Virgo Pärna wrote:
On Tue, 28 Nov 2006 12:25:14 -0800, Dennis Peterson <[EMAIL PROTECTED]> wrote:
Chris Purves wrote:
/tmp/clamscan/*' I get the following error:
/usr/bin/clamscan: Argument list too long
This sounds like the command line limit for the OS. The list is quite
large at 5000 - for that it would probably make sense to script a Perl
solution that uses the stream input to clamd via sockets. Perl can also
Well, I think that much easier would be to run
clamscan /tmp/clamscan
instead of
clamscan /tmp/clamscan/*
That won't work. Let me summarize where this thread has gone:
All the files in /tmp/clamscan are soft links to files scattered around
the disk. They were created for the purpose of providing a single
location for clamscan to use to scan a varying list of files on a
nightly basis. Clamscan does not scan links in recursive mode hence the
method suggested.
An unknown problem at the time of the suggestion was the large number of
files in /tmp/clamscan - far more than can be handled with the command
shown. It is an OS limitation. And since another requirement is to avoid
multiple invocations of clamscan, other tools such as xargs are not
appropriate.
The most recent suggestion is to run a perl script that reads in a text
file list of files to scan, and to submit those files to clamd in a
stream via a socket connection. This gets around the requirement of
running clamd as root while still scanning files otherwise unreadable by
clamd user. It also allows preprocessing the list to deal with unusual
characters in the filename such as spaces and linefeeds, and to create a
log of results.
There is a Perl module at CPAN that handles all the ClamAV functions
needed and with a little additional code the OP can recreate a work
alike to clamscan that can read a file list of files to scan and submit
them to clamd in a stream, and to capture the scan results to a log. And
since this allows scanning the files in situ, it is no longer needed to
create links to them in /tmp.
The additional suggestion was put forward that one could hack the
clamscan code to provide for reading in a list of files to scan and a
product improvement bug was submitted but that there was concern the
coders were so busy writing patterns for phishing exploits there wasn't
time to work on the software. This last part is intended as humor.
dp
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html
