[CentOS] ClamAV help needed
Ralph Angenendt
ra+centos at br-online.de
Tue Jun 17 11:16:03 UTC 2008
Simon Banton wrote:
>> Every day I see in logwatch that my signatures are updated, and the database
>> notified, but if I try to scan a file manually it tells me that my signatures
>> are 55 days old.
>
> I think clamscan looks for the db files in a compiled-in default
> location of /usr/local/share/clamav and doesn't consult the clamd.conf or
> freshclam.conf files (after all, why would it?)
It does at least open freshclam.conf (which means that that one must be
*readable* by the user running clamscan:
admin at mail-gw-3:~$strace -eopen clamscan
open("/etc/ld.so.cache", O_RDONLY) = 3
open("/usr/lib/libclamav.so.4", O_RDONLY) = 3
open("/lib/tls/libpthread.so.0", O_RDONLY) = 3
open("/lib/tls/libc.so.6", O_RDONLY) = 3
open("/usr/lib/libz.so.1", O_RDONLY) = 3
open("/usr/lib/libbz2.so.1", O_RDONLY) = 3
open("/usr/lib/sse2/libgmp.so.3", O_RDONLY) = 3
open("/usr/lib/libclamunrar_iface.so.4", O_RDONLY) = 3
open("/usr/lib/libclamunrar.so.4", O_RDONLY) = 3
open("/etc/freshclam.conf", O_RDONLY) = 3
open("/var/clamav/daily.cld", O_RDONLY) = 3
Cheers,
Ralph
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20080617/c6bc1189/attachment.sig>
More information about the CentOS
mailing list