[Pkg-clamav-devel] Bug#787249: clamav-daemon: clamdscan scans less than clamscan; worsened in latest release
Marc SCHAEFER
schaefer at alphanet.ch
Sat May 30 11:31:30 UTC 2015
Package: clamav-daemon
Version: 0.98.7+dfsg-0+deb6u2
Severity: normal
Hi,
since the last clamav-daemon LTS update, clamdscan gets one test less than
clamscan:
despam at shakotay:~$ bin/test_clamdscan.sh
8c8
< /usr/share/clamav-testfiles/clam_cache_emax.tgz: OK
---
> /usr/share/clamav-testfiles/clam_cache_emax.tgz: ClamAV-Test-File FOUND
49c49
< Infected files: 38
---
> Infected files: 39
despam at shakotay:~$ clamscan /usr/share/clamav-testfiles/clam_cache_emax.tgz
/usr/share/clamav-testfiles/clam_cache_emax.tgz: ClamAV-Test-File FOUND
However, the problem already existed in previous releases, because my
test script contains a lot of OKs. It just got worse by one case.
Could this be due to some PATH issue in the daemon, not finding some
archivers ?
#! /bin/bash
clamdscan /usr/share/clamav-testfiles/* \
| egrep -v '^Time: ' \
| diff - <(cat <<"EOF"
/usr/share/clamav-testfiles/clam.7z: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.arj: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-aspack.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.bin-be.cpio: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.bin-le.cpio: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.bz2.zip: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.cab: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_cache_emax.tgz: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.chm: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.d64.zip: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.ea05.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.ea06.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.binhex: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.bz2: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.html: OK
/usr/share/clamav-testfiles/clam.exe.mbox.base64: OK
/usr/share/clamav-testfiles/clam.exe.mbox.uu: OK
/usr/share/clamav-testfiles/clam.exe.rtf: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.exe.szdd: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-fsg.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.impl.zip: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_IScab_ext.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_IScab_int.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_ISmsi_ext.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam_ISmsi_int.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.mail: OK
/usr/share/clamav-testfiles/clam-mew.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.newc.cpio: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-nsis.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.odc.cpio: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.ole.doc: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.pdf: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-pespin.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-petite.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.ppt: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.sis: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.tar.gz: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.tnef: OK
/usr/share/clamav-testfiles/clam-upack.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-upx.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-v2.rar: OK
/usr/share/clamav-testfiles/clam-v3.rar: OK
/usr/share/clamav-testfiles/clam-wwpack.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam-yc.exe: ClamAV-Test-File FOUND
/usr/share/clamav-testfiles/clam.zip: ClamAV-Test-File FOUND
----------- SCAN SUMMARY -----------
Infected files: 39
EOF
)
-- Package-specific info:
--- configuration ---
Checking configuration files in /etc/clamav
Config file: clamd.conf
-----------------------
LogFile = "/var/log/clamav/clamav.log"
StatsHostID = "auto"
StatsEnabled disabled
StatsPEDisabled = "yes"
StatsTimeout = "10"
LogFileUnlock disabled
LogFileMaxSize = "4294967295"
LogTime = "yes"
LogClean disabled
LogSyslog = "yes"
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate = "yes"
ExtendedDetectionInfo = "yes"
PidFile = "/var/run/clamav/clamd.pid"
TemporaryDirectory = "/tmp"
DatabaseDirectory = "/var/lib/clamav"
OfficialDatabaseOnly disabled
LocalSocket = "/var/run/clamav/clamd.ctl"
LocalSocketGroup = "despam"
LocalSocketMode = "666"
FixStaleSocket = "yes"
TCPSocket disabled
TCPAddr disabled
MaxConnectionQueueLength = "15"
StreamMaxLength = "104857600"
StreamMinPort = "1024"
StreamMaxPort = "2048"
MaxThreads = "3"
ReadTimeout = "180"
CommandReadTimeout = "5"
SendBufTimeout = "200"
MaxQueue = "100"
IdleTimeout = "30"
ExcludePath disabled
MaxDirectoryRecursion = "15"
FollowDirectorySymlinks disabled
FollowFileSymlinks disabled
CrossFilesystems = "yes"
SelfCheck = "3600"
DisableCache disabled
VirusEvent disabled
ExitOnOOM disabled
AllowAllMatchScan = "yes"
Foreground disabled
Debug disabled
LeaveTemporaryFiles disabled
User = "despam"
AllowSupplementaryGroups disabled
Bytecode = "yes"
BytecodeSecurity = "TrustSigned"
BytecodeTimeout = "60000"
BytecodeUnsigned disabled
BytecodeMode = "Auto"
DetectPUA disabled
ExcludePUA disabled
IncludePUA disabled
AlgorithmicDetection = "yes"
ScanPE = "yes"
ScanELF = "yes"
DetectBrokenExecutables disabled
ScanMail disabled
ScanPartialMessages disabled
PhishingSignatures = "yes"
PhishingScanURLs = "yes"
PhishingAlwaysBlockCloak disabled
PhishingAlwaysBlockSSLMismatch disabled
PartitionIntersection disabled
HeuristicScanPrecedence disabled
StructuredDataDetection disabled
StructuredMinCreditCardCount = "3"
StructuredMinSSNCount = "3"
StructuredSSNFormatNormal = "yes"
StructuredSSNFormatStripped disabled
ScanHTML = "yes"
ScanOLE2 = "yes"
OLE2BlockMacros disabled
ScanPDF = "yes"
ScanSWF = "yes"
ScanArchive = "yes"
ArchiveBlockEncrypted disabled
ForceToDisk disabled
MaxScanSize = "104857600"
MaxFileSize = "26214400"
MaxRecursion = "10"
MaxFiles = "10000"
MaxEmbeddedPE = "10485760"
MaxHTMLNormalize = "10485760"
MaxHTMLNoTags = "2097152"
MaxScriptNormalize = "5242880"
MaxZipTypeRcg = "1048576"
MaxPartitions = "50"
MaxIconsPE = "100"
ScanOnAccess disabled
OnAccessIncludePath disabled
OnAccessExcludePath disabled
OnAccessExcludeUID disabled
OnAccessMaxFileSize = "5242880"
DevACOnly disabled
DevACDepth disabled
DevPerformance disabled
DevLiblog disabled
DisableCertCheck disabled
Config file: freshclam.conf
---------------------------
StatsHostID disabled
StatsEnabled disabled
StatsTimeout disabled
LogFileMaxSize = "4294967295"
LogTime disabled
LogSyslog disabled
LogFacility = "LOG_LOCAL6"
LogVerbose disabled
LogRotate = "yes"
PidFile = "/var/run/clamav/freshclam.pid"
DatabaseDirectory = "/var/lib/clamav/"
Foreground disabled
Debug disabled
AllowSupplementaryGroups disabled
UpdateLogFile = "/var/log/clamav/freshclam.log"
DatabaseOwner = "clamav"
Checks = "5"
DNSDatabaseInfo = "current.cvd.clamav.net"
DatabaseMirror = "db.local.clamav.net", "database.clamav.net", "clamav.easynet.fr", "clamav.switch.ch"
PrivateMirror disabled
MaxAttempts = "5"
ScriptedUpdates = "yes"
TestDatabases = "yes"
CompressLocalDatabase disabled
ExtraDatabase disabled
DatabaseCustomURL disabled
HTTPProxyServer disabled
HTTPProxyPort disabled
HTTPProxyUsername disabled
HTTPProxyPassword disabled
HTTPUserAgent disabled
NotifyClamd = "/etc/clamav/clamd.conf"
OnUpdateExecute disabled
OnErrorExecute disabled
OnOutdatedExecute disabled
LocalIPAddress disabled
ConnectTimeout = "30"
ReceiveTimeout = "30"
SubmitDetectionStats disabled
DetectionStatsCountry disabled
DetectionStatsHostID disabled
SafeBrowsing disabled
Bytecode = "yes"
clamav-milter.conf not found
Software settings
-----------------
Version: 0.98.7
Optional features supported: MEMPOOL IPv6 FRESHCLAM_DNS_FIX AUTOIT_EA06 BZIP2 LIBXML2 ICONV JSON JIT
Database information
--------------------
Database directory: /var/lib/clamav/
WARNING: freshclam.conf and clamd.conf point to different database directories
main.cld: version 55, sigs: 2424225, built on Tue Sep 17 16:57:28 2013
bytecode.cld: version 256, sigs: 45, built on Mon May 18 22:39:32 2015
daily.cld: version 20527, sigs: 1402314, built on Sat May 30 09:39:06 2015
Total number of signatures: 3826584
Platform information
--------------------
uname: Linux 3.10-0.bpo.3-amd64 #1 SMP Debian 3.10.11-1~bpo70+1 (2013-09-24) x86_64
OS: linux-gnu, ARCH: i386, CPU: i486
Full OS version: Debian GNU/Linux 6.0.10 (squeeze)
zlib version: 1.2.3.4 (1.2.3.4), compile flags: 55
Triple: i386-pc-linux-gnu
CPU: i686, Little-endian
platform id: 0x0a1150500404040501040405
Build information
-----------------
GNU C: 4.4.5 (4.4.5)
GNU C++: 4.4.5 (4.4.5)
CPPFLAGS:
CFLAGS: -g -O2 -Wall -D_FILE_OFFSET_BITS=64 -fno-strict-aliasing -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE
CXXFLAGS: -g -O2 -Wall -D_FILE_OFFSET_BITS=64
LDFLAGS:
Configure: '--build=i486-linux-gnu' '--prefix=/usr' '--includedir=/usr/include' '--mandir=/usr/share/man' '--infodir=/usr/share/info' '--sysconfdir=/etc' '--localstatedir=/var' '--libexecdir=/usr/lib/clamav' '--disable-maintainer-mode' '--disable-dependency-tracking' 'CFLAGS=-g -O2 -Wall -D_FILE_OFFSET_BITS=64' 'CPPFLAGS=' 'CXXFLAGS=-g -O2 -Wall -D_FILE_OFFSET_BITS=64' 'LDFLAGS=' '--with-dbdir=/var/lib/clamav' '--sysconfdir=/etc/clamav' '--disable-clamav' '--disable-unrar' '--enable-milter' '--enable-dns-fix' '--with-libjson' '--with-gnu-ld' 'build_alias=i486-linux-gnu'
sizeof(void*) = 4
Engine flevel: 80, dconf: 80
--- data dir ---
total 247912
-rw-r--r-- 1 clamav clamav 389120 May 19 01:38 bytecode.cld
-rw-r--r-- 1 clamav clamav 145904 Aug 13 2004 clamav-cb2c1c03be783b9d
-rw-r--r-- 1 clamav clamav 24352 Jul 4 2004 clamav-eac3491f91258d7e
-rw-r--r-- 1 clamav clamav 89816576 May 30 13:10 daily.cld
-rw-r--r-- 1 root root 33 Jun 9 2004 etc.freshclam.conf.md5sum
-rw-r--r-- 1 clamav clamav 163468288 Sep 18 2013 main.cld
-rw------- 1 clamav clamav 1768 May 30 13:10 mirrors.dat
-- System Information:
Debian Release: 6.0.10
APT prefers squeeze-lts
APT policy: (500, 'squeeze-lts'), (500, 'oldoldstable-updates'), (500, 'oldoldstable')
Architecture: i386 (x86_64)
Kernel: Linux 3.10-0.bpo.3-amd64 (SMP w/8 CPU cores)
Locale: LANG=C, LC_CTYPE=fr_CH.ISO-8859-1 (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash
Versions of packages clamav-daemon depends on:
ii adduser 3.112+nmu2 add and remove users and groups
ii clamav-base 0.98.7+dfsg-0+deb6u2 anti-virus utility for Unix - base
ii clamav-freshclam 0.98.7+dfsg-0+deb6u2 anti-virus utility for Unix - viru
ii debconf [debconf- 1.5.36.1 Debian configuration management sy
ii libbz2-1.0 1.0.5-6+squeeze1 high-quality block-sorting file co
ii libc6 2.11.3-4+deb6u6 Embedded GNU C Library: Shared lib
ii libclamav6 0.98.7+dfsg-0+deb6u2 anti-virus utility for Unix - libr
ii libjson0 0.9-1 JSON manipulation library - shared
ii libltdl7 2.2.6b-2 A system independent dlopen wrappe
ii libncurses5 5.7+20100313-5 shared libraries for terminal hand
ii libssl0.9.8 0.9.8o-4squeeze20 SSL shared libraries
ii libstdc++6 4.4.5-8 The GNU Standard C++ Library v3
ii libxml2 2.7.8.dfsg-2+squeeze11 GNOME XML library
ii lsb-base 3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip
ii ucf 3.0025+nmu1 Update Configuration File: preserv
ii zlib1g 1:1.2.3.4.dfsg-3 compression library - runtime
clamav-daemon recommends no packages.
Versions of packages clamav-daemon suggests:
pn apparmor <none> (no description available)
pn clamav-docs <none> (no description available)
ii daemon 0.6.4-1 turns other processes into daemons
-- Configuration Files:
/etc/logcheck/ignore.d.paranoid/clamav-daemon [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.paranoid/clamav-daemon'
/etc/logcheck/ignore.d.server/clamav-daemon [Errno 13] Permission denied: u'/etc/logcheck/ignore.d.server/clamav-daemon'
-- debconf information:
clamav-daemon/debconf: true
clamav-daemon/ReadTimeout: 180
clamav-daemon/StatsEnabled: false
clamav-daemon/MaxConnectionQueueLength: 15
clamav-daemon/AllowAllMatchScan: true
clamav-daemon/ScanOnAccess: false
clamav-daemon/LogFile: /var/log/clamav/clamav.log
clamav-daemon/ScanMail: false
clamav-daemon/BytecodeTimeout: 60000
clamav-daemon/LogTime: true
clamav-daemon/MaxEmbeddedPE: 10M
clamav-daemon/BytecodeSecurity: TrustSigned
clamav-daemon/ScanSWF: true
clamav-daemon/MaxDirectoryRecursion: 15
clamav-daemon/MaxThreads: 3
clamav-daemon/StatsHostID: auto
clamav-daemon/TCPAddr: any
clamav-daemon/DisableCertCheck: false
clamav-daemon/LocalSocket: /var/run/clamav/clamd.ctl
clamav-daemon/LocalSocketMode: 666
clamav-daemon/StatsTimeout: 10
clamav-daemon/LogSyslog: true
clamav-daemon/AddGroups:
clamav-daemon/ScanArchive: true
clamav-daemon/MaxHTMLNormalize: 10M
clamav-daemon/StatsPEDisabled: true
clamav-daemon/FollowDirectorySymlinks: false
clamav-daemon/StreamMaxLength: 100
clamav-daemon/LogRotate: true
clamav-daemon/OnAccessMaxFileSize: 5M
clamav-daemon/TcpOrLocal: UNIX
clamav-daemon/FixStaleSocket: true
clamav-daemon/User: despam
clamav-daemon/LocalSocketGroup: despam
clamav-daemon/MaxScriptNormalize: 5M
clamav-daemon/ForceToDisk: false
clamav-daemon/FollowFileSymlinks: false
clamav-daemon/TCPSocket: 3310
clamav-daemon/SelfCheck: 3600
clamav-daemon/MaxZipTypeRcg: 1M
clamav-daemon/MaxHTMLNoTags: 2M
clamav-daemon/Bytecode: true
More information about the Pkg-clamav-devel
mailing list