At 05:29 PM 12/9/2006, Bill Landry wrote:
Tomasz Kojm wrote the following on 12/7/2006 2:01 AM -0800:
> You should be more careful with what you're downloading into the database
> directory. For the official database freshclam makes a number of tests to
> prevent installing broken files. For 3rd party databases I'd suggest calling > 'clamscan -d file.ndb' before installing file.ndb in the database dir and/or
> asking the creator to provide you with online checksum for the file.

I must be doing something wrong here.  I am running Fedora Core 3 with:

    clamscan -V
    ClamAV 0.88.6/2312/Sat Dec  9 10:46:45 2006

However, when I attempt to scan an individual file as Tomasz  shows
above, I get all files in the directory scanned:

    clamscan -d scam.ndb
    /var/tmp/clamdb/phish.ndb: OK
    /var/tmp/clamdb/MSRBL-Images.hdb: OK
    /var/tmp/clamdb/phish.ndb.gz: OK
    /var/tmp/clamdb/scam.ndb: OK
    /var/tmp/clamdb/MSRBL-SPAM.ndb: OK
    /var/tmp/clamdb/scam.ndb.gz: OK

    ----------- SCAN SUMMARY -----------
    Known viruses: 3841
    Engine version: 0.88.6
    Scanned directories: 1
    Scanned files: 6
    Infected files: 0
    Data scanned: 6.27 MB
    Time: 2.852 sec (0 m 2 s)

This does not allow me to detect a problem with a specific database
file.  Any suggestions?

You miss the point... If the database is a bad format "clamscan -d foo.ndb" will FAIL. So you can use it as a basic test for a sane database. At this point you don't care about actually scanning the files in the directory, that's just a side effect. What you care about is if the command succeeds (exit status 0) or fails (exit status non-0).

You use it in some tmp directory something like this:

clamscan --quiet -d foo.ndb && \
   cp -p foo.ndb /var/db/clamav

If the clamscan command fails, the copy is not performed.

--
Noel Jones
_______________________________________________
Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net
http://lurker.clamav.net/list/clamav-users.html

Reply via email to