The clamav user would also have to have access to /home/<user> for this to work. You might try using a different directory to test it. Also, if your script doesn't start with the #!/bin/sh or #!/bin/bash or something similar, you may need to change:
VirusEvent /<path>/<to>/<script>/vfound.sh To: VirusEvent /bin/sh /<path>/<to>/<script>/vfound.sh -Micah > -----Original Message----- > From: clamav-devel <clamav-devel-boun...@lists.clamav.net> On Behalf Of > Shivananda Shiragavi > Sent: Thursday, January 7, 2021 7:36 PM > To: ClamAV Development <clamav-devel@lists.clamav.net> > Subject: Re: [Clamav-devel] Fwd: Error while scanning directory other than > /home directory > > I have given full permission to /home/<user>/shiva directory, also I am > running > clamav as root user and clamonacc is also by default root user only. > In this case it should run.... > > On Thu, 7 Jan, 2021, 7:39 pm Jacek Zapała, <ja...@it.pl> wrote: > > > Can clamav really execute this script? > > How about directory permissions? I mean /home/<user>/shiva and > > /home/<user> ? > > > > On 1/6/21 7:22 AM, Shivananda Shiragavi wrote: > > > I have given the full permission to bash file and even in clamd.conf > > also I > > > have mentioned the full path of bash file. But unfortunately, it is > > > not executing. > > > > > > bash file execution permission: > > > -rwxrwxrwx 1 <user> <user> 39 Dec 30 01:29 vfound.sh > > > > > > clamd.conf: > > > VirusEvent /home/<user>/shiva/vfound.sh > > > > > > --- > > > Shivananda S. > > > > > > On Wed, Jan 6, 2021 at 1:06 AM Micah Snyder (micasnyd) < > > micas...@cisco.com> > > > wrote: > > > > > >> Good to hear it's working with TCP. Strange that it didn't work > > >> with the local socket option. I most frequently test with the local > > >> socket. > > >> > > >> VirusEvent may require the full path to any programs it calls. > > >> Also remember that it may be executed by the clamd process as the > > >> clamav > > user so > > >> it will need permission to read/execute the script you're using. > > >> > > >> -Micah > > >> > > >>> -----Original Message----- > > >>> From: clamav-devel <clamav-devel-boun...@lists.clamav.net> On > > >>> Behalf > > Of > > >>> Shivananda Shiragavi > > >>> Sent: Monday, January 4, 2021 11:43 PM > > >>> To: ClamAV Development <clamav-devel@lists.clamav.net> > > >>> Subject: Re: [Clamav-devel] Fwd: Error while scanning directory > > >>> other > > >> than > > >>> /home directory > > >>> > > >>> Thanks for the reply Micah, > > >>> > > >>> With the local socket option, I was getting the issues but when I > > >>> tried > > >> with TCP > > >>> it worked. Now I am facing issues with VirusEvent, after finding > > >>> the > > >> virus the > > >>> event should suppose to gets called and trigger the shell script > > >>> but > > >> it's not > > >>> happening. > > >>> > > >>> Thanks, > > >>> Shivananda S. > > >>> > > >>> On Tue, Jan 5, 2021 at 5:34 AM Micah Snyder (micasnyd) > > >>> <micas...@cisco.com> > > >>> wrote: > > >>> > > >>>> Hi Shivananda, > > >>>> > > >>>> Apologies for the delay, just got back to work after the holidays. > > >>>> It appears to me that the clamav user which clamd runs as does > > >>>> not have read permissions to the files that clamonacc is trying to > > >>>> scan. > > >>>> > > >>>> Unfortunately, the two best options to grant clamd access to scan > > >>>> any file requested by clamonacc are broken at present: > > >>>> 1. My favorite solution is to use the `clamonacc --fdpass` option > > >>>> so that clamd is given access to the file by clamonacc. We have a > > >>>> fix for this ready for the upcoming patch release. > > >>>> 2. My 2nd favorite solution is to have the service manager grant > > >>>> the clamd service CAP_DAC_READ_SEARCH capabilities to read any > > >>>> file. We have a public pull request to test & merge, which should > > >>>> also be included in the upcoming patch release > > >>>> (https://github.com/Cisco- > > >>> Talos/clamav-devel/pull/135). > > >>>> I hope to have both of these issues fixed in the 0.103.1 patch > > >>>> release later this month. > > >>>> > > >>>> For now, I think you may need to either: > > >>>> - Run clamd as root without setting the `User` config option so > > >>>> it doesn't switch to run as the clamav user, > > >>>> - Run clamonacc in --stream mode (which can be quite slow), or > > >>>> - Add the clamav user to groups that can read the directories > > >>>> that will be watched/scanned. > > >>>> > > >>>> Regards, > > >>>> Micah > > >>>> > > >>>>> -----Original Message----- > > >>>>> From: clamav-devel <clamav-devel-boun...@lists.clamav.net> On > > >>>>> Behalf Of Shivananda Shiragavi > > >>>>> Sent: Tuesday, December 29, 2020 2:10 AM > > >>>>> To: clamav-devel@lists.clamav.net > > >>>>> Subject: [Clamav-devel] Fwd: Error while scanning directory > > >>>>> other than > > >>>> /home > > >>>>> directory > > >>>>> > > >>>>> Hi All, > > >>>>> > > >>>>> I am trying to enable *clamonacc* in my machine for /home its > > >>>>> working > > >>>> fine > > >>>>> but when I am trying to mention some other directory it is > > >>>>> throwing the following error: > > >>>>> > > >>>>> > > >>>>> > > >>>>> > > >>>>> *ClamWorker: performing scanning on file > > >>>>> '/serverdata/eicar.com.txt'/serverdata/eicar.com.txt: Can't open > > >>>>> file or directory ERRORClamMisc: internal issue (client failed > > >>>>> to > > >>>> scan)ClamWorker: > > >>>>> scan failed with error code 32* > > >>>>> > > >>>>> *clamd.conf:* > > >>>>> > > >>>>> > > >>>>> > > >>>>> > > >>>>> *OnAccessIncludePath /serverdataOnAccessPrevention > > >>>>> yesOnAccessExcludeUname clamavOnAccessExcludeRootUID > > >>>>> noOnAccessDisableDDD no* > > >>>>> > > >>>>> Could someone please help me to fix this issue? > > >>>>> > > >>>>> -- > > >>>>> Shivananda Shiragavi > > >>>>> _______________________________________________ > > >>>>> > > >>>>> clamav-devel mailing list > > >>>>> clamav-devel@lists.clamav.net > > >>>>> https://lists.clamav.net/mailman/listinfo/clamav-devel > > >>>>> > > >>>>> Please submit your patches to our Github: > > >>>>> https://github.com/Cisco- Talos/clamav-devel/pulls > > >>>>> > > >>>>> Help us build a comprehensive ClamAV guide: > > >>>>> https://github.com/vrtadmin/clamav-faq > > >>>>> > > >>>>> http://www.clamav.net/contact.html#ml > > >>>> _______________________________________________ > > >>>> > > >>>> clamav-devel mailing list > > >>>> clamav-devel@lists.clamav.net > > >>>> https://lists.clamav.net/mailman/listinfo/clamav-devel > > >>>> > > >>>> Please submit your patches to our Github: > > >>>> https://github.com/Cisco-Talos/clamav-devel/pulls > > >>>> > > >>>> Help us build a comprehensive ClamAV guide: > > >>>> https://github.com/vrtadmin/clamav-faq > > >>>> > > >>>> http://www.clamav.net/contact.html#ml > > >>>> > > >>> > > >>> > > >>> -- > > >>> Shivananda Shiragavi > > >>> _______________________________________________ > > >>> > > >>> clamav-devel mailing list > > >>> clamav-devel@lists.clamav.net > > >>> https://lists.clamav.net/mailman/listinfo/clamav-devel > > >>> > > >>> Please submit your patches to our Github: > > >>> https://github.com/Cisco- Talos/clamav-devel/pulls > > >>> > > >>> Help us build a comprehensive ClamAV guide: > > >>> https://github.com/vrtadmin/clamav-faq > > >>> > > >>> http://www.clamav.net/contact.html#ml > > >> _______________________________________________ > > >> > > >> clamav-devel mailing list > > >> clamav-devel@lists.clamav.net > > >> https://lists.clamav.net/mailman/listinfo/clamav-devel > > >> > > >> Please submit your patches to our Github: > > >> https://github.com/Cisco-Talos/clamav-devel/pulls > > >> > > >> Help us build a comprehensive ClamAV guide: > > >> https://github.com/vrtadmin/clamav-faq > > >> > > >> http://www.clamav.net/contact.html#ml > > >> > > > _______________________________________________ > > > > > > clamav-devel mailing list > > > clamav-devel@lists.clamav.net > > > https://lists.clamav.net/mailman/listinfo/clamav-devel > > > > > > Please submit your patches to our Github: > > https://github.com/Cisco-Talos/clamav-devel/pulls > > > > > > Help us build a comprehensive ClamAV guide: > > > https://github.com/vrtadmin/clamav-faq > > > > > > http://www.clamav.net/contact.html#ml > > > > > _______________________________________________ > > > > clamav-devel mailing list > > clamav-devel@lists.clamav.net > > https://lists.clamav.net/mailman/listinfo/clamav-devel > > > > Please submit your patches to our Github: > > https://github.com/Cisco-Talos/clamav-devel/pulls > > > > Help us build a comprehensive ClamAV guide: > > https://github.com/vrtadmin/clamav-faq > > > > http://www.clamav.net/contact.html#ml > > > _______________________________________________ > > clamav-devel mailing list > clamav-devel@lists.clamav.net > https://lists.clamav.net/mailman/listinfo/clamav-devel > > Please submit your patches to our Github: https://github.com/Cisco- > Talos/clamav-devel/pulls > > Help us build a comprehensive ClamAV guide: > https://github.com/vrtadmin/clamav-faq > > http://www.clamav.net/contact.html#ml _______________________________________________ clamav-devel mailing list clamav-devel@lists.clamav.net https://lists.clamav.net/mailman/listinfo/clamav-devel Please submit your patches to our Github: https://github.com/Cisco-Talos/clamav-devel/pulls Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
