Hello folks, So, since Apple's 2006-001 update causes McAfee's Virex to break (segfaults after an hour or so of operation) on our OS X Server machine (which 2006-002, even v1.1 don't fix) and I'm required by powers greater than me to use a virus scanner on the machine, I started looking in to ClamAV to use for the scanner used in some (daily and weekly) periodic scripts.
The one packaged with OS X Server is, of course, broken. It does not respect multiple --exclude-dir arguments. No biggie, though...I left the system one in place to handle e-mail tagging through amavisd and just built my own in /usr/clamav, which I will use for my file system scans until Apple fixes their broken one. Oddly enough, the ClamAV people have had a working version out for a while, but Apple hasn't bothered to update their packaged version. So, on to my problem...Now, with my spiffy new clamscan, which isn't broken and actually respects multiple --exclude-dir commands, I have the same problem I had with the old clamscan. If I run a recursive scan starting at the top of the file system (/), it restarts again at the top after going through all the subdirs, and I can't figure out why. I've already excluded all the dirs that have symlinks back to the top of the file system. I've tried setting --max-recursion=0. This does not occur on any FreeBSD or Linux box I've tried it on...What gives? If I scan individual directories recursively everything works all right, but doing the entire system seems to have issue. Does anyone have any ideas or a work-around? I'd prefer a good fix with reasons instead of a hack. The command I'm using right now is: sudo -u clamav /usr/clamav/bin/clamscan -r --exclude-dir=/automount --exclude-dir=/Volumes / You can include the -i flag if you only want to see only infected files, but I was hoping to see why the damned thing's broken. Another question...Why does clamscan prefix all of its paths in the output with an extra /? As an aside, I have had nothing but trouble with OS X Server, mostly due to Apple packaging stuff with their OS that you can't disinclude and that I want to make changes to. If I didn't need OpenDirectory (and I'm looking for alternatives) I'd just dump Server entirely and put regular OS X on the machine. Actually, I'd rather just replace it with a FreeBSD x86 machine and not have to pay the Apple hardware premium or deal with the draconian mass updates, either... Thanks, Josh -- Josh Tolbert [EMAIL PROTECTED] || http://www.puresimplicity.net/~hemi/ Security is mostly a superstition. It does not exist in nature, nor do the children of men as a whole experience it. Avoiding danger is no safer in the long run than outright exposure. Life is either a daring adventure, or nothing. -- Helen Keller _______________________________________________ http://lurker.clamav.net/list/clamav-users.html
