[CentOS] ClamAV help needed

Ralph Angenendt ra+centos at br-online.de
Tue Jun 17 11:16:03 UTC 2008


Simon Banton wrote:
>> Every day I see in logwatch that my signatures are updated, and the database
>> notified, but if I try to scan a file manually it tells me that my signatures
>> are 55 days old.
>
> I think clamscan looks for the db files in a compiled-in default  
> location of /usr/local/share/clamav and doesn't consult the clamd.conf or 
> freshclam.conf files (after all, why would it?)

It does at least open freshclam.conf (which means that that one must be
*readable* by the user running clamscan:

admin at mail-gw-3:~$strace -eopen clamscan
open("/etc/ld.so.cache", O_RDONLY)      = 3
open("/usr/lib/libclamav.so.4", O_RDONLY) = 3
open("/lib/tls/libpthread.so.0", O_RDONLY) = 3
open("/lib/tls/libc.so.6", O_RDONLY)    = 3
open("/usr/lib/libz.so.1", O_RDONLY)    = 3
open("/usr/lib/libbz2.so.1", O_RDONLY)  = 3
open("/usr/lib/sse2/libgmp.so.3", O_RDONLY) = 3
open("/usr/lib/libclamunrar_iface.so.4", O_RDONLY) = 3
open("/usr/lib/libclamunrar.so.4", O_RDONLY) = 3
open("/etc/freshclam.conf", O_RDONLY)   = 3
open("/var/clamav/daily.cld", O_RDONLY) = 3

Cheers,

Ralph
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.centos.org/pipermail/centos/attachments/20080617/c6bc1189/attachment.bin


More information about the CentOS mailing list