Package: clamav Version: 0.94.dfsg.2-1lenny2 Severity: normal
Was using the option --exclude=//sys/ in clamscan to not scan the /sys directory, when running a scan of the entire system (clamscan -r /). This worked in clamscan 0.90.x and 0.92.1. After upgrade to lenny, my clamscan report now includes a bunch of open errors on things in /sys . Old clamscan doc used to say to add an extra '/' to the beginning of the exclude pattern, to indicate that the pattern was in a root directory, and did not require any wildcards. Faster testcase: Try to prevent scanning of the /sys/block directory's contents, when scanning the /sys directory tree: # clamscan -r /sys scans everything under /sys, as it should None of the following variants prevent scanning the /sys/block directory: # clamscan -r --exclude=/block/ /sys # clamscan -r --exclude=block /sys # clamscan -r --exclude='block' /sys # clamscan -r --exclude='.*block.*' /sys # clamscan -r --exclude='\.*block\.*' /sys # clamscan -r --exclude='/.*block.*/' /sys # clamscan -r --exclude='*block*' /sys -- Package-specific info: --- configuration --- /etc/clamav/clamd.conf: clamd directives ------------------------------ LogFile = "/var/log/clamav/clamav.log" LogFileUnlock = no LogFileMaxSize = 0 LogTime = yes LogClean = no LogVerbose = no LogSyslog = no LogFacility = "LOG_LOCAL6" PidFile = "/var/run/clamav/clamd.pid" TemporaryDirectory = "/tmp" ScanPE = yes ScanELF = yes DetectBrokenExecutables = no ScanMail = yes MailFollowURLs = no ScanPartialMessages = no PhishingSignatures = yes PhishingScanURLs = yes PhishingAlwaysBlockCloak = no PhishingAlwaysBlockSSLMismatch = no HeuristicScanPrecedence = no DetectPUA = no ExcludePUA not set IncludePUA not set StructuredDataDetection = no StructuredMinCreditCardCount = 3 StructuredMinSSNCount = 3 StructuredSSNFormatNormal = yes StructuredSSNFormatStripped = no AlgorithmicDetection = yes ScanHTML = yes ScanOLE2 = yes ScanPDF = yes ScanArchive = yes MaxScanSize = 104857600 MaxFileSize = 26214400 MaxRecursion = 16 MaxFiles = 10000 ArchiveLimitMemoryUsage = no ArchiveBlockEncrypted = no DatabaseDirectory = "/var/lib/clamav" TCPAddr not set TCPSocket not set LocalSocket = "/var/run/clamav/clamd.ctl" MaxConnectionQueueLength = 15 StreamMaxLength = 10485760 StreamMinPort = 1024 StreamMaxPort = 2048 MaxThreads = 12 ReadTimeout = 180 IdleTimeout = 30 MaxDirectoryRecursion = 15 ExcludePath not set FollowDirectorySymlinks = no FollowFileSymlinks = no ExitOnOOM = no Foreground = no Debug = no LeaveTemporaryFiles = no FixStaleSocket = yes User = "clamav" AllowSupplementaryGroups = yes SelfCheck = 3600 VirusEvent not set ClamukoScanOnAccess not set ClamukoScanOnOpen not set ClamukoScanOnClose not set ClamukoScanOnExec not set ClamukoIncludePath not set ClamukoExcludePath not set ClamukoMaxFileSize = 5242880 DevACOnly not set DevACDepth not set *** MailMaxRecursion is DEPRECATED *** *** ArchiveMaxFileSize is DEPRECATED *** *** ArchiveMaxRecursion is DEPRECATED *** *** ArchiveMaxFiles is DEPRECATED *** *** ArchiveMaxCompressionRatio is DEPRECATED *** *** ArchiveBlockMax is DEPRECATED *** /etc/clamav/freshclam.conf: freshclam directives ------------------------------ LogFileMaxSize = 0 LogTime = no LogVerbose = no LogSyslog = no LogFacility = "LOG_LOCAL6" PidFile = "/var/run/clamav/freshclam.pid" DatabaseDirectory = "/var/lib/clamav/" Foreground = no Debug = no AllowSupplementaryGroups = no DatabaseOwner = "clamav" Checks = 24 UpdateLogFile = "/var/log/clamav/freshclam.log" DNSDatabaseInfo = "current.cvd.clamav.net" DatabaseMirror = "db.local.clamav.net" DatabaseMirror = "database.clamav.net" MaxAttempts = 5 ScriptedUpdates = yes CompressLocalDatabase = no HTTPProxyServer not set HTTPProxyPort not set HTTPProxyUsername not set HTTPProxyPassword not set HTTPUserAgent not set NotifyClamd not set OnUpdateExecute not set OnErrorExecute not set OnOutdatedExecute not set LocalIPAddress not set ConnectTimeout = 30 ReceiveTimeout = 30 SubmitDetectionStats not set DetectionStatsCountry not set Engine and signature databases ------------------------------ Engine version: 0.94.2 Database directory: /var/lib/clamav/ main db: Format: .cld, Version: 50, Build time: Sun Feb 15 16:47:25 2009 daily db: Format: .cld, Version: 9280, Build time: Thu Apr 23 14:37:01 2009 --- data dir --- total 46184 -rw-r--r-- 1 clamav clamav 2839552 2009-04-23 15:45:32 daily.cld -rw-r--r-- 1 clamav clamav 44391424 2009-04-20 05:08:16 main.cld -rw------- 1 clamav clamav 780 2009-04-23 17:45:32 mirrors.dat -- System Information: Debian Release: 5.0.1 APT prefers proposed-updates APT policy: (500, 'proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686-bigmem (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages clamav depends on: ii clamav-freshclam [cl 0.94.dfsg.2-1lenny2 anti-virus utility for Unix - viru ii libbz2-1.0 1.0.5-1 high-quality block-sorting file co ii libc6 2.9-6 GNU C Library: Shared libraries ii libclamav5 0.94.dfsg.2-1lenny2 anti-virus utility for Unix - libr ii libgmp3c2 2:4.2.2+dfsg-3 Multiprecision arithmetic library ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime Versions of packages clamav recommends: ii clamav-base 0.94.dfsg.2-1lenny2 anti-virus utility for Unix - base Versions of packages clamav suggests: ii clamav-docs 0.94.dfsg.2-1lenny2 anti-virus utility for Unix - docu pn lha <none> (no description available) pn unrar <none> (no description available) -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org