[Pkg-clamav-devel] Bug#525358: clamav: clamscan --exclude option stopped working
The Count
usnay12345 at yahoo.com
Thu Apr 23 22:36:05 UTC 2009
Package: clamav
Version: 0.94.dfsg.2-1lenny2
Severity: normal
Was using the option --exclude=//sys/ in clamscan to not scan the /sys
directory, when running a scan of the entire system (clamscan -r /). This
worked in clamscan 0.90.x and 0.92.1. After upgrade to lenny, my clamscan
report now includes a bunch of open errors on things in /sys . Old clamscan
doc used to say to add an extra '/' to the beginning of the exclude pattern,
to indicate that the pattern was in a root directory, and did not require
any wildcards.
Faster testcase:
Try to prevent scanning of the /sys/block directory's contents, when scanning
the /sys directory tree:
# clamscan -r /sys
scans everything under /sys, as it should
None of the following variants prevent scanning the /sys/block directory:
# clamscan -r --exclude=/block/ /sys
# clamscan -r --exclude=block /sys
# clamscan -r --exclude='block' /sys
# clamscan -r --exclude='.*block.*' /sys
# clamscan -r --exclude='\.*block\.*' /sys
# clamscan -r --exclude='/.*block.*/' /sys
# clamscan -r --exclude='*block*' /sys
-- Package-specific info:
--- configuration ---
/etc/clamav/clamd.conf: clamd directives
------------------------------
LogFile = "/var/log/clamav/clamav.log"
LogFileUnlock = no
LogFileMaxSize = 0
LogTime = yes
LogClean = no
LogVerbose = no
LogSyslog = no
LogFacility = "LOG_LOCAL6"
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory = "/tmp"
ScanPE = yes
ScanELF = yes
DetectBrokenExecutables = no
ScanMail = yes
MailFollowURLs = no
ScanPartialMessages = no
PhishingSignatures = yes
PhishingScanURLs = yes
PhishingAlwaysBlockCloak = no
PhishingAlwaysBlockSSLMismatch = no
HeuristicScanPrecedence = no
DetectPUA = no
ExcludePUA not set
IncludePUA not set
StructuredDataDetection = no
StructuredMinCreditCardCount = 3
StructuredMinSSNCount = 3
StructuredSSNFormatNormal = yes
StructuredSSNFormatStripped = no
AlgorithmicDetection = yes
ScanHTML = yes
ScanOLE2 = yes
ScanPDF = yes
ScanArchive = yes
MaxScanSize = 104857600
MaxFileSize = 26214400
MaxRecursion = 16
MaxFiles = 10000
ArchiveLimitMemoryUsage = no
ArchiveBlockEncrypted = no
DatabaseDirectory = "/var/lib/clamav"
TCPAddr not set
TCPSocket not set
LocalSocket = "/var/run/clamav/clamd.ctl"
MaxConnectionQueueLength = 15
StreamMaxLength = 10485760
StreamMinPort = 1024
StreamMaxPort = 2048
MaxThreads = 12
ReadTimeout = 180
IdleTimeout = 30
MaxDirectoryRecursion = 15
ExcludePath not set
FollowDirectorySymlinks = no
FollowFileSymlinks = no
ExitOnOOM = no
Foreground = no
Debug = no
LeaveTemporaryFiles = no
FixStaleSocket = yes
User = "clamav"
AllowSupplementaryGroups = yes
SelfCheck = 3600
VirusEvent not set
ClamukoScanOnAccess not set
ClamukoScanOnOpen not set
ClamukoScanOnClose not set
ClamukoScanOnExec not set
ClamukoIncludePath not set
ClamukoExcludePath not set
ClamukoMaxFileSize = 5242880
DevACOnly not set
DevACDepth not set
*** MailMaxRecursion is DEPRECATED ***
*** ArchiveMaxFileSize is DEPRECATED ***
*** ArchiveMaxRecursion is DEPRECATED ***
*** ArchiveMaxFiles is DEPRECATED ***
*** ArchiveMaxCompressionRatio is DEPRECATED ***
*** ArchiveBlockMax is DEPRECATED ***
/etc/clamav/freshclam.conf: freshclam directives
------------------------------
LogFileMaxSize = 0
LogTime = no
LogVerbose = no
LogSyslog = no
LogFacility = "LOG_LOCAL6"
PidFile = "/var/run/clamav/freshclam.pid"
DatabaseDirectory = "/var/lib/clamav/"
Foreground = no
Debug = no
AllowSupplementaryGroups = no
DatabaseOwner = "clamav"
Checks = 24
UpdateLogFile = "/var/log/clamav/freshclam.log"
DNSDatabaseInfo = "current.cvd.clamav.net"
DatabaseMirror = "db.local.clamav.net"
DatabaseMirror = "database.clamav.net"
MaxAttempts = 5
ScriptedUpdates = yes
CompressLocalDatabase = no
HTTPProxyServer not set
HTTPProxyPort not set
HTTPProxyUsername not set
HTTPProxyPassword not set
HTTPUserAgent not set
NotifyClamd not set
OnUpdateExecute not set
OnErrorExecute not set
OnOutdatedExecute not set
LocalIPAddress not set
ConnectTimeout = 30
ReceiveTimeout = 30
SubmitDetectionStats not set
DetectionStatsCountry not set
Engine and signature databases
------------------------------
Engine version: 0.94.2
Database directory: /var/lib/clamav/
main db: Format: .cld, Version: 50, Build time: Sun Feb 15 16:47:25 2009
daily db: Format: .cld, Version: 9280, Build time: Thu Apr 23 14:37:01 2009
--- data dir ---
total 46184
-rw-r--r-- 1 clamav clamav 2839552 2009-04-23 15:45:32 daily.cld
-rw-r--r-- 1 clamav clamav 44391424 2009-04-20 05:08:16 main.cld
-rw------- 1 clamav clamav 780 2009-04-23 17:45:32 mirrors.dat
-- System Information:
Debian Release: 5.0.1
APT prefers proposed-updates
APT policy: (500, 'proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-2-686-bigmem (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages clamav depends on:
ii clamav-freshclam [cl 0.94.dfsg.2-1lenny2 anti-virus utility for Unix - viru
ii libbz2-1.0 1.0.5-1 high-quality block-sorting file co
ii libc6 2.9-6 GNU C Library: Shared libraries
ii libclamav5 0.94.dfsg.2-1lenny2 anti-virus utility for Unix - libr
ii libgmp3c2 2:4.2.2+dfsg-3 Multiprecision arithmetic library
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
Versions of packages clamav recommends:
ii clamav-base 0.94.dfsg.2-1lenny2 anti-virus utility for Unix - base
Versions of packages clamav suggests:
ii clamav-docs 0.94.dfsg.2-1lenny2 anti-virus utility for Unix - docu
pn lha <none> (no description available)
pn unrar <none> (no description available)
-- no debconf information
More information about the Pkg-clamav-devel
mailing list