Hello,
I'm trying to configure OnAccess scanning on the whole drive, as read in this
post blog:
http://blog.clamav.net/2016/03/configuring-on-access-scanning-in-clamav.html
(first example)
It works fine if I launch clamd manually, with: /usr/sbin/clamd -c
/etc/clamd.conf &
If I use systemd to l
s...@hexadiam.com]
Sent: 04 May 2016 19:11
To: ClamAV users ML
Subject: Re: [clamav-users] ScanOnAccess issue when clamd launched from systemd
Is SELinux enabled on that system? If so, I would look to see if SELinux
is blocking.
On 05/04/2016 09:29 AM, Mikko Caldara wrote:
> Hello,
>
9cb621925b13c7055.tmp/nocomment.html (deleted):
Win.Trojan.cve_2011_2657-1(d361373a52eb4e0cfcb1fd4783700152:273785) FOUND
[...]
And it goes on forever... Need to kill it.
From: clamav-users [clamav-users-boun...@lists.clamav.net] on behalf of Mikko
Caldara [mi
Pärna [virgo.pa...@mail.ee]
Sent: 05 May 2016 11:07
To: clamav-users@lists.clamav.net
Subject: Re: [clamav-users] ScanOnAccess issue when clamd launched from systemd
On Thu, 5 May 2016 09:50:03 +0000, Mikko Caldara
wrote:
> Not sure if it's related, but when I launch clamd *without* sys
quickly overflow the fanotify event
queue. You might consider being more selective with your watchpoints to
reduce unwanted noise and free up cpu cycles.
- Mickey
On Thu, May 5, 2016 at 6:12 AM, Mikko Caldara
wrote:
> I currently have these options enabled:
>
> ScanOnA
From: Mikko Caldara
Sent: 05 May 2016 16:47
To: ClamAV users ML
Subject: RE: [clamav-users] ScanOnAccess issue when clamd launched from systemd
Hi Mickey,
I tried disabling SELinux and will report back later on that issue.
I understand OnAccess cannot prevent access or write attempts
if
u will find a difference. Once you know the
difference, then you can adjust the SELinux policies.
Good luck,
Bond
On 05/06/2016 02:07 AM, Mikko Caldara wrote:
> Disabling SELinux actually gets rid of the error. Unfortunately, this is not
> viable for us.
>
> How do I go about debugging
