Hi Shivananda, Apologies for the delay, just got back to work after the holidays. It appears to me that the clamav user which clamd runs as does not have read permissions to the files that clamonacc is trying to scan.
Unfortunately, the two best options to grant clamd access to scan any file requested by clamonacc are broken at present: 1. My favorite solution is to use the `clamonacc --fdpass` option so that clamd is given access to the file by clamonacc. We have a fix for this ready for the upcoming patch release. 2. My 2nd favorite solution is to have the service manager grant the clamd service CAP_DAC_READ_SEARCH capabilities to read any file. We have a public pull request to test & merge, which should also be included in the upcoming patch release (https://github.com/Cisco-Talos/clamav-devel/pull/135). I hope to have both of these issues fixed in the 0.103.1 patch release later this month. For now, I think you may need to either: - Run clamd as root without setting the `User` config option so it doesn't switch to run as the clamav user, - Run clamonacc in --stream mode (which can be quite slow), or - Add the clamav user to groups that can read the directories that will be watched/scanned. Regards, Micah > -----Original Message----- > From: clamav-devel <clamav-devel-boun...@lists.clamav.net> On Behalf Of > Shivananda Shiragavi > Sent: Tuesday, December 29, 2020 2:10 AM > To: clamav-devel@lists.clamav.net > Subject: [Clamav-devel] Fwd: Error while scanning directory other than /home > directory > > Hi All, > > I am trying to enable *clamonacc* in my machine for /home its working fine > but when I am trying to mention some other directory it is throwing the > following error: > > > > > *ClamWorker: performing scanning on file > '/serverdata/eicar.com.txt'/serverdata/eicar.com.txt: Can't open file or > directory ERRORClamMisc: internal issue (client failed to scan)ClamWorker: > scan failed with error code 32* > > *clamd.conf:* > > > > > *OnAccessIncludePath /serverdataOnAccessPrevention > yesOnAccessExcludeUname clamavOnAccessExcludeRootUID > noOnAccessDisableDDD no* > > Could someone please help me to fix this issue? > > -- > Shivananda Shiragavi > 919860394833 > _______________________________________________ > > clamav-devel mailing list > clamav-devel@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-devel > > Please submit your patches to our Github: https://github.com/Cisco- > Talos/clamav-devel/pulls > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml _______________________________________________ clamav-devel mailing list clamav-devel@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-devel Please submit your patches to our Github: https://github.com/Cisco-Talos/clamav-devel/pulls Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
