On Fri, 2005-12-30 at 00:02 -0600, Les Mikesell wrote:
On Thu, 2005-12-29 at 23:30, rado wrote:
also, it seems that no matter what I tried I cannot get find to stop looking in /proc lol
One way is to use the -mount argument and make separate runs for each filesystem. That also avoids the problem of wandering into isos/dvd's/nfs mounts, etc.
whoa...I run CentOS as generic and simply as possible. Only thing I am guilty of is bash shell lol. I don't even run nfs anywhere! ...my fstab: # This file is edited by fstab-sync - see 'man fstab-sync' for details /dev/md1 / ext3 defaults 1 1 /dev/md0 /boot ext3 defaults 1 2 none /dev/pts devpts gid=5,mode=620 0 0 none /dev/shm tmpfs defaults 0 0 none /proc proc defaults 0 0 none /sys sysfs defaults 0 0 /dev/hdc3 swap swap defaults 0 0 /dev/hda3 swap swap defaults 0 0
/dev/hdb /media/cdrecorder auto pamconsole,exec,noauto,managed 0 0 /dev/fd0 /media/floppy auto pamconsole,exec,noauto,managed 0 0
oh my, Les!!! as I was editing the spacing in this fstab, something hit me! ...the /proc line and the /sys line could they be the culprits that have been giving me fits???
ok...I'm too tired tonite...gonna stop right here...tomorrow nite first thing, I am gonna google around see if I can find some "proper syntax" for this -mount deal...I read the man...just bounced off me for now.
If you don't have any mounted filesystems that you want scanned then you can't hurt anything. Just add -mount as an argument to find after the directory (/) and on general principles you should also add -print0 as the last argument to find and -0 as an argument to xargs.
kk, now this is exciting! I ended up w/the following:
clamexcludes=" --exclude=/usr/share/doc/clamav-0.87 -- \ exclude=/usr/lib/mailman/tests/msgs "
find / -mount -type f -mtime -1 -print0 | xargs -0 clamscan -l \ /var/log/clamav/clamscan-bu-daily.log $clamexcludes \ -r --no-summary | \ cut -d: -f1 > /usr/local/bin/changedfilelog
I was able to take all excludes from /sys and /proc from clamexcludes and the -prune options of find.
The total run time takes 2min 19 secs now (a couple mins. less) and the number of files logged is 2,067 compared to 6-7000 files before!
Wow, I am very pleased! Now I gotta go work!
thx for all,
John Rose