dev: Excluded
/home: Excluded
/proc: Excluded
/run: Excluded
/sys: Excluded
/tmp: Excluded
/root/.bash_logout: OK
/root/.bash_profile: OK
/root/.bashrc: OK
[root@fedora bob]# lsblk
 NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS
sr0     11:0    1  1024M  0 rom  
zram0  251:0    0   7.8G  0 disk [SWAP]
vda    252:0    0 931.5G  0 disk
├─vda1 252:1    0     1G  0 part /boot
└─vda2 252:2    0 930.5G  0 part /home                                 /

Output from df on excluded dirs:
Filesystem     1K-blocks    Used    Available Use% Mounted on
/dev/vda2      975712256    5701400 968353688   1% /
/dev/vda1         996780     270116    657852  30% /boot
devtmpfs            4096          0      4096   0% /dev
/dev/vda2      975712256    4757620 969293244   1% /home
tmpfs            1625920       1440   1624480   1% /run
tmpfs            4064792         68   4064724   1% /tmp
sunrpc                 0     0         0         - /var/lib/nfs/rpc_pipefs
-              975712256 4757620 969293244      1% /var/lib/machines  

This explains all the exclusions bar /home :
(fs = fileSystem)
/boot: Excluded                         - diff fs: OK
/dev: Excluded                          - diff fs: OK
/home: Excluded                         - SAME FS: ???
/proc: Excluded                         - exclude-dir: OK
/run: Excluded                          - diff fs: OK
/sys: Excluded                          - exclude-dir: OK
/tmp: Excluded                          - diff fs: OK
/var/lib/nfs/rpc_pipefs: Excluded       - diff fs: OK
/var/lib/machines: Excluded             - diff fs: OK

So why is /home excluded ?
I have tried investigating with the following options

    --stdout
    --recursive
    --cross-fs=no
    --exclude-dir='^/proc'
    --exclude-dir='^/sys'
    -z  
    --infected
    -v
    --debug 

but the log generated is 1G, there were issues with characters in the file when 
I tried to open with gedit and I couldn't extract anything useful with grep.
So, any ideas why /home is being  excluded ?












_______________________________________________

clamav-users mailing list
clamav-users@lists.clamav.net
https://lists.clamav.net/mailman/listinfo/clamav-users


Help us build a comprehensive ClamAV guide:
https://github.com/vrtadmin/clamav-faq

http://www.clamav.net/contact.html#ml

Reply via email to