clamdscan clamav-daemon error
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
clamav (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: clamav
Hi
I found an error in the clamav-daemon clamdscan client
clamdscan is a client clamav-daemon
This error is highly embarrassing for me - because it prevents the virus scanner operation Qmail-scanner
- which I installed in my Job as a hedge Qmail SMTP server.
Clamdscan not working:
root@localhost:
/root/test/
The log / var / log / clamav / clamav.log appeared this message
Tue Nov 24 16:51:54 2009 -> WARNING: lstat() failed on: /root/test/
The error appears only if - when the scanning is done by clamdscan
Permissions to socket is ok:
:~$ ls -l /tmp/clamd.sock
srwxrwxrwx 1 clamav clamav 0 2009-11-24 04:17 /tmp/clamd.sock
Clamav working properly, but it is not suitable to work with the clam-daemon and Qmail-scanner
- because after each completion of the work program of the virus database jestr it loaded again,
which generates a very large load drive and very slow compared with the clam-daemon job:
root@localhost:
eicar.txt: Eicar-Test-
----------- SCAN SUMMARY -----------
Known viruses: 657374
Engine version: 0.95.3
Scanned directories: 0
Scanned files: 1
Infected files: 1
Data scanned: 0.00 MB
Data read: 0.00 MB (ratio 0.00:1)
Time: 1.954 sec (0 m 1 s)
root@localhost:
Configuration file for clamav-daemon:
:~$ cat /etc/clamav/
AlgorithmicDete
AllowSupplement
ArchiveBlockEnc
CommandReadTimeout 5
DatabaseDirectory /var/lib/clamav
Debug false
DetectBrokenExe
DetectPUA false
ExitOnOOM false
FollowDirectory
FollowFileSymlinks true
Foreground false
HeuristicScanPr
IdleTimeout 30
LeaveTemporaryFiles false
LocalSocket /tmp/clamd.sock
LogClean false
LogFacility LOG_LOCAL6
LogFileMaxSize 0
LogFileUnlock false
LogFile /var/log/
LogSyslog true
LogTime true
LogVerbose false
MailFollowURLs false
MaxConnectionQu
MaxDirectoryRec
MaxQueue 100
MaxThreads 12
PhishingAlwaysB
PhishingAlwaysB
PhishingScanURLs true
PhishingSignatures true
PidFile /var/run/
ReadTimeout 180
ScanArchive true
ScanELF true
ScanHTML true
ScanMail true
ScanOLE2 true
ScanPDF true
ScanPE true
ScanPartialMessages false
SelfCheck 3600
SendBufTimeout 200
StreamMaxLength 10M
StructuredDataD
TCPSocket 3310
User clamav
By contrast, havp the proxy server works with clamav-daemon properly:
Access to this site has been blocked
because it found the virus
ClamAV: EICAR-Test-
Powered by HAVP
These symptoms appeared recently - did not occur in Ubuntu Jaunty with the same configuration / etc / clamav / clamd.conf .
Yours
Further information - log strace program - in the attached file clamdscan.log
ProblemType: Bug
Architecture: i386
Date: Tue Nov 24 16:12:13 2009
DistroRelease: Ubuntu 9.10
NonfreeKernelMo
Package: clamav-daemon 0.95.3+
ProcEnviron:
SHELL=/bin/bash
PATH=(custom, no user)
LANG=pl_PL.UTF-8
ProcVersionSign
SourcePackage: clamav
Uname: Linux 2.6.31-15-generic i686
XsessionErrors:
(gnome-
(gnome-
(polkit-
(nautilus:17774): Eel-CRITICAL **: eel_preferences
(nautilus:17898): Eel-CRITICAL **: eel_preferences
description: | updated |
description: | updated |
description: | updated |
description: | updated |
Changed in clamav (Ubuntu): | |
status: | Incomplete → Invalid |
This is covered in the apparmor section of /usr/share/ doc/clamav/ README. Debian. gz (at the end). You should update your profile to authorize scanning where you need it to happen. See https:/ /wiki.ubuntu. com/AppArmor and the linked pages for details. /etc/apparmor. d/usr.sbin. clamd is the profile that needs to be modified for your use case.