[Pkg-clamav-devel] Bug#525358: clamav: clamscan --exclude option stopped working

The Count usnay12345 at yahoo.com
Thu Apr 23 22:36:05 UTC 2009


Package: clamav
Version: 0.94.dfsg.2-1lenny2
Severity: normal


Was using the option   --exclude=//sys/   in clamscan to not scan the /sys
directory, when running a scan of the entire system (clamscan -r /).  This
worked in clamscan 0.90.x and 0.92.1.  After upgrade to lenny, my clamscan
report now includes a bunch of open errors on things in /sys .  Old clamscan
doc used to say to add an extra '/' to the beginning of the exclude pattern,
to indicate that the pattern was in a root directory, and did not require
any wildcards.

Faster testcase:

Try to prevent scanning of the /sys/block directory's contents, when scanning
the /sys directory tree:

# clamscan -r /sys
scans everything under /sys, as it should

None of the following variants prevent scanning the /sys/block directory:
# clamscan -r --exclude=/block/         /sys 
# clamscan -r --exclude=block           /sys
# clamscan -r --exclude='block'         /sys
# clamscan -r --exclude='.*block.*'     /sys
# clamscan -r --exclude='\.*block\.*'   /sys
# clamscan -r --exclude='/.*block.*/'   /sys
# clamscan -r --exclude='*block*'       /sys


-- Package-specific info:
--- configuration ---
/etc/clamav/clamd.conf: clamd directives
------------------------------
LogFile = "/var/log/clamav/clamav.log"
LogFileUnlock = no
LogFileMaxSize = 0
LogTime = yes
LogClean = no
LogVerbose = no
LogSyslog = no
LogFacility = "LOG_LOCAL6"
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory = "/tmp"
ScanPE = yes
ScanELF = yes
DetectBrokenExecutables = no
ScanMail = yes
MailFollowURLs = no
ScanPartialMessages = no
PhishingSignatures = yes
PhishingScanURLs = yes
PhishingAlwaysBlockCloak = no
PhishingAlwaysBlockSSLMismatch = no
HeuristicScanPrecedence = no
DetectPUA = no
ExcludePUA not set
IncludePUA not set
StructuredDataDetection = no
StructuredMinCreditCardCount = 3
StructuredMinSSNCount = 3
StructuredSSNFormatNormal = yes
StructuredSSNFormatStripped = no
AlgorithmicDetection = yes
ScanHTML = yes
ScanOLE2 = yes
ScanPDF = yes
ScanArchive = yes
MaxScanSize = 104857600
MaxFileSize = 26214400
MaxRecursion = 16
MaxFiles = 10000
ArchiveLimitMemoryUsage = no
ArchiveBlockEncrypted = no
DatabaseDirectory = "/var/lib/clamav"
TCPAddr not set
TCPSocket not set
LocalSocket = "/var/run/clamav/clamd.ctl"
MaxConnectionQueueLength = 15
StreamMaxLength = 10485760
StreamMinPort = 1024
StreamMaxPort = 2048
MaxThreads = 12
ReadTimeout = 180
IdleTimeout = 30
MaxDirectoryRecursion = 15
ExcludePath not set
FollowDirectorySymlinks = no
FollowFileSymlinks = no
ExitOnOOM = no
Foreground = no
Debug = no
LeaveTemporaryFiles = no
FixStaleSocket = yes
User = "clamav"
AllowSupplementaryGroups = yes
SelfCheck = 3600
VirusEvent not set
ClamukoScanOnAccess not set
ClamukoScanOnOpen not set
ClamukoScanOnClose not set
ClamukoScanOnExec not set
ClamukoIncludePath not set
ClamukoExcludePath not set
ClamukoMaxFileSize = 5242880
DevACOnly not set
DevACDepth not set
*** MailMaxRecursion is DEPRECATED ***
*** ArchiveMaxFileSize is DEPRECATED ***
*** ArchiveMaxRecursion is DEPRECATED ***
*** ArchiveMaxFiles is DEPRECATED ***
*** ArchiveMaxCompressionRatio is DEPRECATED ***
*** ArchiveBlockMax is DEPRECATED ***

/etc/clamav/freshclam.conf: freshclam directives
------------------------------
LogFileMaxSize = 0
LogTime = no
LogVerbose = no
LogSyslog = no
LogFacility = "LOG_LOCAL6"
PidFile = "/var/run/clamav/freshclam.pid"
DatabaseDirectory = "/var/lib/clamav/"
Foreground = no
Debug = no
AllowSupplementaryGroups = no
DatabaseOwner = "clamav"
Checks = 24
UpdateLogFile = "/var/log/clamav/freshclam.log"
DNSDatabaseInfo = "current.cvd.clamav.net"
DatabaseMirror = "db.local.clamav.net"
DatabaseMirror = "database.clamav.net"
MaxAttempts = 5
ScriptedUpdates = yes
CompressLocalDatabase = no
HTTPProxyServer not set
HTTPProxyPort not set
HTTPProxyUsername not set
HTTPProxyPassword not set
HTTPUserAgent not set
NotifyClamd not set
OnUpdateExecute not set
OnErrorExecute not set
OnOutdatedExecute not set
LocalIPAddress not set
ConnectTimeout = 30
ReceiveTimeout = 30
SubmitDetectionStats not set
DetectionStatsCountry not set

Engine and signature databases
------------------------------
Engine version: 0.94.2
Database directory: /var/lib/clamav/
main db: Format: .cld, Version: 50, Build time: Sun Feb 15 16:47:25 2009
daily db: Format: .cld, Version: 9280, Build time: Thu Apr 23 14:37:01 2009

--- data dir ---
total 46184
-rw-r--r-- 1 clamav clamav  2839552 2009-04-23 15:45:32 daily.cld
-rw-r--r-- 1 clamav clamav 44391424 2009-04-20 05:08:16 main.cld
-rw------- 1 clamav clamav      780 2009-04-23 17:45:32 mirrors.dat

-- System Information:
Debian Release: 5.0.1
  APT prefers proposed-updates
  APT policy: (500, 'proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-2-686-bigmem (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages clamav depends on:
ii  clamav-freshclam [cl 0.94.dfsg.2-1lenny2 anti-virus utility for Unix - viru
ii  libbz2-1.0           1.0.5-1             high-quality block-sorting file co
ii  libc6                2.9-6               GNU C Library: Shared libraries
ii  libclamav5           0.94.dfsg.2-1lenny2 anti-virus utility for Unix - libr
ii  libgmp3c2            2:4.2.2+dfsg-3      Multiprecision arithmetic library
ii  zlib1g               1:1.2.3.3.dfsg-12   compression library - runtime

Versions of packages clamav recommends:
ii  clamav-base          0.94.dfsg.2-1lenny2 anti-virus utility for Unix - base

Versions of packages clamav suggests:
ii  clamav-docs          0.94.dfsg.2-1lenny2 anti-virus utility for Unix - docu
pn  lha                  <none>              (no description available)
pn  unrar                <none>              (no description available)

-- no debconf information





More information about the Pkg-clamav-devel mailing list